ID CVE-2013-2467
Summary Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 5.0 Update 45 and earlier allows local users to affect confidentiality, integrity, and availability via unknown vectors related to the Java installer.
References
Vulnerable Configurations
  • Oracle JRE 1.5.0_38 (Update 38)
    cpe:2.3:a:oracle:jre:1.5.0:update_38
  • Oracle JRE 1.5.0_36 (JRE 5.0 Update 36)
    cpe:2.3:a:oracle:jre:1.5.0:update_36
  • Sun JRE 1.5.0_33 (JRE 5.0 Update 33)
    cpe:2.3:a:sun:jre:1.5.0:update33
  • Sun JRE 1.5.0_31 (JRE 5.0 Update 31)
    cpe:2.3:a:sun:jre:1.5.0:update31
  • Sun JRE 1.5.0_29 (JRE 5.0 Update 29)
    cpe:2.3:a:sun:jre:1.5.0:update29
  • Sun JRE 1.5.0_28 (JRE 5.0 Update 28)
    cpe:2.3:a:sun:jre:1.5.0:update28
  • Sun JRE 1.5.0_27 (JRE 5.0 Update 27)
    cpe:2.3:a:sun:jre:1.5.0:update27
  • Sun JRE 1.5.0_26 (JRE 5.0 Update 26)
    cpe:2.3:a:sun:jre:1.5.0:update26
  • Sun JRE 1.5.0_25 (JRE 5.0 Update 25)
    cpe:2.3:a:sun:jre:1.5.0:update25
  • Sun JRE 1.5.0_24 (JRE 5.0 Update 24)
    cpe:2.3:a:sun:jre:1.5.0:update24
  • Sun JRE 1.5.0_23 (JRE 5.0 Update 23)
    cpe:2.3:a:sun:jre:1.5.0:update23
  • Sun JRE 1.5.0_22 (JRE 5.0 Update 22)
    cpe:2.3:a:sun:jre:1.5.0:update22
  • Sun JRE 1.5.0_21 (JRE 5.0 Update 21)
    cpe:2.3:a:sun:jre:1.5.0:update21
  • Sun JRE 1.5.0_20 (JRE 5.0 Update 20)
    cpe:2.3:a:sun:jre:1.5.0:update20
  • Sun JRE 1.5.0_19 (JRE 5.0 Update 19)
    cpe:2.3:a:sun:jre:1.5.0:update19
  • Sun JRE 1.5.0_18 (JRE 5.0 Update 18)
    cpe:2.3:a:sun:jre:1.5.0:update18
  • Sun JRE 1.5.0_17 (JRE 5.0 Update 17)
    cpe:2.3:a:sun:jre:1.5.0:update17
  • Sun JRE 1.5.0_16 (JRE 5.0 Update 16)
    cpe:2.3:a:sun:jre:1.5.0:update16
  • Sun JRE 1.5.0_15 (JRE 5.0 Update 15)
    cpe:2.3:a:sun:jre:1.5.0:update15
  • Sun JRE 1.5.0_14 (JRE 5.0 Update 14)
    cpe:2.3:a:sun:jre:1.5.0:update14
  • Sun JRE 1.5.0_13 (JRE 5.0 Update 13)
    cpe:2.3:a:sun:jre:1.5.0:update13
  • Sun JRE 1.5.0_12 (JRE 5.0 Update 12)
    cpe:2.3:a:sun:jre:1.5.0:update12
  • Sun JRE 1.5.0_11 (JRE 5.0 Update 11)
    cpe:2.3:a:sun:jre:1.5.0:update11
  • Sun JRE 1.5.0_10 (JRE 5.0 Update 10)
    cpe:2.3:a:sun:jre:1.5.0:update10
  • Sun JRE 1.5.0_9 (JRE 5.0 Update 9)
    cpe:2.3:a:sun:jre:1.5.0:update9
  • Sun JRE 1.5.0_8 (JRE 5.0 Update 8)
    cpe:2.3:a:sun:jre:1.5.0:update8
  • Sun JRE 1.5.0_7 (JRE 5.0 Update 7)
    cpe:2.3:a:sun:jre:1.5.0:update7
  • Sun JRE 1.5.0_6 (JRE 5.0 Update 6)
    cpe:2.3:a:sun:jre:1.5.0:update6
  • Sun JRE 1.5.0_5 (JRE 5.0 Update 5)
    cpe:2.3:a:sun:jre:1.5.0:update5
  • Sun JRE 1.5.0_4 (JRE 5.0 Update 4)
    cpe:2.3:a:sun:jre:1.5.0:update4
  • Sun JRE 1.5.0_3 (JRE 5.0 Update 3)
    cpe:2.3:a:sun:jre:1.5.0:update3
  • Sun JRE 1.5.0_2 (JRE 5.0 Update 2)
    cpe:2.3:a:sun:jre:1.5.0:update2
  • Sun JRE 1.5.0_1 (JRE 5.0 Update 1)
    cpe:2.3:a:sun:jre:1.5.0:update1
  • Sun JRE 1.5.0
    cpe:2.3:a:sun:jre:1.5.0
  • Oracle JRE 1.5.0_40 (Update 40)
    cpe:2.3:a:oracle:jre:1.5.0:update_40
  • Oracle JRE 1.5.0_39 (Update 39)
    cpe:2.3:a:oracle:jre:1.5.0:update_39
  • Oracle JRE 1.5.0_41 (Update 41)
    cpe:2.3:a:oracle:jre:1.5.0:update_41
  • Oracle JRE 1.5.0_45 (Update 45)
    cpe:2.3:a:oracle:jre:1.5.0:update_45
  • Oracle JDK 1.5.0 Update 38
