HIGH✓ PATCH🇵🇱 Wersja polska

CVE-2013-1489

CVSS 10.0v2.0pub. 2013-01-31upd. 2026-04-29

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 10 and Update 11, when running on Windows using Internet Explorer, Firefox, Opera, and Google Chrome, allows remote attackers to bypass the "Very High" security level of the Java Control Panel and execute unsigned Java code without prompting the user via unknown vectors, aka "Issue 53" and the "Java Security Slider" vulnerability.

CVSS Vector
AV:N/AC:L/Au:N/C:C/I:C/A:C
  • Google Chrome

    APP
    Google
    wszystkie wersje
  • Microsoft Internet Explorer

    APP
    Microsoft
    wszystkie wersje
  • Mozilla Firefox

    APP
    Mozilla
    wszystkie wersje
  • Opera Browser

    APP
    Opera
    wszystkie wersje
  • Oracle JDK

    APP
    Oracle
    1.7.0
  • Oracle Jre

    APP
    Oracle
    1.7.0
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
CWE
References

Related vulnerabilities

CVE-2025-10585CRITICAL9.8⚠ KEVPL ✓ten sam produkt

Type confusion w V8 (Google Chrome) — zdalne uszkodzenie sterty

CVE-2024-9680CRITICAL9.8⚠ KEVPL ✓ten sam produkt

Use-after-free w Animation timelines Firefox/Thunderbird — RCE

CVE-2024-7971CRITICAL9.6⚠ KEVPL ✓ten sam produkt

Type confusion w V8 (Google Chrome/Edge) umożliwiający heap corruption

CVE-2024-5274CRITICAL9.6⚠ KEVPL ✓ten sam produkt

Type Confusion w V8 (Google Chrome) — RCE przez spreparowaną stronę HTML

CVE-2024-4947CRITICAL9.6⚠ KEVPL ✓ten sam produkt

Type Confusion w silniku V8 Chrome — zdalne wykonanie kodu (RCE)