Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2013-5910

Опубликовано: 14 янв. 2014
Источник: redhat
CVSS2: 4.3
EPSS Низкий

Описание

Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, Java SE Embedded 7u45, and OpenJDK 7 allows remote attackers to affect integrity via unknown vectors related to Security. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that CanonicalizerBase.java in the XML canonicalizer allows untrusted code to access mutable byte arrays.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 7java-1.6.0-openjdkNot affected
Red Hat Enterprise Linux 7java-1.7.0-openjdkNot affected
Red Hat Enterprise Linux 7java-1.7.0-oracleNot affected
Oracle Java for Red Hat Enterprise Linux 5java-1.6.0-sunFixedRHSA-2014:041417.04.2014
Oracle Java for Red Hat Enterprise Linux 6java-1.6.0-sunFixedRHSA-2014:041417.04.2014
Red Hat Enterprise Linux 5java-1.7.0-openjdkFixedRHSA-2014:002715.01.2014
Red Hat Enterprise Linux 5java-1.6.0-openjdkFixedRHSA-2014:009727.01.2014
Red Hat Enterprise Linux 6java-1.7.0-openjdkFixedRHSA-2014:002615.01.2014
Red Hat Enterprise Linux 6java-1.6.0-openjdkFixedRHSA-2014:009727.01.2014
Red Hat Network Satellite Server v 5.4java-1.6.0-ibmFixedRHSA-2014:098229.07.2014

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=1052942OpenJDK: XML canonicalizer mutable strings passed to untrusted code (Security, 8026417)

EPSS

Процентиль: 86%
0.02793
Низкий

4.3 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2013-5910

ubuntu
больше 11 лет назад

Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, Java SE Embedded 7u45, and OpenJDK 7 allows remote attackers to affect integrity via unknown vectors related to Security. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that CanonicalizerBase.java in the XML canonicalizer allows untrusted code to access mutable byte arrays.

nvd логотип

CVE-2013-5910

nvd
больше 11 лет назад

Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, Java SE Embedded 7u45, and OpenJDK 7 allows remote attackers to affect integrity via unknown vectors related to Security. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that CanonicalizerBase.java in the XML canonicalizer allows untrusted code to access mutable byte arrays.

debian логотип

CVE-2013-5910

debian
больше 11 лет назад

Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, Java SE Emb ...

github логотип

GHSA-7rr9-w99c-9r9h

github
около 3 лет назад

Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, Java SE Embedded 7u45, and OpenJDK 7 allows remote attackers to affect integrity via unknown vectors related to Security. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that CanonicalizerBase.java in the XML canonicalizer allows untrusted code to access mutable byte arrays.

oracle-oval логотип

ELSA-2014-0097

oracle-oval
больше 11 лет назад

ELSA-2014-0097: java-1.6.0-openjdk security update (IMPORTANT)

EPSS

Процентиль: 86%
0.02793
Низкий

4.3 Medium

CVSS2