10

CVE-2013-2465

Warnung

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.  NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect image channel verification" in 2D.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
OracleJre Version1.7.0 Update-
OracleJre Version1.7.0 Updateupdate1
OracleJre Version1.7.0 Updateupdate10
OracleJre Version1.7.0 Updateupdate11
OracleJre Version1.7.0 Updateupdate13
OracleJre Version1.7.0 Updateupdate15
OracleJre Version1.7.0 Updateupdate17
OracleJre Version1.7.0 Updateupdate2
OracleJre Version1.7.0 Updateupdate21
OracleJre Version1.7.0 Updateupdate3
OracleJre Version1.7.0 Updateupdate4
OracleJre Version1.7.0 Updateupdate5
OracleJre Version1.7.0 Updateupdate6
OracleJre Version1.7.0 Updateupdate7
OracleJre Version1.7.0 Updateupdate9
OracleJre Version1.6.0 Update-
OracleJre Version1.6.0 Updateupdate22
OracleJre Version1.6.0 Updateupdate23
OracleJre Version1.6.0 Updateupdate24
OracleJre Version1.6.0 Updateupdate25
OracleJre Version1.6.0 Updateupdate26
OracleJre Version1.6.0 Updateupdate27
OracleJre Version1.6.0 Updateupdate29
OracleJre Version1.6.0 Updateupdate30
OracleJre Version1.6.0 Updateupdate31
OracleJre Version1.6.0 Updateupdate32
OracleJre Version1.6.0 Updateupdate33
OracleJre Version1.6.0 Updateupdate34
OracleJre Version1.6.0 Updateupdate35
OracleJre Version1.6.0 Updateupdate37
OracleJre Version1.6.0 Updateupdate38
OracleJre Version1.6.0 Updateupdate39
OracleJre Version1.6.0 Updateupdate41
OracleJre Version1.6.0 Updateupdate43
OracleJre Version1.6.0 Updateupdate45
SunJre Version1.6.0 Updateupdate_1
SunJre Version1.6.0 Updateupdate_10
SunJre Version1.6.0 Updateupdate_11
SunJre Version1.6.0 Updateupdate_12
SunJre Version1.6.0 Updateupdate_13
SunJre Version1.6.0 Updateupdate_14
SunJre Version1.6.0 Updateupdate_15
SunJre Version1.6.0 Updateupdate_16
SunJre Version1.6.0 Updateupdate_17
SunJre Version1.6.0 Updateupdate_18
SunJre Version1.6.0 Updateupdate_19
SunJre Version1.6.0 Updateupdate_20
SunJre Version1.6.0 Updateupdate_21
SunJre Version1.6.0 Updateupdate_3
SunJre Version1.6.0 Updateupdate_4
SunJre Version1.6.0 Updateupdate_5
SunJre Version1.6.0 Updateupdate_6
SunJre Version1.6.0 Updateupdate_7
SunJre Version1.6.0 Updateupdate_9
OracleJre Version1.5.0 Update-
OracleJre Version1.5.0 Updateupdate36
OracleJre Version1.5.0 Updateupdate38
OracleJre Version1.5.0 Updateupdate39
OracleJre Version1.5.0 Updateupdate40
OracleJre Version1.5.0 Updateupdate41
OracleJre Version1.5.0 Updateupdate45
SunJre Version1.5.0 Updateupdate1
SunJre Version1.5.0 Updateupdate10
SunJre Version1.5.0 Updateupdate11
SunJre Version1.5.0 Updateupdate12
SunJre Version1.5.0 Updateupdate13
SunJre Version1.5.0 Updateupdate14
SunJre Version1.5.0 Updateupdate15
SunJre Version1.5.0 Updateupdate16
SunJre Version1.5.0 Updateupdate17
SunJre Version1.5.0 Updateupdate18
SunJre Version1.5.0 Updateupdate19
SunJre Version1.5.0 Updateupdate2
SunJre Version1.5.0 Updateupdate20
SunJre Version1.5.0 Updateupdate21
SunJre Version1.5.0 Updateupdate22
SunJre Version1.5.0 Updateupdate23
SunJre Version1.5.0 Updateupdate24
SunJre Version1.5.0 Updateupdate25
SunJre Version1.5.0 Updateupdate26
SunJre Version1.5.0 Updateupdate27
SunJre Version1.5.0 Updateupdate28
SunJre Version1.5.0 Updateupdate29
SunJre Version1.5.0 Updateupdate3
SunJre Version1.5.0 Updateupdate31
SunJre Version1.5.0 Updateupdate33
SunJre Version1.5.0 Updateupdate4
SunJre Version1.5.0 Updateupdate5
SunJre Version1.5.0 Updateupdate6
SunJre Version1.5.0 Updateupdate7
SunJre Version1.5.0 Updateupdate8
SunJre Version1.5.0 Updateupdate9
SuseLinux Enterprise Desktop Version10 Updatesp4 SwEdition-
SuseLinux Enterprise Java Version10 Updatesp4
SuseLinux Enterprise Java Version11 Updatesp2
SuseLinux Enterprise Java Version11 Updatesp3
SuseLinux Enterprise Server Version10 Updatesp3 SwEditionltss
SuseLinux Enterprise Server Version10 Updatesp4 SwEdition-
SuseLinux Enterprise Server Version11 Updatesp2 SwPlatform-
SuseLinux Enterprise Server Version11 Updatesp2 SwPlatformvmware
SuseLinux Enterprise Server Version11 Updatesp3 SwPlatform-
SuseLinux Enterprise Server Version11 Updatesp3 SwPlatformvmware

28.03.2022: CISA Known Exploited Vulnerabilities (KEV) Catalog

Oracle Java SE Unspecified Vulnerability

Schwachstelle

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE allows remote attackers to affect confidentiality, integrity, and availability via Unknown vectors related to 2D

Beschreibung

Apply updates per vendor instructions.

Erforderliche Maßnahmen
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 93.56% 0.998
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C
134c704f-9b21-4f2e-91b3-4a467353bcc0 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE-693 Protection Mechanism Failure

The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product.

http://marc.info/?l=bugtraq&m=137545592101387&w=2
Third Party Advisory
Mailing List
http://www.us-cert.gov/ncas/alerts/TA13-169A
Third Party Advisory
US Government Resource
http://marc.info/?l=bugtraq&m=137545505800971&w=2
Third Party Advisory
Mailing List
http://www.securityfocus.com/bid/60657
Third Party Advisory
Broken Link
VDB Entry