RETIRED: Oracle Java SE Critical Patch Update April 2013 Advance Notification

Bugtraq ID:	59033
Class:	Unknown
CVE:
Remote:	Yes
Local:	No
Published:	Apr 11 2013 12:00AM
Updated:	Mar 19 2015 09:34AM
Credit:	Oracle
Vulnerable:	Sun JRE (Windows Production Release) 1.7.0_4 Sun JRE (Windows Production Release) 1.7.0_2 Sun JRE (Windows Production Release) 1.6.0_32 Sun JRE (Windows Production Release) 1.6.0_30 Sun JRE (Windows Production Release) 1.6.0_28 Sun JRE (Windows Production Release) 1.6.0_27 Sun JRE (Windows Production Release) 1.6.0_26 Sun JRE (Windows Production Release) 1.6.0_25 Sun JRE (Windows Production Release) 1.6.0_24 Sun JRE (Windows Production Release) 1.6.0_23 Sun JRE (Windows Production Release) 1.6.0_22 Sun JRE (Solaris Production Release) 1.7.0_4 Sun JRE (Solaris Production Release) 1.7.0_2 Sun JRE (Solaris Production Release) 1.6.0_32 Sun JRE (Solaris Production Release) 1.6.0_30 Sun JRE (Solaris Production Release) 1.6.0_28 Sun JRE (Solaris Production Release) 1.6.0_27 Sun JRE (Solaris Production Release) 1.6.0_26 Sun JRE (Solaris Production Release) 1.6.0_25 Sun JRE (Solaris Production Release) 1.6.0_24 Sun JRE (Solaris Production Release) 1.6.0_23 Sun JRE (Solaris Production Release) 1.6.0_22 Sun JRE (Linux Production Release) 1.7.0_4 Sun JRE (Linux Production Release) 1.7.0_2 Sun JRE (Linux Production Release) 1.6.0_32 Sun JRE (Linux Production Release) 1.6.0_30 Sun JRE (Linux Production Release) 1.6.0_28 Sun JRE (Linux Production Release) 1.6.0_27 Sun JRE (Linux Production Release) 1.6.0_26 Sun JRE (Linux Production Release) 1.6.0_25 Sun JRE (Linux Production Release) 1.6.0_24 Sun JRE (Linux Production Release) 1.6.0_23 Sun JRE (Linux Production Release) 1.6.0_22 Sun JDK (Windows Production Release) 1.7 Sun JDK (Windows Production Release) 1.7.0_4 Sun JDK (Windows Production Release) 1.7.0_2 Sun JDK (Windows Production Release) 1.6.0_32 Sun JDK (Windows Production Release) 1.6.0_30 Sun JDK (Windows Production Release) 1.6.0_28 Sun JDK (Windows Production Release) 1.6.0_27 Sun JDK (Windows Production Release) 1.6.0_26 Sun JDK (Windows Production Release) 1.6.0_25 Sun JDK (Windows Production Release) 1.6.0_24 Sun JDK (Windows Production Release) 1.6.0_23 Sun JDK (Windows Production Release) 1.6.0_22 Sun JDK (Solaris Production Release) 1.7 Sun JDK (Solaris Production Release) 1.7.0_4 Sun JDK (Solaris Production Release) 1.7.0_2 Sun JDK (Solaris Production Release) 1.6.0_32 Sun JDK (Solaris Production Release) 1.6.0_30 Sun JDK (Solaris Production Release) 1.6.0_28 Sun JDK (Solaris Production Release) 1.6.0_27 Sun JDK (Solaris Production Release) 1.6.0_26 Sun JDK (Solaris Production Release) 1.6.0_25 Sun JDK (Solaris Production Release) 1.6.0_24 Sun JDK (Solaris Production Release) 1.6.0_23 Sun JDK (Solaris Production Release) 1.6.0_22 Sun JDK (Linux Production Release) 1.7 Sun JDK (Linux Production Release) 1.7.0_4 Sun JDK (Linux Production Release) 1.7.0_2 Sun JDK (Linux Production Release) 1.6.0_32 Sun JDK (Linux Production Release) 1.6.0_30 Sun JDK (Linux Production Release) 1.6.0_28 Sun JDK (Linux Production Release) 1.6.0_27 Sun JDK (Linux Production Release) 1.6.0_26 Sun JDK (Linux Production Release) 1.6.0_25 Sun JDK (Linux Production Release) 1.6.0_24 Sun JDK (Linux Production Release) 1.6.0_23 Sun JDK (Linux Production Release) 1.6.0_22
Not Vulnerable:

RETIRED: Oracle Java SE Critical Patch Update April 2013 Advance Notification

On April 16, 2013, Oracle will be releasing an advisory addressing 42 vulnerabilities affecting Java SE. 39 of these vulnerabilities can be exploited remotely without authentication. The highest CVSS 2.0 base score for these vulnerabilities is 10.

