Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2013-0435

Опубликовано: 01 фев. 2013
Источник: redhat
CVSS2: 4.3
EPSS Низкий

Описание

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality via vectors related to JAX-WS. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper restriction of com.sun.xml.internal packages and "Better handling of UI elements."

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5java-1.4.2-ibmWill not fix
Red Hat Enterprise Linux 5java-1.5.0-ibmNot affected
Red Hat Enterprise Linux 6java-1.5.0-ibmNot affected
Red Hat Enterprise Linux 5java-1.6.0-openjdkFixedRHSA-2013:024608.02.2013
Red Hat Enterprise Linux 5java-1.7.0-openjdkFixedRHSA-2013:024708.02.2013
Red Hat Enterprise Linux 6java-1.6.0-openjdkFixedRHSA-2013:024508.02.2013
Red Hat Enterprise Linux 6java-1.7.0-openjdkFixedRHSA-2013:024708.02.2013
Red Hat Network Satellite Server v 5.4java-1.6.0-ibmFixedRHSA-2013:145523.10.2013
Red Hat Network Satellite Server v 5.5java-1.6.0-ibmFixedRHSA-2013:145623.10.2013
Supplementary for Red Hat Enterprise Linux 5java-1.6.0-sunFixedRHSA-2013:023604.02.2013

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=906892OpenJDK: com.sun.xml.internal.* not restricted packages (JAX-WS, 7201068)

EPSS

Процентиль: 75%
0.00914
Низкий

4.3 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2013-0435

ubuntu
больше 12 лет назад

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality via vectors related to JAX-WS. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper restriction of com.sun.xml.internal packages and "Better handling of UI elements."

nvd логотип

CVE-2013-0435

nvd
больше 12 лет назад

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality via vectors related to JAX-WS. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper restriction of com.sun.xml.internal packages and "Better handling of UI elements."

debian логотип

CVE-2013-0435

debian
больше 12 лет назад

Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...

github логотип

GHSA-hv74-3r93-2vw8

github
больше 3 лет назад

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality via vectors related to JAX-WS. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper restriction of com.sun.xml.internal packages and "Better handling of UI elements."

oracle-oval логотип

ELSA-2013-0246

oracle-oval
больше 12 лет назад

ELSA-2013-0246: java-1.6.0-openjdk security update (IMPORTANT)

EPSS

Процентиль: 75%
0.00914
Низкий

4.3 Medium

CVSS2