Unrated severityNVD Advisory· Published Jan 15, 2014· Updated Apr 29, 2026
CVE-2013-5893
CVE-2013-5893
Description
Unspecified vulnerability in Oracle Java SE 7u45 and Java SE Embedded 7u45, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to improper handling of methods in MethodHandles in HotSpot JVM, which allows attackers to escape the sandbox.
Affected products
3- cpe:2.3:a:oracle:jdk:1.7.0:update45:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update45:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
20- www.oracle.com/technetwork/topics/security/cpujan2014-1972949.htmlnvdVendor Advisory
- hg.openjdk.java.net/jdk7u/jdk7u/hotspot/rev/839100e42498nvd
- lists.opensuse.org/opensuse-updates/2014-01/msg00105.htmlnvd
- lists.opensuse.org/opensuse-updates/2014-01/msg00107.htmlnvd
- lists.opensuse.org/opensuse-updates/2014-02/msg00000.htmlnvd
- marc.infonvd
- osvdb.org/102000nvd
- rhn.redhat.com/errata/RHSA-2014-0026.htmlnvd
- rhn.redhat.com/errata/RHSA-2014-0027.htmlnvd
- rhn.redhat.com/errata/RHSA-2014-0030.htmlnvd
- secunia.com/advisories/56432nvd
- secunia.com/advisories/56485nvd
- secunia.com/advisories/56486nvd
- secunia.com/advisories/56535nvd
- www.securityfocus.com/bid/64758nvd
- www.securityfocus.com/bid/64863nvd
- www.securitytracker.com/id/1029608nvd
- www.ubuntu.com/usn/USN-2089-1nvd
- bugzilla.redhat.com/show_bug.cginvd
- h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplaynvd
News mentions
0No linked articles in our index yet.