CVE-2013-5904

Опубликовано: 15 янв. 2014

Источник: nvd

CVSS2: 6.8

EPSS Низкий

Описание

Unspecified vulnerability in Oracle Java SE 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.

Комментарий

Per: http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html

"Applies to client deployment of Java only. This vulnerability can be exploited only through sandboxed Java Web Start applications and sandboxed Java applets."

Ссылки

http://marc.info/?l=bugtraq&m=139402697611681&w=2
Third Party Advisory
http://osvdb.org/101993
Broken Link
http://rhn.redhat.com/errata/RHSA-2014-0030.html
Third Party Advisory
http://secunia.com/advisories/56485
Permissions Required
http://secunia.com/advisories/56535
Permissions Required
http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
Vendor Advisory
http://www.securityfocus.com/bid/64758
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/64890
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1029608
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/90336
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777
Third Party Advisory
http://marc.info/?l=bugtraq&m=139402697611681&w=2
Third Party Advisory
http://osvdb.org/101993
Broken Link
http://rhn.redhat.com/errata/RHSA-2014-0030.html
Third Party Advisory
http://secunia.com/advisories/56485
Permissions Required
http://secunia.com/advisories/56535
Permissions Required
http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
Vendor Advisory
http://www.securityfocus.com/bid/64758
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/64890
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1029608
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:oracle:jre:1.7.0:update45:*:*:*:*:*:*

Конфигурация 2

Одно из

cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:5.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_desktop_supplementary:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_hpc_node_supplementary:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_supplementary:5.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_supplementary:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_supplementary_aus:6.5:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_supplementary_eus:6.5.z:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_workstation_supplementary:6.0:*:*:*:*:*:*:*

Конфигурация 3

Одновременно

Одно из

cpe:2.3:a:hp:jdk:*:*:*:*:*:*:*:*

Версия до 7.0.08 (включая)

cpe:2.3:a:hp:jre:*:*:*:*:*:*:*:*

Версия до 7.0.08 (включая)

Одно из

cpe:2.3:o:hp:hp-ux:b.11.23:*:*:*:*:*:*:*

cpe:2.3:o:hp:hp-ux:b.11.31:*:*:*:*:*:*:*

EPSS

Процентиль: 76%

0.00957

Низкий

6.8 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

CVE-2013-5904

ubuntu

около 12 лет назад

Unspecified vulnerability in Oracle Java SE 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.

CVE-2013-5904

redhat

около 12 лет назад

Unspecified vulnerability in Oracle Java SE 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.

CVE-2013-5904

debian

около 12 лет назад

Unspecified vulnerability in Oracle Java SE 7u45 allows remote attacke ...

GHSA-7g5h-7xwq-xxrp

github

больше 3 лет назад

Unspecified vulnerability in Oracle Java SE 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.

EPSS

Процентиль: 76%

0.00957

Низкий

6.8 Medium

CVSS2

Дефекты

NVD-CWE-noinfo