Upstream information
Description
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, and OpenJDK 7, allows user-assisted remote attackers to bypass the Java security sandbox via unspecified vectors related to JMX, aka "Issue 52," a different vulnerability than CVE-2013-1490.SUSE information
Overall state of this security issue: Resolved
This issue is currently rated as having important severity.
National Vulnerability Database | |
---|---|
Base Score | 5 |
Vector | AV:N/AC:L/Au:N/C:N/I:P/A:N |
Access Vector | Network |
Access Complexity | Low |
Authentication | None |
Confidentiality Impact | None |
Integrity Impact | Partial |
Availability Impact | None |
Note from the SUSE Security Team
This security problem affects also IBM Java on SUSE Linux Enterprise Server in various versions.IBM is still working on a fix currently. As soon as a fix is provided we will be shipping updated IBM Java packages.Please check the IBM JDK Alerts overview page for more information and the current IBM status. SUSE Bugzilla entries: 798535 [RESOLVED / FIXED], 803379 [RESOLVED / FIXED], 806786 [RESOLVED / UPSTREAM] SUSE Security Advisories:- openSUSE-SU-2013:0377-1, published Fri, 1 Mar 2013 17:05:38 +0100 (CET)
List of released packages
Product(s) | Fixed package version(s) | References |
---|---|---|
SUSE Linux Enterprise Desktop 12 SP1 |
| |
SUSE Linux Enterprise Desktop 12 SP2 |
| |
SUSE Linux Enterprise Desktop 12 SP3 |
| |
SUSE Linux Enterprise Desktop 12 SP4 |
| |
SUSE Linux Enterprise Desktop 12 |
| |
SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise Server 12 SP5 |
| |
SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server for SAP Applications 11 SP2 |
| Patchnames: slessp2-java-1_7_0-ibm |
SUSE Linux Enterprise Server 11 SP3 |
| |
SUSE Linux Enterprise Server 12 SP1 |
| |
SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 |
| |
SUSE Linux Enterprise Server 12 SP3 |
| |
SUSE Linux Enterprise Server 12 SP4 |
| |
SUSE Linux Enterprise Server 12 |
| |
SUSE Linux Enterprise Server for VMWare 11 SP2 |
| Patchnames: slessp2-java-1_7_0-ibm |
SUSE Linux Enterprise Software Development Kit 11 SP2 |
| Patchnames: sdksp2-java-1_7_0-ibm |
openSUSE Tumbleweed |
| Patchnames: openSUSE Tumbleweed GA java-1_7_0-openjdk |