Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2013-2463
HistoryJun 18, 2013 - 10:55 p.m.

CVE-2013-2463

2013-06-1822:55:00
NVD-CWE-noinfo
[email protected]
web.nvd.nist.gov
71
In Wild
cve-2013-2463
oracle java
java se
vulnerability
2d
remote attack
confidentiality
integrity
availability
sandbox

5.8 Medium

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.943 High

EPSS

Percentile

99.2%

JSON

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to “Incorrect image attribute verification” in 2D.

References

Related

cvelist 2
checkpoint_advisories 1
veracode 11
zdi 1
ubuntucve 2
threatpost 2
prion 2
thn 2
cve 1
attackerkb 1
ibm 15
nessus 49
suse 13
openvas 45
amazon 2
redhat 10
oraclelinux 3
centos 3
debian 2
mageia 2
ubuntu 3
securityvulns 1
gentoo 2
cvelist
cvelist
CVE-2013-2463
2013-06-18 22:00:00
CVE-2013-2464
2013-06-18 22:00:00
checkpoint_advisories
checkpoint_advisories
Oracle Java sun.awt.image.ImagingLib.lookupByteBI Buffer Overflow (CVE-2013-2463)
2013-08-11 00:00:00
veracode
veracode
Sandbox Restrictions Bypass
2019-05-02 04:45:33
Privilege Escalation
2019-05-02 04:46:31
Arbitrary Code Execution
2019-05-02 04:46:33
zdi
zdi
Oracle Java AWT Memory Corruption Remote Code Execution Vulnerability
2013-06-27 00:00:00
ubuntucve
ubuntucve
CVE-2013-2463
2013-06-18 00:00:00
CVE-2013-2464
2013-06-18 00:00:00
threatpost
threatpost
Another Java 6 Vulnerability Found in the Wild
2013-08-28 12:44:53
Many Flash, Java Users Running Older, Vulnerable Versions
2013-09-06 07:40:52
prion
prion
Design/Logic Flaw
2013-06-18 22:55:00
Design/Logic Flaw
2013-06-18 22:55:00
thn
thn
Warning : Java 6 vulnerable to zero-day exploit; added to Neutrino exploit kit
2013-08-28 10:14:00
Warning : Java 6 vulnerable to zero-day exploit; added to Neutrino exploit kit
2013-08-28 21:14:00
cve
cve
CVE-2013-2464
2013-06-18 22:55:00
attackerkb
attackerkb
CVE-2013-2464
2013-06-18 00:00:00
ibm
ibm
Security Bulletin: CICS Transaction Gateway for Multiplatforms
2022-09-25 22:39:39
Security Bulletin: Potential security vulnerabilities with JavaTM SDKs
2022-09-25 21:06:56
Security Bulletin: Flex System Manager (FSM) – June 2013 Java Vulnerabilities
2022-05-16 16:03:13
nessus
nessus
SuSE 11.2 Security Update : java-1_4_2-ibm (SAT Patch Number 8109)
2013-07-28 00:00:00
SuSE 10 Security Update : java-1_4_2-ibm (ZYPP Patch Number 8652)
2013-07-28 00:00:00
RHEL 5 / 6 : java-1.6.0-openjdk (RHSA-2013:1014)
2013-07-05 00:00:00
suse
suse
Security update for IBM Java 1.4.2 (important)
2013-08-05 20:04:12
Security update for java-1_4_2-ibm (important)
2013-07-27 17:04:24
Security update for java-1_6_0-openjdk (important)
2013-07-23 22:04:14
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2013:1264-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2013:1293-2)
2021-06-09 00:00:00
Oracle Java SE Multiple Vulnerabilities -03 June 13 (Windows)
2013-06-24 00:00:00
amazon
amazon
Important: java-1.6.0-openjdk
2013-07-12 15:31:00
Important: java-1.7.0-openjdk
2013-06-20 14:14:00
redhat
redhat
(RHSA-2013:1014) Important: java-1.6.0-openjdk security update
2013-07-03 00:00:00
(RHSA-2013:1081) Important: java-1.5.0-ibm security update
2013-07-16 00:00:00
(RHSA-2013:0957) Critical: java-1.7.0-openjdk security update
2013-06-19 00:00:00
oraclelinux
oraclelinux
java-1.6.0-openjdk security update
2013-07-03 00:00:00
java-1.7.0-openjdk security update
2013-06-19 00:00:00
java-1.7.0-openjdk security update
2013-06-19 00:00:00
centos
centos
java security update
2013-07-04 10:07:44
java security update
2013-06-20 06:43:01
java security update
2013-06-20 06:46:44
debian
debian
[SECURITY] [DSA 2727-1] openjdk-6 security update
2013-07-25 21:12:25
[SECURITY] [DSA 2722-1] openjdk-7 security update
2013-07-15 15:53:07
mageia
mageia
Updated java-1.6.0-openjdk packages fix security vulnerabilities
2013-07-16 11:26:07
Updated java-1.7.0-openjdk packages fix multiple security vulnerabilities
2013-06-26 22:13:26
ubuntu
ubuntu
OpenJDK 6 vulnerabilities
2013-07-23 00:00:00
OpenJDK 7 vulnerabilities
2013-07-16 00:00:00
IcedTea Web update
2013-07-16 00:00:00
securityvulns
securityvulns
Oracle Java multiple security vulnerabilities
2013-08-28 00:00:00
gentoo
gentoo
IcedTea JDK: Multiple vulnerabilities
2014-06-29 00:00:00
Oracle JRE/JDK: Multiple vulnerabilities
2014-01-27 00:00:00

5.8 Medium

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.943 High

EPSS

Percentile

99.2%

JSON
Related for CVE-2013-2463
cvelist2checkpoint_advisories1veracode11zdi1ubuntucve2threatpost2prion2thn2cve1attackerkb1ibm15nessus49suse13openvas45amazon2redhat10oraclelinux3centos3debian2mageia2ubuntu3securityvulns1gentoo2