Lucene search

K

[email protected]CVE-2013-0442

HistoryFeb 02, 2013 - 12:55 a.m.

CVE-2013-0442

2013-02-0200:55:00

NVD-CWE-noinfo

[email protected]

web.nvd.nist.gov

78

cve-2013-0442

oracle

java

jre

openjdk

vulnerability

confidentiality

integrity

availability

8.1 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.059 Low

EPSS

Percentile

93.4%

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to an improper check of “privileges of the code” that bypasses the sandbox.

CPENameOperatorVersion
oracle:jreoracle jreeq1.7.0
oracle:jdkoracle jdkeq1.7.0
sun:jresun jreeq1.6.0
oracle:jreoracle jreeq1.6.0
sun:jdksun jdkeq1.6.0
oracle:jdkoracle jdkeq1.6.0
sun:jresun jreeq1.5.0
oracle:jreoracle jreeq1.5.0
sun:jdksun jdkeq1.5.0
oracle:jdkoracle jdkeq1.5.0

Rows per page:

1-10 of 871

References

bugzilla.redhat.com/bugzilla/show_bug.cgi?id=906899

icedtea.classpath.org/hg/release/icedtea6-1.11/file/icedtea6-1.11.6/NEWS

icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk/rev/6527ae06da69

lists.opensuse.org/opensuse-security-announce/2013-02/msg00014.html

lists.opensuse.org/opensuse-security-announce/2013-03/msg00001.html

lists.opensuse.org/opensuse-security-announce/2013-03/msg00034.html

marc.info/?l=bugtraq&m=136439120408139&w=2

marc.info/?l=bugtraq&m=136570436423916&w=2

marc.info/?l=bugtraq&m=136733161405818&w=2

rhn.redhat.com/errata/RHSA-2013-0236.html

rhn.redhat.com/errata/RHSA-2013-0237.html

rhn.redhat.com/errata/RHSA-2013-0245.html

rhn.redhat.com/errata/RHSA-2013-0246.html

rhn.redhat.com/errata/RHSA-2013-0247.html

rhn.redhat.com/errata/RHSA-2013-1455.html

rhn.redhat.com/errata/RHSA-2013-1456.html

security.gentoo.org/glsa/glsa-201406-32.xml

www.kb.cert.org/vuls/id/858729

www.mandriva.com/security/advisories?name=MDVSA-2013:095

www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html

www.securityfocus.com/bid/57687

www.us-cert.gov/cas/techalerts/TA13-032A.html

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16035

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18597

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19126

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19434

wiki.mageia.org/en/Support/Advisories/MGASA-2013-0056

8.1 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.059 Low

EPSS

Percentile

93.4%

Related for CVE-2013-0442

ubuntucve1 veracode1 prion1 nessus49 amazon2 openvas49 suse15 fedora5 redhat10 oraclelinux3 centos3 ibm10 ubuntu1 cert1 securityvulns1 gentoo1