[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96174

 
 

909

 
 

78077

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2013-2383

Date: (C)2013-04-26   (M)2017-10-04
 
CVSS Score: 10.0Access Vector: NETWORK
Exploitability Subscore: 10.0Access Complexity: LOW
Impact Subscore: 10.0Authentication: NONE
 Confidentiality: COMPLETE
 Integrity: COMPLETE
 Availability: COMPLETE











Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-1569, CVE-2013-2384, and CVE-2013-2420. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "handling of [a] glyph table" in the International Components for Unicode (ICU) Layout Engine before 51.2.

Reference:
BID-59190
APPLE-SA-2013-04-16-2
GLSA-201406-32
HPSBUX02889
HPSBUX02922
IAVM:2013-A-0084
IAVM:2013-A-0085
MDVSA-2013:145
MDVSA-2013:161
RHSA-2013:0752
RHSA-2013:0757
RHSA-2013:0758
RHSA-2013:1455
RHSA-2013:1456
SSRT101252
SSRT101305
SUSE-SU-2013:0814
SUSE-SU-2013:0835
SUSE-SU-2013:0871
SUSE-SU-2013:0934
TA13-107A
USN-1806-1
http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2013-April/022796.html
http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released/
http://blog.fuseyism.com/index.php/2013/04/25/security-icedtea-1-11-11-1-12-5-for-openjdk-6-released/
http://bugs.icu-project.org/trac/ticket/10107
http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/6784c9903db7
http://site.icu-project.org/download/51#TOC-Known-Issues
http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html
https://bugzilla.redhat.com/show_bug.cgi?id=952708
https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0124
https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0130
openSUSE-SU-2013:0777
openSUSE-SU-2013:0964

CPE    180
cpe:/a:sun:jre:1.5.0:update11
cpe:/a:sun:jdk:1.5.0:update11
cpe:/a:sun:jdk:1.6.0:update1
cpe:/a:sun:jre:1.5.0:update13
...
OVAL    35
oval:org.secpod.oval:def:1600284
oval:org.secpod.oval:def:1600281
oval:org.secpod.oval:def:202670
oval:org.secpod.oval:def:105416
...

© 2013 SecPod Technologies