[Forgot Password]
Login  Register Subscribe

24128

 
 

131573

 
 

110210

 
 

909

 
 

86021

 
 

136

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML view JSON

CVE-2013-2383Date: (C)2013-04-26   (M)2018-05-10


Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-1569, CVE-2013-2384, and CVE-2013-2420. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "handling of [a] glyph table" in the International Components for Unicode (ICU) Layout Engine before 51.2.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V3 Severity:CVSS V2 Severity:
CVSS Score : CVSS Score : 10.0
Exploit Score: Exploit Score: 10.0
Impact Score: Impact Score: 10.0
 
CVSS V3 Metrics:CVSS V2 Metrics:
Attack Vector: Access Vector: NETWORK
Attack Complexity: Access Complexity: LOW
Privileges Required: Authentication: NONE
User Interaction: Confidentiality: COMPLETE
Scope: Integrity: COMPLETE
Confidentiality: Availability: COMPLETE
Integrity:  
Availability:  
  
Reference:
BID-59190
APPLE-SA-2013-04-16-2
GLSA-201406-32
HPSBUX02889
HPSBUX02922
IAVM:2013-A-0084
IAVM:2013-A-0085
MDVSA-2013:145
MDVSA-2013:161
RHSA-2013:0752
RHSA-2013:0757
RHSA-2013:0758
RHSA-2013:1455
RHSA-2013:1456
SSRT101252
SSRT101305
SUSE-SU-2013:0814
SUSE-SU-2013:0835
SUSE-SU-2013:0871
SUSE-SU-2013:0934
TA13-107A
USN-1806-1
http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2013-April/022796.html
http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released/
http://blog.fuseyism.com/index.php/2013/04/25/security-icedtea-1-11-11-1-12-5-for-openjdk-6-released/
http://bugs.icu-project.org/trac/ticket/10107
http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/6784c9903db7
http://site.icu-project.org/download/51#TOC-Known-Issues
http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html
https://bugzilla.redhat.com/show_bug.cgi?id=952708
https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0124
https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0130
openSUSE-SU-2013:0777
openSUSE-SU-2013:0964

CPE    180
cpe:/a:oracle:jre:1.7.0:update15
cpe:/a:oracle:jre:1.7.0:update13
cpe:/a:oracle:jre:1.7.0:update17
cpe:/a:oracle:jdk:1.7.0:update15
...
OVAL    35
oval:org.secpod.oval:def:10803
oval:org.secpod.oval:def:10789
oval:org.secpod.oval:def:701275
oval:org.secpod.oval:def:601986
...

© SecPod Technologies