Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2013-5878
HistoryJan 15, 2014 - 12:00 a.m.

CVE-2013-5878

2014-01-1500:00:00
ubuntu.com
ubuntu.com
11

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.106 Low

EPSS

Percentile

95.0%

JSON

Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, Java SE Embedded
7u45, and OpenJDK 7 allows remote attackers to affect confidentiality,
integrity, and availability via unknown vectors related to Security. NOTE:
the previous information is from the January 2014 CPU. Oracle has not
commented on third-party claims that the Security component does not
properly handle null XML namespace (xmlns) attributes during XML document
canonicalization, which allows attackers to escape the sandbox.

Notes

Author Note
mdeslaur in lucid+, NetX and the plugin moved to the icedtea-web package
jdstrand sun-java6 is not redistributable, no longer in the archive and no longer tracked sun-java5 is EOL upstream and no longer tracked
OSVersionArchitecturePackageVersionFilename
ubuntu10.04noarchopenjdk-6< 6b30-1.13.1-1ubuntu2~0.10.04.1UNKNOWN
ubuntu12.04noarchopenjdk-6< 6b30-1.13.1-1ubuntu2~0.12.04.1UNKNOWN
ubuntu12.10noarchopenjdk-6< 6b30-1.13.1-1ubuntu2~0.12.10.1UNKNOWN
ubuntu13.10noarchopenjdk-6< 6b30-1.13.1-1ubuntu2~0.13.10.1UNKNOWN
ubuntu12.04noarchopenjdk-7< 7u51-2.4.4-0ubuntu0.12.04.2UNKNOWN
ubuntu12.10noarchopenjdk-7< 7u51-2.4.4-0ubuntu0.12.10.2UNKNOWN
ubuntu13.04noarchopenjdk-7< 7u51-2.4.4-0ubuntu0.13.04.2UNKNOWN
ubuntu13.10noarchopenjdk-7< 7u51-2.4.4-0ubuntu0.13.10.1UNKNOWN

Related

veracode 13
seebug 1
cve 1
prion 1
ibm 9
nessus 36
openvas 36
oraclelinux 3
ubuntu 3
amazon 2
centos 3
redhat 9
mageia 1
suse 5
aix 1
kaspersky 1
f5 2
securityvulns 1
oracle 1
gentoo 1
veracode
veracode
Sandbox Restrictions Bypass
2019-01-15 08:57:50
Sandbox Restrictions Bypass
2019-05-02 05:01:06
Sandbox Restrictions Bypass
2019-05-02 05:01:07
seebug
seebug
Oracle Java SE远程安全漏洞
2014-02-19 00:00:00
cve
cve
CVE-2013-5878
2014-01-15 16:11:00
prion
prion
Design/Logic Flaw
2014-01-15 16:11:00
ibm
ibm
How to download interim fixes to patch IBM JRE CVEs
2018-06-17 14:48:53
Security Bulletin: Multiple vulnerabilities in current releases of IBM® SDK, Java™ Technology Edition
2018-06-25 05:54:54
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Virtualization Engine TS7700 - January 2014
2018-06-18 00:09:03
nessus
nessus
Scientific Linux Security Update : java-1.6.0-openjdk on SL5.x, SL6.x i386/x86_64 (20140127)
2014-01-28 00:00:00
Ubuntu 10.04 LTS / 12.04 LTS : openjdk-6 regression (USN-2124-2)
2014-04-08 00:00:00
Ubuntu 10.04 LTS / 12.04 LTS : openjdk-6 vulnerabilities (USN-2124-1)
2014-02-28 00:00:00
openvas
openvas
Amazon Linux: Security Advisory (ALAS-2014-283)
2015-09-08 00:00:00
CentOS Update for java CESA-2014:0097 centos5
2014-01-30 00:00:00
CentOS Update for java CESA-2014:0097 centos6
2014-01-30 00:00:00
oraclelinux
oraclelinux
java-1.6.0-openjdk security update
2014-01-27 00:00:00
java-1.7.0-openjdk security update
2014-01-14 00:00:00
java-1.7.0-openjdk security update
2014-01-14 00:00:00
ubuntu
ubuntu
OpenJDK 6 vulnerabilities
2014-02-27 00:00:00
OpenJDK 6 regression
2014-04-08 00:00:00
OpenJDK 7 vulnerabilities
2014-01-23 00:00:00
amazon
amazon
Important: java-1.6.0-openjdk
2014-02-03 15:27:00
Critical: java-1.7.0-openjdk
2014-01-15 10:28:00
centos
centos
java security update
2014-01-27 22:53:27
java security update
2014-01-15 11:04:23
java security update
2014-01-15 11:16:34
redhat
redhat
(RHSA-2014:0097) Important: java-1.6.0-openjdk security update
2014-01-27 00:00:00
(RHSA-2014:0026) Critical: java-1.7.0-openjdk security update
2014-01-15 00:00:00
(RHSA-2014:0027) Important: java-1.7.0-openjdk security update
2014-01-15 00:00:00
mageia
mageia
Updated java-1.7.0-openjdk package fixes multiple security vulnerabilities
2014-01-21 20:22:18
suse
suse
Security update for IBM Java (important)
2014-02-18 13:04:15
Security update for IBM Java 6 (important)
2014-02-21 15:04:13
Security update for IBM Java 6 (important)
2014-03-26 18:04:12
aix
aix
AIX Java Multiple Vulnerabilities (Oracle Java 2014 CPU)
2014-03-06 13:24:59
kaspersky
kaspersky
KLA10511 Multiple vulnerabilities in Oracle products
2014-01-15 00:00:00
f5
f5
SOL53146535 - Multiple Sun Java vulnerabilities
2015-12-30 00:00:00
K53146535 : Multiple Sun Java vulnerabilities
2015-12-31 00:00:00
securityvulns
securityvulns
Oracle / Sun / MySQL / PeopleSoft / OpenJDK applications multiple security vulnerabilities
2014-05-05 00:00:00
oracle
oracle
Oracle Critical Patch Update - January 2014
2014-01-14 00:00:00
gentoo
gentoo
Oracle JRE/JDK: Multiple vulnerabilities
2014-01-27 00:00:00

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.106 Low

EPSS

Percentile

95.0%

JSON
Related for UB:CVE-2013-5878
veracode13seebug1cve1prion1ibm9nessus36openvas36oraclelinux3ubuntu3amazon2centos3redhat9mageia1suse5aix1kaspersky1f52securityvulns1oracle1gentoo1