[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2013-2449Date: (C)2013-06-18   (M)2023-12-22


Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Libraries. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to GnomeFileTypeDetector and a missing check for read permissions for a path.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 4.3
Exploit Score: 8.6
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: PARTIAL
Integrity: NONE
Availability: NONE
  
Reference:
SECUNIA-54154
GLSA-201406-32
HPSBUX02907
MDVSA-2013:183
RHSA-2013:0963
RHSA-2013:1060
SUSE-SU-2013:1257
TA13-169A
http://advisories.mageia.org/MGASA-2013-0185.html
http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/b1a2b9ac9714
http://www-01.ibm.com/support/docview.wss?uid=swg21642336
http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html
https://bugzilla.redhat.com/show_bug.cgi?id=975145
oval:org.mitre.oval:def:17192
oval:org.mitre.oval:def:18717

CPE    28
cpe:/a:oracle:jre:1.7.0:update11
cpe:/a:oracle:jdk:1.7.0
cpe:/a:oracle:jre:1.7.0
cpe:/a:oracle:jre:1.7.0:update10
...
OVAL    14
oval:org.secpod.oval:def:15569
oval:org.secpod.oval:def:505644
oval:org.secpod.oval:def:1600297
oval:org.secpod.oval:def:1503938
...

© SecPod Technologies