[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2013-0450Date: (C)2013-02-02   (M)2023-12-22


Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper checks of "access control context" in the JMX RequiredModelMBean class.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 10.0
Exploit Score: 10.0
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
BID-57703
GLSA-201406-32
HPSBMU02874
HPSBUX02857
MDVSA-2013:095
RHSA-2013:0236
RHSA-2013:0237
RHSA-2013:0245
RHSA-2013:0246
RHSA-2013:0247
RHSA-2013:1455
RHSA-2013:1456
SSRT101156
TA13-032A
VU#858729
http://icedtea.classpath.org/hg/release/icedtea6-1.11/file/icedtea6-1.11.6/NEWS
http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk/rev/6e0d9f4942af
http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html
https://bugzilla.redhat.com/show_bug.cgi?id=906911
https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0056
openSUSE-SU-2013:0312
openSUSE-SU-2013:0377
oval:org.mitre.oval:def:16550
oval:org.mitre.oval:def:19286
oval:org.mitre.oval:def:19363
oval:org.mitre.oval:def:19572

CPE    130
cpe:/a:sun:jre:1.5.0:update19
cpe:/a:sun:jre:1.5.0:update18
cpe:/a:sun:jre:1.5.0:update17
cpe:/a:sun:jre:1.5.0:update23
...
OVAL    31
oval:org.secpod.oval:def:9137
oval:org.secpod.oval:def:202552
oval:org.secpod.oval:def:202549
oval:org.secpod.oval:def:202548
...

© SecPod Technologies