Description

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-0425 and CVE-2013-0426. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "incorrect checks for proxy classes" in the Reflection API.

Remediation

References

CVE-2013-0428

Related Vulnerabilities

WordPress Plugin CM Footnotes Cross-Site Scripting (1.1.4)

WordPress 5.6.x Multiple Vulnerabilities (5.6 - 5.6.9)

WordPress Plugin Compact WP Audio Player Multiple Vulnerabilities (1.9.6)

Joomla Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-11326)

WordPress Plugin WP Super Cache Cross-Site Scripting (1.4.2)

Severity

Critical

Classification

CVE-2013-0428

Tags

Missing Update Known Vulnerabilities