CVE-2013-0434: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 throu

A security flaw was found in Oracle Java SE versions 7 (up to Update 11), 6 (up to Update 38), and older versions, as well as OpenJDK, that could let remote attackers (people attacking from outside your system) access sensitive information through JAXP (Java API for XML Processing, a tool for handling XML files). The exact nature of the vulnerability was not publicly detailed by Oracle, though another vendor suggested it involved a publicly accessible method in JAXP that could expose private data.