Lucene search

K

PRIOn knowledge basePRION:CVE-2013-1475

HistoryFeb 02, 2013 - 12:55 a.m.

Design/Logic Flaw

2013-02-0200:55:00

PRIOn knowledge base

www.prio-n.com

5.6 Medium

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.048 Low

EPSS

Percentile

92.5%

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to “IIOP type reuse management” in ObjectStreamClass.java.

CPENameOperatorVersion
jdkeq1.7.0 update6
jdkeq1.7.0 update5
jdkeq1.7.0 update7
jdkeq1.7.0 update2
jdkeq1.7.0 update11
jdkeq1.7.0
jdkeq1.7.0 update9
jdkeq1.7.0 update3
jdkeq1.7.0 update1
jdkeq1.7.0 update10

Rows per page:

1-10 of 2411

References

icedtea.classpath.org/hg/release/icedtea6-1.11/file/icedtea6-1.11.6/NEWS

icedtea.classpath.org/hg/release/icedtea7-forest-2.3/corba/rev/127e4c348a71

lists.opensuse.org/opensuse-security-announce/2013-02/msg00014.html

lists.opensuse.org/opensuse-security-announce/2013-03/msg00001.html

rhn.redhat.com/errata/RHSA-2013-0236.html

rhn.redhat.com/errata/RHSA-2013-0237.html

rhn.redhat.com/errata/RHSA-2013-0245.html

rhn.redhat.com/errata/RHSA-2013-0246.html

rhn.redhat.com/errata/RHSA-2013-0247.html

security.gentoo.org/glsa/glsa-201406-32.xml

www-01.ibm.com/support/docview.wss?uid=swg21631786

www.kb.cert.org/vuls/id/858729

www.mandriva.com/security/advisories?name=MDVSA-2013:095

www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html

www.securityfocus.com/bid/57694

www.us-cert.gov/cas/techalerts/TA13-032A.html

bugzilla.redhat.com/show_bug.cgi?id=860652

marc.info/?l=bugtraq&m=136439120408139&w=2

marc.info/?l=bugtraq&m=136570436423916&w=2

marc.info/?l=bugtraq&m=136733161405818&w=2

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16613

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19238

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19325

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19593

wiki.mageia.org/en/Support/Advisories/MGASA-2013-0056

5.6 Medium

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.048 Low

EPSS

Percentile

92.5%

Related for PRION:CVE-2013-1475

ubuntucve3 cve3 prion2 nessus41 redhat9 ibm11 suse4 openvas39 fedora5 oraclelinux3 centos3 amazon1 veracode1 ubuntu1 cert1 securityvulns1 gentoo1