Category: CVE-2013-0438

CVE-2013-0438, Oracle Java JRE 7u5 SOP Bypass for ZIP-Based Filetypes, XSS, Cross Site Scripting

Oracle Java JRE 7u5 SOP Bypass for ZIP-Based Filetypes CVE-2013-0438, Oracle Document XSS.CX Allowance: $4,000 (Four Thousand US Dollars) KeywordsSecurity, Web, Cross-Site Scripting, Private Bug Report, Oracle, Java, JRE, Same-Origin Policy SummaryA bug in the Oracle Java  JRE 7u5 browser plugin allows cross-domain theft of any information encapsulated in a JAR or ZIP file. With […]