[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2013-2430Date: (C)2013-04-26   (M)2023-12-22


Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; JavaFX 2.2.7 and earlier; and OpenJDK 6 and 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to ImageIO. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "JPEGImageReader state corruption" when using native code.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.6
Exploit Score: 4.9
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: HIGH
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
BID-59243
APPLE-SA-2013-04-16-2
GLSA-201406-32
MDVSA-2013:145
MDVSA-2013:161
RHSA-2013:0752
RHSA-2013:0757
RHSA-2013:0758
RHSA-2013:1455
RHSA-2013:1456
SSRT101252
SSRT101305
SUSE-SU-2013:0814
SUSE-SU-2013:0835
SUSE-SU-2013:0871
SUSE-SU-2013:0934
TA13-107A
USN-1806-1
http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2013-April/022796.html
http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released/
http://blog.fuseyism.com/index.php/2013/04/25/security-icedtea-1-11-11-1-12-5-for-openjdk-6-released/
http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/d868fe7c7618
http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html
https://bugzilla.redhat.com/show_bug.cgi?id=952524
https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0124
https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0130
openSUSE-SU-2013:0777
openSUSE-SU-2013:0964
oval:org.mitre.oval:def:15708
oval:org.mitre.oval:def:19536
oval:org.mitre.oval:def:19715

CPE    143
cpe:/a:sun:jre:1.5.0:update19
cpe:/a:sun:jre:1.5.0:update18
cpe:/a:sun:jre:1.5.0:update17
cpe:/a:sun:jre:1.5.0:update23
...
OVAL    26
oval:org.secpod.oval:def:1600284
oval:org.secpod.oval:def:1600281
oval:org.secpod.oval:def:202670
oval:org.secpod.oval:def:202669
...

© SecPod Technologies