Trusted Design

• 重大度: Unknown
• 公開日: 2013-06-18
• 更新日: 2025-10-22

概要

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect image channel verification" in 2D.

このCVEに関連するMITRE ATT&CKテクニック

• T1027.009 - Embedded Payloads
• T1514 - Elevated Execution with Prompt
• T1583.002 - DNS Server
• T1192 - Spearphishing Link
• T1587.001 - Malware
• T1564 - Hide Artifacts
• T1591.003 - Identify Business Tempo
• T1213.006 - Databases
• T1070.002 - Clear Linux or Mac System Logs
• T1598.003 - Spearphishing Link
• T1583.005 - Botnet
• T1675 - ESXi Administration Command
• T1608.001 - Upload Malware
• T1558 - Steal or Forge Kerberos Tickets
• T1070.008 - Clear Mailbox Data
• T1518.002 - Backup Software Discovery
• T1218.003 - CMSTP
• T1525 - Implant Internal Image
• T1547.005 - Security Support Provider
• T1145 - Private Keys
• T1177 - LSASS Driver
• T1591.002 - Business Relationships
• T1055.013 - Process Doppelgänging
• T1593.003 - Code Repositories
• T1546.008 - Accessibility Features
• T1083 - File and Directory Discovery
• T1649 - Steal or Forge Authentication Certificates
• T1051 - Shared Webroot
• T1218.005 - Mshta
• T1608.005 - Link Target
• T1598.002 - Spearphishing Attachment
• T1606 - Forge Web Credentials
• T1071.002 - File Transfer Protocols
• T1679 - Selective Exclusion
• T1219.003 - Remote Access Hardware
• T1187 - Forced Authentication
• T1599 - Network Boundary Bridging
• T1486 - Data Encrypted for Impact
• T1595.003 - Wordlist Scanning
• T1667 - Email Bombing
• T1137.004 - Outlook Home Page
• T1608.003 - Install Digital Certificate
• T1499 - Endpoint Denial of Service
• T1500 - Compile After Delivery
• T1213.003 - Code Repositories
• T1565.002 - Transmitted Data Manipulation
• T1543.001 - Launch Agent
• T1555.004 - Windows Credential Manager
• T1194 - Spearphishing via Service
• T1111 - Multi-Factor Authentication Interception
• T1159 - Launch Agent
• T1564.005 - Hidden File System
• T1538 - Cloud Service Dashboard
• T1055.008 - Ptrace System Calls
• T1653 - Power Settings
• T1027.007 - Dynamic API Resolution
• T1665 - Hide Infrastructure
• T1596.005 - Scan Databases
• T1591.001 - Determine Physical Locations
• T1204.001 - Malicious Link
• T1035 - Service Execution
• T1566.003 - Spearphishing via Service
• T1127 - Trusted Developer Utilities Proxy Execution
• T1574.012 - COR_PROFILER

このCVEが関連しているPulses

このCVEが関連しているPulsesはありません。

CVEの関係性グラフ

---

← CVE一覧に戻る