[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2013-1475Date: (C)2013-02-02   (M)2023-12-22


Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "IIOP type reuse management" in ObjectStreamClass.java.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 10.0
Exploit Score: 10.0
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
BID-57694
GLSA-201406-32
HPSBMU02874
HPSBUX02857
MDVSA-2013:095
RHSA-2013:0236
RHSA-2013:0237
RHSA-2013:0245
RHSA-2013:0246
RHSA-2013:0247
SSRT101156
TA13-032A
VU#858729
http://icedtea.classpath.org/hg/release/icedtea6-1.11/file/icedtea6-1.11.6/NEWS
http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/corba/rev/127e4c348a71
http://www-01.ibm.com/support/docview.wss?uid=swg21631786
http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html
https://bugzilla.redhat.com/show_bug.cgi?id=860652
https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0056
openSUSE-SU-2013:0312
openSUSE-SU-2013:0377
oval:org.mitre.oval:def:16613
oval:org.mitre.oval:def:19238
oval:org.mitre.oval:def:19325
oval:org.mitre.oval:def:19593

CPE    207
cpe:/a:sun:jre:1.5.0:update19
cpe:/a:sun:jre:1.5.0:update18
cpe:/a:sun:jre:1.5.0:update17
cpe:/a:sun:jre:1.5.0:update23
...
OVAL    31
oval:org.secpod.oval:def:202552
oval:org.secpod.oval:def:9132
oval:org.secpod.oval:def:202549
oval:org.secpod.oval:def:202548
...

© SecPod Technologies