[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248149

 
 

909

 
 

194803

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2013-2407Date: (C)2013-06-18   (M)2023-12-22


Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality and availability via unknown vectors related to Libraries. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "XML security and the class loader."

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 6.4
Exploit Score: 10.0
Impact Score: 4.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: NONE
Availability: PARTIAL
  
Reference:
SECUNIA-54154
BID-60653
GLSA-201406-32
HPSBUX02907
HPSBUX02908
MDVSA-2013:183
RHSA-2013:0963
RHSA-2013:1059
RHSA-2013:1060
RHSA-2013:1455
RHSA-2013:1456
RHSA-2014:0414
SUSE-SU-2013:1255
SUSE-SU-2013:1256
SUSE-SU-2013:1257
SUSE-SU-2013:1305
TA13-169A
http://advisories.mageia.org/MGASA-2013-0185.html
http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/0e80792291c0
http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/c82ed89b21bc
http://www-01.ibm.com/support/docview.wss?uid=swg21642336
http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html
https://bugzilla.redhat.com/show_bug.cgi?id=975127
oval:org.mitre.oval:def:17195
oval:org.mitre.oval:def:18622
oval:org.mitre.oval:def:19568

CPE    70
cpe:/a:sun:jre:1.6.0:update_21
cpe:/a:sun:jre:1.6.0:update_20
cpe:/a:sun:jre:1.6.0:update_16
cpe:/a:sun:jre:1.6.0:update_15
...
OVAL    24
oval:org.secpod.oval:def:14242
oval:org.secpod.oval:def:15579
oval:org.secpod.oval:def:701364
oval:org.secpod.oval:def:701363
...

© SecPod Technologies