    cpe:2.3:a:oracle:jdk:1.5.0:update_38
  • Oracle JDK 1.5.0 Update 36
    cpe:2.3:a:oracle:jdk:1.5.0:update_36
  • Sun JDK 1.5.0_33 (JDK 5.0 Update 33)
    cpe:2.3:a:sun:jdk:1.5.0:update33
  • Sun JDK 5.0 Update 31
    cpe:2.3:a:sun:jdk:1.5.0:update31
  • Sun JDK 5.0 Update 29
    cpe:2.3:a:sun:jdk:1.5.0:update29
  • Sun JDK 5.0 Update 28
    cpe:2.3:a:sun:jdk:1.5.0:update28
  • Sun JDK 5.0 Update 27
    cpe:2.3:a:sun:jdk:1.5.0:update27
  • Sun JDK 5.0 Update 26
    cpe:2.3:a:sun:jdk:1.5.0:update26
  • Sun JDK 5.0 Update 25
    cpe:2.3:a:sun:jdk:1.5.0:update25
  • Sun JDK 5.0 Update 24
    cpe:2.3:a:sun:jdk:1.5.0:update24
  • Sun JDK 5.0 Update 23
    cpe:2.3:a:sun:jdk:1.5.0:update23
  • Sun JDK 5.0 Update 22
    cpe:2.3:a:sun:jdk:1.5.0:update22
  • Sun JDK 5.0 Update 21
    cpe:2.3:a:sun:jdk:1.5.0:update21
  • Sun JDK 5.0 Update 20
    cpe:2.3:a:sun:jdk:1.5.0:update20
  • Sun JDK 5.0 Update 19
    cpe:2.3:a:sun:jdk:1.5.0:update19
  • Sun JDK 5.0 Update 18
    cpe:2.3:a:sun:jdk:1.5.0:update18
  • Sun JDK 5.0 Update 17
    cpe:2.3:a:sun:jdk:1.5.0:update17
  • Sun JDK 5.0 Update 16
    cpe:2.3:a:sun:jdk:1.5.0:update16
  • Sun JDK 5.0 Update 15
    cpe:2.3:a:sun:jdk:1.5.0:update15
  • Sun JDK 5.0 Update 14
    cpe:2.3:a:sun:jdk:1.5.0:update14
  • Sun JDK 5.0 Update 13
    cpe:2.3:a:sun:jdk:1.5.0:update13
  • Sun JDK 5.0 Update12
    cpe:2.3:a:sun:jdk:1.5.0:update12
  • Sun JDK 1.5.0_11 b03
    cpe:2.3:a:sun:jdk:1.5.0:update11_b03
  • Sun JDK 5.0 Update11
    cpe:2.3:a:sun:jdk:1.5.0:update11
  • Sun JDK 5.0 Update10
    cpe:2.3:a:sun:jdk:1.5.0:update10
  • Sun JDK 5.0 Update9
    cpe:2.3:a:sun:jdk:1.5.0:update9
  • Sun JDK 5.0 Update8
    cpe:2.3:a:sun:jdk:1.5.0:update8
  • Sun JDK 1.5 _07-b03
    cpe:2.3:a:sun:jdk:1.5.0:update7_b03
  • Sun JDK 5.0 Update7
    cpe:2.3:a:sun:jdk:1.5.0:update7
  • Sun JDK 1.5.0_6
    cpe:2.3:a:sun:jdk:1.5.0:update6
  • Sun JDK 5.0 Update5
    cpe:2.3:a:sun:jdk:1.5.0:update5
  • Sun JDK 5.0 Update4
    cpe:2.3:a:sun:jdk:1.5.0:update4
  • Sun JDK 5.0 Update3
    cpe:2.3:a:sun:jdk:1.5.0:update3
  • Sun JDK 5.0 Update2
    cpe:2.3:a:sun:jdk:1.5.0:update2
  • Sun JDK 5.0 Update1
    cpe:2.3:a:sun:jdk:1.5.0:update1
  • Sun JDK 1.5.0
    cpe:2.3:a:sun:jdk:1.5.0
  • Oracle JDK 1.5.0 Update 40
    cpe:2.3:a:oracle:jdk:1.5.0:update_40
  • Oracle JDK 1.5.0 Update 39
    cpe:2.3:a:oracle:jdk:1.5.0:update_39
  • Oracle JDK 1.5.0 Update 41
    cpe:2.3:a:oracle:jdk:1.5.0:update_41
  • Oracle JDK 1.5.0 Update 45
    cpe:2.3:a:oracle:jdk:1.5.0:update_45
CVSS
Base: 6.9 (as of 19-06-2013 - 14:46)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
LOCAL MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
nessus via4
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201401-30.NASL
    description The remote host is affected by the vulnerability described in GLSA-201401-30 (Oracle JRE/JDK: Multiple vulnerabilities) Multiple vulnerabilities have been reported in the Oracle Java implementation. Please review the CVE identifiers referenced below for details. Impact : An unauthenticated, remote attacker could exploit these vulnerabilities to execute arbitrary code. Furthermore, a local or remote attacker could exploit these vulnerabilities to cause unspecified impact, possibly including remote execution of arbitrary code. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-01-03
