Russian Vulnerability Scanner Database

Back to List

CVE-2013-0422

Scores

EPSS

0.936high93.6%
0%20%40%60%80%100%

Percentile: 93.6%

CVSS

9.8critical3.x
0246810

CVSS Score: 9.8/10

All CVSS Scores

CVSS 3.x
9.8

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS 2.0
6.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Description

Multiple vulnerabilities in Oracle Java 7 before Update 11 allow remote attackers to execute arbitrary code by (1) using the public getMBeanInstantiator method in the JmxMBeanServer class to obtain a reference to a private MBeanInstantiator object, then retrieving arbitrary Class references using the findClass method, and (2) using the Reflection API with recursion in a way that bypasses a security check by the java.lang.invoke.MethodHandles.Lookup.checkSecurityManager method due to the inability of the sun.reflect.Reflection.getCallerClass method to skip frames related to the new reflection API, as exploited in the wild in January 2013, as demonstrated by Blackhole and Nuclear Pack, and a different vulnerability than CVE-2012-4681 and CVE-2012-3174. NOTE: some parties have mapped the recursive Reflection API issue to CVE-2012-3174, but CVE-2012-3174 is for a different vulnerability whose details are not public as of 20130114. CVE-2013-0422 covers both the JMX/MBean and Reflection API issues. NOTE: it was originally reported that Java 6 was also vulnerable, but the reporter has retracted this claim, stating that Java 6 is not exploitable because the relevant code is called in a way that does not bypass security checks. NOTE: as of 20130114, a reliable third party has claimed that the findClass/MBeanInstantiator vector was not fixed in Oracle Java 7 Update 11. If there is still a vulnerable condition, then a separate CVE identifier might be created for the unfixed issue.

Scaner-VS 7 — a modern vulnerability management solution

Uses this database for vulnerability detection. High-speed search, cross-platform, advanced configuration audit, and flexible filtering. Suitable for organizations of any size.
Learn more about Scaner-VS 7

Sources

debiannvdredhatubuntu

CWEs

CWE-264

Related Vulnerabilities

BDU:2022-03304

Exploits

Exploit ID: CVE-2013-0422

Source: cisa

URL: https://www.cisa.gov/known-exploited-vulnerabilities-catalog

Exploit ID: 24045

Source: exploitdb

URL: https://www.exploit-db.com/exploits/24045

Recommendations

Source: nvd

Before applying this update, make sure all previously-released erratarelevant to your system have been applied.
This update is available via the Red Hat Network. Details on how touse the Red Hat Network to apply this update are available athttps://access.redhat.com/knowledge/articles/11258

URL: http://rhn.redhat.com/errata/RHSA-2013-0165.html

Source: nvd

Before applying this update, make sure all previously-released erratarelevant to your system have been applied.
This update is available via the Red Hat Network. Details on how touse the Red Hat Network to apply this update are available athttps://access.redhat.com/knowledge/articles/11258

URL: http://rhn.redhat.com/errata/RHSA-2013-0156.html

Vulnerable Software (15)

Type: Configuration

Product: java-1.7.0-ibm

Operating System: rhel

Trait: 
{  "fixed": "1.7.0.4.0-1jpp.2.el5_9"}

Source: redhat

Type: Configuration

Product: java-1.7.0-ibm

Operating System: rhel

Trait: 
{  "fixed": "1.7.0.4.0-1jpp.2.el6_4"}

Source: redhat

Type: Configuration

Product: java-1.7.0-openjdk

Operating System: rhel 5

Trait: 
{  "fixed": "1.7.0.9-2.3.4.el5_9.1"}

Source: redhat

Type: Configuration

Product: java-1.7.0-openjdk

Operating System: rhel 6

Trait: 
{  "fixed": "1.7.0.9-2.3.4.1.el6_3"}

Source: redhat

Type: Configuration

Product: java-1.7.0-oracle

Operating System: rhel

Trait: 
{  "fixed": "1.7.0.11-1jpp.3.el5_9"}

Source: redhat

Type: Configuration

Product: java-1.7.0-oracle

Operating System: rhel

Trait: 
{  "fixed": "1.7.0.11-1jpp.3.el6_3"}

Source: redhat

Type: Configuration

Product: openjdk-6

Operating System: debian

Trait: 
{  "unaffected": true}

Source: debian

Type: Configuration

Product: openjdk-6

Operating System: ubuntu hardy 8.04

Trait: 
{  "unfixed": true}

Source: ubuntu

Type: Configuration

Product: openjdk-7

Operating System: debian

Trait: 
{  "fixed": "7u3-2.1.4-1"}

Source: debian

Type: Configuration

Product: sun-java5

Operating System: ubuntu hardy 8.04

Trait: 
{  "unfixed": true}

Source: ubuntu

Type: Configuration

Product: sun-java6

Operating System: ubuntu hardy 8.04

Trait: 
{  "unfixed": true}

Source: ubuntu

Type: Configuration

Vendor: *

Product: jdk

Operating System: * * *

Trait: 
{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:a:oracle:jdk:1.7.0:-:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*",      "...

Source: nvd

Type: Configuration

Vendor: *

Product: jre

Operating System: * * *

Trait: 
{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:a:oracle:jdk:1.7.0:-:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*",      "...

Source: nvd

Type: Configuration

Vendor: *

Product: opensuse

Operating System: * * *

Trait: 
{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*...

Source: nvd

Type: Configuration

Vendor: *

Product: ubuntu_linux

Operating System: * * *

Trait: 
{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*...

Source: nvd

End of list