CVE-2013-1489

NONECVSS 0.0

0.0

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 10 and Update 11, when running on Windows using Internet Explorer, Firefox, Opera, and Google Chrome, allows remote attackers to bypass the "Very High" security level of the Java Control Panel and execute unsigned Java code without prompting the user via unknown vectors, aka "Issue 53" and the "Java Security Slider" vulnerability.

🔗 References (28)

secalert_us@oraclehttp://blogs.computerworld.com/malware-and-vulnerabilities/21693/yet-another-java-security-flaw-discovered-number-53
secalert_us@oraclehttp://marc.info/?l=bugtraq&m=136439120408139&w=2
secalert_us@oraclehttp://marc.info/?l=bugtraq&m=136733161405818&w=2
secalert_us@oraclehttp://rhn.redhat.com/errata/RHSA-2013-0237.html
secalert_us@oraclehttp://seclists.org/fulldisclosure/2013/Jan/241
secalert_us@oraclehttp://thenextweb.com/insider/2013/01/28/new-vulnerability-bypasses-oracles-attempt-to-stop-malware-drive-by-downloads-via-java-applets/
secalert_us@oraclehttp://www.informationweek.com/security/application-security/java-security-work-remains-bug-hunter-sa/240147150
secalert_us@oraclehttp://www.kb.cert.org/vuls/id/858729
secalert_us@oraclehttp://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html
secalert_us@oraclehttp://www.scmagazine.com.au/News/330453%2Cjava-still-unsafe-new-flaws-discovered.aspx
secalert_us@oraclehttp://www.us-cert.gov/cas/techalerts/TA13-032A.html
secalert_us@oraclehttp://www.zdnet.com/java-update-doesnt-prevent-silent-exploits-at-all-7000010422/
secalert_us@oraclehttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15906
secalert_us@oraclehttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19171
af854a3a-2127-422b-91ae-364da2661108http://blogs.computerworld.com/malware-and-vulnerabilities/21693/yet-another-java-security-flaw-discovered-number-53

Is Your Infrastructure Affected by CVE-2013-1489?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2013-1489

📅 Published

🔄 Last Modified

🔗 References (28)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2013-1489?