Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2013-2407

Опубликовано: 18 июн. 2013
Источник: redhat
CVSS2: 5.8
EPSS Низкий

Описание

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality and availability via unknown vectors related to Libraries. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "XML security and the class loader."

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5java-1.5.0-ibmNot affected
Red Hat Enterprise Linux 6java-1.5.0-ibmNot affected
Oracle Java for Red Hat Enterprise Linux 5java-1.6.0-sunFixedRHSA-2014:041417.04.2014
Oracle Java for Red Hat Enterprise Linux 6java-1.6.0-sunFixedRHSA-2014:041417.04.2014
Red Hat Enterprise Linux 5java-1.7.0-openjdkFixedRHSA-2013:095820.06.2013
Red Hat Enterprise Linux 5java-1.6.0-openjdkFixedRHSA-2013:101403.07.2013
Red Hat Enterprise Linux 6java-1.7.0-openjdkFixedRHSA-2013:095719.06.2013
Red Hat Enterprise Linux 6java-1.6.0-openjdkFixedRHSA-2013:101403.07.2013
Red Hat Network Satellite Server v 5.4java-1.6.0-ibmFixedRHSA-2013:145523.10.2013
Red Hat Network Satellite Server v 5.5java-1.6.0-ibmFixedRHSA-2013:145623.10.2013

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=975127OpenJDK: Integrate Apache Santuario, rework class loader (Libraries, 6741606, 8008744)

EPSS

Процентиль: 90%
0.05349
Низкий

5.8 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2013-2407

ubuntu
около 12 лет назад

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality and availability via unknown vectors related to Libraries. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "XML security and the class loader."

nvd логотип

CVE-2013-2407

nvd
около 12 лет назад

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality and availability via unknown vectors related to Libraries. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "XML security and the class loader."

debian логотип

CVE-2013-2407

debian
около 12 лет назад

Unspecified vulnerability in the Java Runtime Environment (JRE) compon ...

github логотип

GHSA-gf86-x7w3-vm22

github
больше 3 лет назад

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality and availability via unknown vectors related to Libraries. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "XML security and the class loader."

oracle-oval логотип

ELSA-2013-1014

oracle-oval
около 12 лет назад

ELSA-2013-1014: java-1.6.0-openjdk security update (IMPORTANT)

EPSS

Процентиль: 90%
0.05349
Низкий

5.8 Medium

CVSS2