CVE-2013-1475

2013-02-0100:00:00

ubuntu.com

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.048 Low

EPSS

Percentile

92.6%

JSON

Unspecified vulnerability in the Java Runtime Environment (JRE) component
in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through
Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote
attackers to affect confidentiality, integrity, and availability via
vectors related to CORBA. NOTE: the previous information is from the
February 2013 CPU. Oracle has not commented on claims from another vendor
that this issue is related to “IIOP type reuse management” in
ObjectStreamClass.java.

OSVersionArchitecturePackageVersionFilename
ubuntu8.04noarchopenjdk-6< 6b27-1.12.3-0ubuntu1~08.04.1UNKNOWN
ubuntu10.04noarchopenjdk-6< 6b27-1.12.1-2ubuntu0.10.04.2UNKNOWN
ubuntu11.10noarchopenjdk-6< 6b27-1.12.1-2ubuntu0.11.10.2UNKNOWN
ubuntu12.04noarchopenjdk-6< 6b27-1.12.1-2ubuntu0.12.04.2UNKNOWN
ubuntu12.10noarchopenjdk-6< 6b27-1.12.1-2ubuntu0.12.10.2UNKNOWN
ubuntu11.10noarchopenjdk-7< 7u13-2.3.6-0ubuntu0.11.10.2UNKNOWN
ubuntu12.04noarchopenjdk-7< 7u13-2.3.6-0ubuntu0.12.04.1UNKNOWN
ubuntu12.10noarchopenjdk-7< 7u13-2.3.6-0ubuntu0.12.10.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	8.04	noarch	openjdk-6	< 6b27-1.12.3-0ubuntu1~08.04.1	UNKNOWN
ubuntu	10.04	noarch	openjdk-6	< 6b27-1.12.1-2ubuntu0.10.04.2	UNKNOWN
ubuntu	11.10	noarch	openjdk-6	< 6b27-1.12.1-2ubuntu0.11.10.2	UNKNOWN
ubuntu	12.04	noarch	openjdk-6	< 6b27-1.12.1-2ubuntu0.12.04.2	UNKNOWN
ubuntu	12.10	noarch	openjdk-6	< 6b27-1.12.1-2ubuntu0.12.10.2	UNKNOWN
ubuntu	11.10	noarch	openjdk-7	< 7u13-2.3.6-0ubuntu0.11.10.2	UNKNOWN
ubuntu	12.04	noarch	openjdk-7	< 7u13-2.3.6-0ubuntu0.12.04.1	UNKNOWN
ubuntu	12.10	noarch	openjdk-7	< 7u13-2.3.6-0ubuntu0.12.10.1	UNKNOWN