Bug 917550 - (CVE-2013-0809) CVE-2013-0809 OpenJDK: Specially crafted sample model integer overflow (2D, 8007014)
CVE-2013-0809 OpenJDK: Specially crafted sample model integer overflow (2D, 8...
Status: CLOSED ERRATA
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
urgent Severity urgent
: ---
: ---
Assigned To: Red Hat Product Security
impact=critical,public=20130304,repor...
: Security
Depends On:
Blocks: 917174
  Show dependency treegraph
 
Reported: 2013-03-04 05:49 EST by Stefan Cornelius
Modified: 2016-03-04 07:18 EST (History)
4 users (show)

See Also:
Fixed In Version: icedtea6 1.11.9, icedtea6 1.12.4, icedtea7 2.1.7, icedtea7 2.2.7, icedtea7 2.3.8
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2013-03-12 04:38:34 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Stefan Cornelius 2013-03-04 05:49:33 EST
An integer overflow flaw was found in the way the 2D component handled certain sample model instances.  A specially-crafted sample model instance could cause Java Virtual Machine memory corruption and, possibly, lead to arbitrary code execution with the virtual machine privileges.
Comment 1 Vincent Danen 2013-03-04 11:36:54 EST
Common Vulnerabilities and Exposures assigned an identifier CVE-2013-0809 to
the following vulnerability:

Name: CVE-2013-0809
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0809
Assigned: 20130105
Reference: http://www.oracle.com/ocom/groups/public/@otn/documents/webcontent/1915099.xml

Unspecified vulnerability in the 2D component in the Java Runtime
Environment (JRE) component in Oracle Java SE 7 Update 15 and earlier,
6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote
attackers to execute arbitrary code via unknown vectors, a different
vulnerability than CVE-2013-1493.
Comment 2 Tomas Hoger 2013-03-04 15:50:56 EST
Fixed in Oracle Java SE 7u17 and 6u43.

External Reference:

http://www.oracle.com/technetwork/topics/security/alert-cve-2013-1493-1915081.html
Comment 3 errata-xmlrpc 2013-03-06 14:00:06 EST
This issue has been addressed in following products:

  Supplementary for Red Hat Enterprise Linux 5
  Supplementary for Red Hat Enterprise Linux 6

Via RHSA-2013:0601 https://rhn.redhat.com/errata/RHSA-2013-0601.html
Comment 4 errata-xmlrpc 2013-03-06 14:00:56 EST
This issue has been addressed in following products:

  Supplementary for Red Hat Enterprise Linux 5
  Supplementary for Red Hat Enterprise Linux 6

Via RHSA-2013:0600 https://rhn.redhat.com/errata/RHSA-2013-0600.html
Comment 5 errata-xmlrpc 2013-03-06 14:15:27 EST
This issue has been addressed in following products:

  Red Hat Enterprise Linux 5

Via RHSA-2013:0604 https://rhn.redhat.com/errata/RHSA-2013-0604.html
Comment 6 errata-xmlrpc 2013-03-06 14:16:06 EST
This issue has been addressed in following products:

  Red Hat Enterprise Linux 5

Via RHSA-2013:0603 https://rhn.redhat.com/errata/RHSA-2013-0603.html
Comment 7 errata-xmlrpc 2013-03-06 14:16:17 EST
This issue has been addressed in following products:

  Red Hat Enterprise Linux 6

Via RHSA-2013:0602 https://rhn.redhat.com/errata/RHSA-2013-0602.html
Comment 8 Tomas Hoger 2013-03-06 14:26:44 EST
Oracle security blog post with more information on the security alert:

https://blogs.oracle.com/security/entry/security_alert_cve_2013_1493

Upstream commit, as included in IcedTea7 repositories:

http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk/rev/fa09ada25c47
Comment 9 errata-xmlrpc 2013-03-06 14:49:07 EST
This issue has been addressed in following products:

  Red Hat Enterprise Linux 6

Via RHSA-2013:0605 https://rhn.redhat.com/errata/RHSA-2013-0605.html
Comment 10 errata-xmlrpc 2013-03-11 14:49:56 EDT
This issue has been addressed in following products:

  Supplementary for Red Hat Enterprise Linux 5
  Supplementary for Red Hat Enterprise Linux 6

Via RHSA-2013:0624 https://rhn.redhat.com/errata/RHSA-2013-0624.html
Comment 11 errata-xmlrpc 2013-03-11 15:01:14 EDT
This issue has been addressed in following products:

  Supplementary for Red Hat Enterprise Linux 5
  Supplementary for Red Hat Enterprise Linux 6

Via RHSA-2013:0626 https://rhn.redhat.com/errata/RHSA-2013-0626.html
Comment 12 errata-xmlrpc 2013-03-11 15:02:43 EDT
This issue has been addressed in following products:

  Supplementary for Red Hat Enterprise Linux 5
  Supplementary for Red Hat Enterprise Linux 6

Via RHSA-2013:0625 https://rhn.redhat.com/errata/RHSA-2013-0625.html
Comment 13 Tomas Hoger 2013-03-12 04:38:34 EDT
Fixed in IcedTea versions IcedTea6 1.11.9 and 1.12.4, and IcedTea7 2.1.7, 2.2.7 and 2.3.8:

http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2013-March/022145.html
http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2013-March/022273.html
Comment 16 Tomas Hoger 2013-07-08 11:13:12 EDT
Write-up of additional details of this flaw:

http://axtaxt.wordpress.com/2013/07/06/analysis-of-cve-2013-0809/
Comment 17 errata-xmlrpc 2013-10-23 12:39:42 EDT
This issue has been addressed in following products:

  Red Hat Network Satellite Server v 5.5

Via RHSA-2013:1456 https://rhn.redhat.com/errata/RHSA-2013-1456.html
Comment 18 errata-xmlrpc 2013-10-23 12:50:58 EDT
This issue has been addressed in following products:

  Red Hat Network Satellite Server v 5.4

Via RHSA-2013:1455 https://rhn.redhat.com/errata/RHSA-2013-1455.html

Note You need to log in before you can comment on or make changes to this bug.