Lucene search

K
ubuntucveUbuntu.comUB:CVE-2013-5910
HistoryJan 15, 2014 - 12:00 a.m.

CVE-2013-5910

2014-01-1500:00:00
ubuntu.com
ubuntu.com
16

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

EPSS

0.011

Percentile

84.8%

Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, Java SE Embedded
7u45, and OpenJDK 7 allows remote attackers to affect integrity via unknown
vectors related to Security. NOTE: the previous information is from the
January 2014 CPU. Oracle has not commented on third-party claims that
CanonicalizerBase.java in the XML canonicalizer allows untrusted code to
access mutable byte arrays.

Notes

Author Note
mdeslaur in lucid+, NetX and the plugin moved to the icedtea-web package
jdstrand sun-java6 is not redistributable, no longer in the archive and no longer tracked sun-java5 is EOL upstream and no longer tracked
OSVersionArchitecturePackageVersionFilename
ubuntu10.04noarchopenjdk-6< 6b30-1.13.1-1ubuntu2~0.10.04.1UNKNOWN
ubuntu12.04noarchopenjdk-6< 6b30-1.13.1-1ubuntu2~0.12.04.1UNKNOWN
ubuntu12.10noarchopenjdk-6< 6b30-1.13.1-1ubuntu2~0.12.10.1UNKNOWN
ubuntu13.10noarchopenjdk-6< 6b30-1.13.1-1ubuntu2~0.13.10.1UNKNOWN
ubuntu12.04noarchopenjdk-7< 7u51-2.4.4-0ubuntu0.12.04.2UNKNOWN
ubuntu12.10noarchopenjdk-7< 7u51-2.4.4-0ubuntu0.12.10.2UNKNOWN
ubuntu13.04noarchopenjdk-7< 7u51-2.4.4-0ubuntu0.13.04.2UNKNOWN
ubuntu13.10noarchopenjdk-7< 7u51-2.4.4-0ubuntu0.13.10.1UNKNOWN

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

EPSS

0.011

Percentile

84.8%