Lucene search

K

PRIOn knowledge basePRION:CVE-2013-0428

HistoryFeb 02, 2013 - 12:55 a.m.

Design/Logic Flaw

2013-02-0200:55:00

PRIOn knowledge base

www.prio-n.com

8

5.7 Medium

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.048 Low

EPSS

Percentile

92.5%

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-0425 and CVE-2013-0426. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to “incorrect checks for proxy classes” in the Reflection API.

CPENameOperatorVersion
jdkeq1.7.0 update6
jdkeq1.7.0 update5
jdkeq1.7.0 update7
jdkeq1.7.0 update2
jdkeq1.7.0 update11
jdkeq1.7.0
jdkeq1.7.0 update9
jdkeq1.7.0 update3
jdkeq1.7.0 update1
jdkeq1.7.0 update10

Rows per page:

1-10 of 2411

References

icedtea.classpath.org/hg/release/icedtea6-1.11/file/icedtea6-1.11.6/NEWS

icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk/rev/c9534e095b37

lists.opensuse.org/opensuse-security-announce/2013-02/msg00014.html

lists.opensuse.org/opensuse-security-announce/2013-03/msg00001.html

lists.opensuse.org/opensuse-security-announce/2013-03/msg00034.html

rhn.redhat.com/errata/RHSA-2013-0236.html

rhn.redhat.com/errata/RHSA-2013-0237.html

rhn.redhat.com/errata/RHSA-2013-0245.html

rhn.redhat.com/errata/RHSA-2013-0246.html

rhn.redhat.com/errata/RHSA-2013-0247.html

rhn.redhat.com/errata/RHSA-2013-1455.html

rhn.redhat.com/errata/RHSA-2013-1456.html

security.gentoo.org/glsa/glsa-201406-32.xml

www.kb.cert.org/vuls/id/858729

www.mandriva.com/security/advisories?name=MDVSA-2013:095

www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html

www.securityfocus.com/bid/57713

www.us-cert.gov/cas/techalerts/TA13-032A.html

bugzilla.redhat.com/show_bug.cgi?id=907207

marc.info/?l=bugtraq&m=136439120408139&w=2

marc.info/?l=bugtraq&m=136570436423916&w=2

marc.info/?l=bugtraq&m=136733161405818&w=2

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16496

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19474

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19480

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19491

wiki.mageia.org/en/Support/Advisories/MGASA-2013-0056

5.7 Medium

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.048 Low

EPSS

Percentile

92.5%

Related for PRION:CVE-2013-0428

ubuntucve3 cve3 prion2 veracode3 nessus48 suse15 openvas48 ibm12 fedora5 oraclelinux3 centos3 redhat10 amazon1 ubuntu1 cert1 securityvulns1 gentoo1