The following products are affected:

JDK and JRE 7 Update 17 and earlier for Windows, Solaris, and Linux
JDK and JRE 6 Update 43 and earlier for Windows, Solaris, and Linux
JDK and JRE 5.0 Update 41 and earlier for Windows, Solaris, and Linux
JavaFX 2.2.7 and earlier for Windows, Solaris, and Linux

This BID is being retired. The following individual records exist to better document the issues:

59213 Oracle Java SE CVE-2013-2436 Remote Java Runtime Environment Vulnerability
59162 Oracle Java SE CVE-2013-2423 Remote Java Runtime Environment Vulnerability
59234 Oracle Java SE CVE-2013-2414 Remote Java Runtime Environment Vulnerability
59203 Oracle Java SE CVE-2013-1561 Remote Java Runtime Environment Vulnerability
59195 Oracle Java SE CVE-2013-1564 Remote Java Runtime Environment Vulnerability
59191 Oracle Java SE CVE-2013-2425 Remote Java Runtime Environment Vulnerability
59185 Oracle Java SE CVE-2013-2438 Remote Java Runtime Environment Vulnerability
59175 Oracle Java SE CVE-2013-2428 Remote Java Runtime Environment Vulnerability
59137 Oracle Java SE CVE-2013-2434 Remote Java Runtime Environment Vulnerability
59128 Oracle Java SE CVE-2013-2427 Remote Java Runtime Environment Vulnerability
59088 Oracle Java SE CVE-2013-2416 Remote Java Runtime Environment Vulnerability
59178 Oracle Java SE CVE-2013-2439 Remote Java Runtime Environment Vulnerability
59131 Oracle Java SE CVE-2013-2419 Remote Code Execution Vulnerability
59228 Oracle Java SE CVE-2013-2422 Remote Java Runtime Environment Vulnerability
59206 Oracle Java SE CVE-2013-2426 Remote Java Runtime Environment Vulnerability
59190 Oracle Java SE CVE-2013-2383 Remote Java Runtime Environment Vulnerability
59179 Oracle Java SE CVE-2013-2384 Remote Java Runtime Environment Vulnerability
59167 Oracle Java SE CVE-2013-2420 Remote Java Runtime Environment Vulnerability
59166 Oracle Java SE CVE-2013-1569 Remote Java Runtime Environment Vulnerability
59153 Oracle Java SE CVE-2013-2421 Remote Java Runtime Environment Vulnerability
59141 Oracle Java SE CVE-2013-1518 Remote Java Runtime Environment Vulnerability
59243 Oracle Java SE CVE-2013-2430 Remote Java Runtime Environment Vulnerability
59220 Oracle Java SE CVE-2013-2433 Remote Java Runtime Environment Vulnerability
59187 Oracle Java SE CVE-2013-2417 Remote Java Runtime Environment Vulnerability
59184 Oracle Java SE CVE-2013-2429 Remote Java Runtime Environment Vulnerability
59159 Oracle Java SE CVE-2013-2424 Remote Java Runtime Environment Vulnerability
59154 Oracle Java SE CVE-2013-2432 Remote Java Runtime Environment Vulnerability
59145 Oracle Java SE CVE-2013-2418 Remote Java Runtime Environment Vulnerability
59124 Oracle Java SE CVE-2013-2440 Remote Java Runtime Environment Vulnerability
59089 Oracle Java SE CVE-2013-2435 Remote Java Runtime Environment Vulnerability
59194 Oracle Java SE CVE-2013-1537 Remote Code Execution Vulnerability
59219 Oracle Java SE CVE-2013-1558 Remote Java Runtime Environment Vulnerability
59208 Oracle Java SE CVE-2013-1563 Remote Java Runtime Environment Vulnerability
59172 Oracle Java SE CVE-2013-2394 Remote Java Runtime Environment Vulnerability
59170 Oracle Java SE CVE-2013-1557 Remote Java Runtime Environment Vulnerability
59149 Oracle Java SE CVE-2013-1540 Remote Java Runtime Environment Vulnerability
59212 Oracle Java SE CVE-2013-2415 Remote Java Runtime Environment Vulnerability
59165 Oracle Java SE CVE-2013-2431 Remote Java Runtime Environment Vulnerability

RETIRED: Oracle Java SE Critical Patch Update April 2013 Advance Notification

Solution:
Oracle will be releasing updates on April 16, 2013. Please see the references or vendor advisory for more information.

RETIRED: Oracle Java SE Critical Patch Update April 2013 Advance Notification

References:

• Java Homepage (Sun)
  
• Oracle Java SE Critical Patch Update Pre-Release Announcement - April 2013 (Oracle)