ID CVE-2013-2416
Summary Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment.
References
Vulnerable Configurations
  • cpe:2.3:a:oracle:jre:1.7.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.7.0:update10:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.7.0:update10:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.7.0:update11:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.7.0:update11:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.7.0:update13:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.7.0:update13:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.7.0:update15:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.7.0:update15:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.7.0:update17:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.7.0:update17:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.7.0:update7:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.7.0:update7:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.7.0:update9:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.7.0:update9:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.7.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.7.0:update10:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.7.0:update10:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.7.0:update11:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.7.0:update11:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.7.0:update13:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.7.0:update13:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.7.0:update15:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.7.0:update15:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.7.0:update17:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.7.0:update17:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.7.0:update5:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.7.0:update5:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.7.0:update6:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.7.0:update6:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.7.0:update7:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.7.0:update7:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.7.0:update9:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.7.0:update9:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 19-09-2017 - 01:36)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
assigner via4 cve@mitre.org
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:P/A:N
non_vulnerable_configuration via4
    oval via4
    accepted 2013-06-03T04:02:58.086-04:00
    class vulnerability
    contributors
    name Sergey Artykhov
    organization ALTX-SOFT
    definition_extensions
    comment Java SE Runtime Environment 7 is installed
    oval oval:org.mitre.oval:def:16050
    description Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment.
    family windows
    id oval:org.mitre.oval:def:16464
    status accepted
    submitted 2013-04-17T10:26:26.748+04:00
    title Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before. Difficult to exploit vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some Java Runtime Environment accessible data.
    version 5
    redhat via4
    advisories
    rhsa
    id RHSA-2013:0757
    refmap via4
    cert TA13-107A
    confirm http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html
    vulnerable_product via4
    • cpe:2.3:a:oracle:jre:1.7.0:*:*:*:*:*:*:*
    • cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*
    • cpe:2.3:a:oracle:jre:1.7.0:update10:*:*:*:*:*:*
    • cpe:2.3:a:oracle:jre:1.7.0:update11:*:*:*:*:*:*
    • cpe:2.3:a:oracle:jre:1.7.0:update13:*:*:*:*:*:*
    • cpe:2.3:a:oracle:jre:1.7.0:update15:*:*:*:*:*:*
    • cpe:2.3:a:oracle:jre:1.7.0:update17:*:*:*:*:*:*
    • cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*
    • cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*
    • cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*
    • cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*
    • cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*
    • cpe:2.3:a:oracle:jre:1.7.0:update7:*:*:*:*:*:*
    • cpe:2.3:a:oracle:jre:1.7.0:update9:*:*:*:*:*:*
    • cpe:2.3:a:oracle:jdk:1.7.0:*:*:*:*:*:*:*
    • cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*
    • cpe:2.3:a:oracle:jdk:1.7.0:update10:*:*:*:*:*:*
    • cpe:2.3:a:oracle:jdk:1.7.0:update11:*:*:*:*:*:*
    • cpe:2.3:a:oracle:jdk:1.7.0:update13:*:*:*:*:*:*
    • cpe:2.3:a:oracle:jdk:1.7.0:update15:*:*:*:*:*:*
    • cpe:2.3:a:oracle:jdk:1.7.0:update17:*:*:*:*:*:*
    • cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*
    • cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*
    • cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*
    • cpe:2.3:a:oracle:jdk:1.7.0:update5:*:*:*:*:*:*
    • cpe:2.3:a:oracle:jdk:1.7.0:update6:*:*:*:*:*:*
    • cpe:2.3:a:oracle:jdk:1.7.0:update7:*:*:*:*:*:*
    • cpe:2.3:a:oracle:jdk:1.7.0:update9:*:*:*:*:*:*
    Last major update 19-09-2017 - 01:36
    Published 17-04-2013 - 18:55
    Back to Top