Lucene search

K

[email protected]CVE-2013-0809

HistoryMar 05, 2013 - 10:06 p.m.

CVE-2013-0809

2013-03-0522:06:00

NVD-CWE-noinfo

[email protected]

web.nvd.nist.gov

166

cve-2013-0809

java

jre

vulnerability

remote code execution

nvd

9.1 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.945 High

EPSS

Percentile

99.2%

Unspecified vulnerability in the 2D component in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2013-1493.

CPENameOperatorVersion
sun:jresun jreeq1.6.0
oracle:jreoracle jreeq1.6.0
sun:jdksun jdkeq1.6.0
oracle:jdkoracle jdkeq1.6.0
sun:jresun jreeq1.5.0
oracle:jreoracle jrele1.5.0
sun:jdksun jdkeq1.5.0
oracle:jdkoracle jdkle1.5.0
oracle:jreoracle jreeq1.7.0
oracle:jdkoracle jdkeq1.7.0

References

lists.opensuse.org/opensuse-security-announce/2013-03/msg00009.html

lists.opensuse.org/opensuse-security-announce/2013-03/msg00011.html

lists.opensuse.org/opensuse-security-announce/2013-03/msg00012.html

lists.opensuse.org/opensuse-security-announce/2013-04/msg00020.html

mail.openjdk.java.net/pipermail/distro-pkg-dev/2013-March/022145.html

marc.info/?l=bugtraq&m=136439120408139&w=2

marc.info/?l=bugtraq&m=136570436423916&w=2

rhn.redhat.com/errata/RHSA-2013-0601.html

rhn.redhat.com/errata/RHSA-2013-0603.html

rhn.redhat.com/errata/RHSA-2013-0604.html

rhn.redhat.com/errata/RHSA-2013-1455.html

rhn.redhat.com/errata/RHSA-2013-1456.html

security.gentoo.org/glsa/glsa-201406-32.xml

www.kb.cert.org/vuls/id/688246

www.mandriva.com/security/advisories?name=MDVSA-2013:095

www.oracle.com/ocom/groups/public/%40otn/documents/webcontent/1915099.xml

www.oracle.com/technetwork/topics/security/alert-cve-2013-1493-1915081.html

www.securityfocus.com/bid/58296

www.ubuntu.com/usn/USN-1755-2

www.us-cert.gov/ncas/alerts/TA13-064A

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19076

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19320

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19479

wiki.mageia.org/en/Support/Advisories/MGASA-2013-0088

9.1 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.945 High

EPSS

Percentile

99.2%