1
Candidate: CVE-2013-0402
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0402
5
http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/Pwn2Own-2013/ba-p/5981157
6
http://www.zdnet.com/pwn2own-down-go-all-the-browsers-7000012283/
7
https://twitter.com/thezdi/status/309484730506698752
8
http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html
10
Heap-based buffer overflow in the Java Runtime Environment (JRE) component
11
in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier
12
allows remote attackers to execute arbitrary code via unspecified vectors
13
related to JavaFX, as demonstrated by VUPEN during a Pwn2Own competition at
17
mdeslaur> fixed in 7u21. Likely in JavaFX, so openjdk wasn't vulnerable.
24
upstream_openjdk-6: not-affected
25
hardy_openjdk-6: ignored (reached end-of-life)
26
lucid_openjdk-6: not-affected
27
oneiric_openjdk-6: not-affected
28
precise_openjdk-6: not-affected
29
quantal_openjdk-6: not-affected
30
raring_openjdk-6: not-affected
31
devel_openjdk-6: not-affected
34
upstream_openjdk-7: released (7u21)
37
oneiric_openjdk-7: ignored (reached end-of-life)
38
precise_openjdk-7: released (7u21-2.3.9-0ubuntu0.12.04.1)
39
quantal_openjdk-7: released (7u21-2.3.9-0ubuntu0.12.10.1)
40
raring_openjdk-7: released (7u21-2.3.9-1ubuntu1)
41
devel_openjdk-7: released (7u21-2.3.9-1ubuntu1)
44
upstream_openjdk-6b18: deferred (2013-04-19)
45
hardy_openjdk-6b18: DNE
46
lucid_openjdk-6b18: ignored (reached end-of-life)
47
oneiric_openjdk-6b18: ignored (superseded by openjdk-6)
48
precise_openjdk-6b18: DNE
49
quantal_openjdk-6b18: DNE
50
raring_openjdk-6b18: DNE
51
devel_openjdk-6b18: DNE