Launchpad.net

CVE 2013-5878

Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, Java SE Embedded 7u45, and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the Security component does not properly handle null XML namespace (xmlns) attributes during XML document canonicalization, which allows attackers to escape the sandbox.

Related bugs and status

CVE-2013-5878 (Candidate) is related to these bugs:

Bug #1283828: "Cannot find any provider supporting RSA/ECB/OAEPPadding" error after upgrading to openjdk-6 6b27-1.12.6-1ubuntu0.12.04.4

		In	Importance	Status
1283828	"Cannot find any provider supporting RSA/ECB/OAEPPadding" error after upgrading to openjdk-6 6b27-1.12.6-1ubuntu0.12.04.4	openjdk-6 (Ubuntu)	Undecided	Fix Released
1283828	"Cannot find any provider supporting RSA/ECB/OAEPPadding" error after upgrading to openjdk-6 6b27-1.12.6-1ubuntu0.12.04.4	openjdk-6 (Ubuntu Quantal)	Undecided	Fix Released
1283828	"Cannot find any provider supporting RSA/ECB/OAEPPadding" error after upgrading to openjdk-6 6b27-1.12.6-1ubuntu0.12.04.4	openjdk-6 (Ubuntu Saucy)	Undecided	Fix Released
1283828	"Cannot find any provider supporting RSA/ECB/OAEPPadding" error after upgrading to openjdk-6 6b27-1.12.6-1ubuntu0.12.04.4	openjdk-6 (Ubuntu Trusty)	Undecided	Fix Released
1283828	"Cannot find any provider supporting RSA/ECB/OAEPPadding" error after upgrading to openjdk-6 6b27-1.12.6-1ubuntu0.12.04.4	openjdk-6 (Ubuntu Lucid)	Undecided	Fix Released
1283828	"Cannot find any provider supporting RSA/ECB/OAEPPadding" error after upgrading to openjdk-6 6b27-1.12.6-1ubuntu0.12.04.4	openjdk-6 (Ubuntu Precise)	Undecided	Fix Released
1283828	"Cannot find any provider supporting RSA/ECB/OAEPPadding" error after upgrading to openjdk-6 6b27-1.12.6-1ubuntu0.12.04.4	openjdk-7 (Ubuntu)	Undecided	Fix Released
1283828	"Cannot find any provider supporting RSA/ECB/OAEPPadding" error after upgrading to openjdk-6 6b27-1.12.6-1ubuntu0.12.04.4	openjdk-7 (Ubuntu Precise)	Undecided	Fix Released
1283828	"Cannot find any provider supporting RSA/ECB/OAEPPadding" error after upgrading to openjdk-6 6b27-1.12.6-1ubuntu0.12.04.4	openjdk-7 (Ubuntu Quantal)	Undecided	Fix Released
1283828	"Cannot find any provider supporting RSA/ECB/OAEPPadding" error after upgrading to openjdk-6 6b27-1.12.6-1ubuntu0.12.04.4	openjdk-7 (Ubuntu Saucy)	Undecided	Fix Released
1283828	"Cannot find any provider supporting RSA/ECB/OAEPPadding" error after upgrading to openjdk-6 6b27-1.12.6-1ubuntu0.12.04.4	openjdk-7 (Ubuntu Trusty)	Undecided	Fix Released
1283828	"Cannot find any provider supporting RSA/ECB/OAEPPadding" error after upgrading to openjdk-6 6b27-1.12.6-1ubuntu0.12.04.4	Iced Tea	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://www.oracle.com/...
BID: 64758
CONFIRM: https://bugzilla.redha...
BID: 64927
OSVDB: 102005
SECTRACK: 1029608
SECUNIA: 56432
SECUNIA: 56485
SECUNIA: 56486
SECUNIA: 56535
REDHAT: RHSA-2014:0026
REDHAT: RHSA-2014:0027
REDHAT: RHSA-2014:0097
REDHAT: RHSA-2014:0030
REDHAT: RHSA-2014:0134
REDHAT: RHSA-2014:0135
SUSE: openSUSE-SU-2014:0174
SUSE: SUSE-SU-2014:0246
SUSE: SUSE-SU-2014:0266
SUSE: openSUSE-SU-2014:0177
SUSE: openSUSE-SU-2014:0180
UBUNTU: USN-2089-1
UBUNTU: USN-2124-1
SUSE: SUSE-SU-2014:0451
CONFIRM: https://h20566.www2.hp...
HP: HPSBUX02972
HP: HPSBUX02973
HP: SSRT101454
HP: SSRT101455
REDHAT: RHSA-2014:0414