1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Web Attack: Oracle Java SE CVE-2013-2465 3

Web Attack: Oracle Java SE CVE-2013-2465 3

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts to exploit a remote code execution vulnerability in Oracle Java SE.

Additional Information

Oracle Java SE is prone to a remote code-execution vulnerability in Java Runtime Environment that occurs in the 'AWT' mlib library. Specifically, this issue exists due to out-of-bounds array access condition.

The vulnerability can be exploited over multiple protocols. This issue affects the '2D' sub-component.

An attacker can exploit this issue to execute arbitrary code in the context of the current user.

This vulnerability affects the following supported versions:
7 Update 21 , 6 Update 45 , 5.0 Update 45

Affected

  • This vulnerability affects the following supported versions:
  • 7 Update 21 , 6 Update 45 , 5.0 Update 45
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube