[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2013-2453Date: (C)2013-06-18   (M)2023-12-22


Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier allows remote attackers to affect integrity via vectors related to JMX. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is due to a missing check for "package access" by the MBeanServer Introspector.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 5.0
Exploit Score: 10.0
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: NONE
Integrity: PARTIAL
Availability: NONE
  
Reference:
SECUNIA-54154
BID-60644
GLSA-201406-32
HPSBUX02907
HPSBUX02908
MDVSA-2013:183
RHSA-2013:0963
RHSA-2013:1059
RHSA-2013:1060
RHSA-2013:1455
RHSA-2013:1456
RHSA-2014:0414
SUSE-SU-2013:1255
SUSE-SU-2013:1256
SUSE-SU-2013:1257
SUSE-SU-2013:1305
TA13-169A
http://advisories.mageia.org/MGASA-2013-0185.html
http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/c14aa930b032
http://www-01.ibm.com/support/docview.wss?uid=swg21642336
http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html
https://bugzilla.redhat.com/show_bug.cgi?id=975134
oval:org.mitre.oval:def:16545
oval:org.mitre.oval:def:19588
oval:org.mitre.oval:def:19611

CPE    70
cpe:/a:sun:jre:1.6.0:update_21
cpe:/a:sun:jre:1.6.0:update_20
cpe:/a:sun:jre:1.6.0:update_16
cpe:/a:sun:jre:1.6.0:update_15
...
OVAL    24
oval:org.secpod.oval:def:15565
oval:org.secpod.oval:def:14242
oval:org.secpod.oval:def:701364
oval:org.secpod.oval:def:701363
...

© SecPod Technologies