    plugin id 72139
    published 2014-01-27
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=72139
    title GLSA-201401-30 : Oracle JRE/JDK: Multiple vulnerabilities (ROBOT)
  • NASL family Windows
    NASL id LOTUS_DOMINO_9_0_1.NASL
    description The remote host has a version of IBM Domino (formerly Lotus Domino) 9.x prior to 9.0.1 installed. It is, therefore, reportedly affected by the following vulnerabilities : - The included version of the IBM Java SDK contains a version of IBM JRE that contains numerous security issues. (CVE-2013-0809, CVE-2013-1493, CVE-2013-2436, CVE-2013-2455, CVE-2013-3006, CVE-2013-3007, CVE-2013-3008, CVE-2013-3009, CVE-2013-3010, CVE-2013-3011, CVE-2013-3012) - An input validation error exists related to handling content in email messages that could allow cross-site scripting attacks. (CVE-2013-4063) - An input validation error exists related to iNotes when running in 'ultra-light' mode that could allow cross- site scripting attacks. (CVE-2013-4064) - An input validation error exists related to handling content in email messages and iNotes when running in 'ultra-light' mode that could allow cross-site scripting attacks. (CVE-2013-4065) - Note that fixes in the Oracle Java CPUs for February, April and June 2013 are included in the fixed IBM Java release, which is included in the fixed IBM Domino release. (CVE-2012-1541, CVE-2012-3213, CVE-2012-3342, CVE-2013-0351, CVE-2013-0401, CVE-2013-0402, CVE-2013-0409, CVE-2013-0419, CVE-2013-0423, CVE-2013-0424, CVE-2013-0425, CVE-2013-0426, CVE-2013-0427, CVE-2013-0428, CVE-2013-0429, CVE-2013-0430, CVE-2013-0431, CVE-2013-0432, CVE-2013-0433, CVE-2013-0434, CVE-2013-0435, CVE-2013-0437, CVE-2013-0438, CVE-2013-0440, CVE-2013-0441, CVE-2013-0442, CVE-2013-0443, CVE-2013-0444, CVE-2013-0445, CVE-2013-0446, CVE-2013-0448, CVE-2013-0449, CVE-2013-0450, CVE-2013-1473, CVE-2013-1475, CVE-2013-1476, CVE-2013-1478, CVE-2013-1479, CVE-2013-1480, CVE-2013-1481, CVE-2013-1488, CVE-2013-1489, CVE-2013-1491, CVE-2013-1500, CVE-2013-1518, CVE-2013-1537, CVE-2013-1540, CVE-2013-1557, CVE-2013-1558, CVE-2013-1561, CVE-2013-1563, CVE-2013-1564, CVE-2013-1569, CVE-2013-1571, CVE-2013-2383, CVE-2013-2384, CVE-2013-2394, CVE-2013-2400, CVE-2013-2407, CVE-2013-2412, CVE-2013-2414, CVE-2013-2415, CVE-2013-2416, CVE-2013-2417, CVE-2013-2418, CVE-2013-2419, CVE-2013-2420, CVE-2013-2421, CVE-2013-2422, CVE-2013-2423, CVE-2013-2424, CVE-2013-2425, CVE-2013-2426, CVE-2013-2427, CVE-2013-2428, CVE-2013-2429, CVE-2013-2430, CVE-2013-2431, CVE-2013-2432, CVE-2013-2433, CVE-2013-2434, CVE-2013-2435, CVE-2013-2437, CVE-2013-2438, CVE-2013-2439, CVE-2013-2440, CVE-2013-2442, CVE-2013-2443, CVE-2013-2444, CVE-2013-2445, CVE-2013-2446, CVE-2013-2447, CVE-2013-2448, CVE-2013-2449, CVE-2013-2450, CVE-2013-2451, CVE-2013-2452, CVE-2013-2453, CVE-2013-2454, CVE-2013-2456, CVE-2013-2457, CVE-2013-2458, CVE-2013-2459, CVE-2013-2460, CVE-2013-2461, CVE-2013-2462, CVE-2013-2463, CVE-2013-2464, CVE-2013-2465, CVE-2013-2466, CVE-2013-2467, CVE-2013-2468, CVE-2013-2469, CVE-2013-2470, CVE-2013-2471, CVE-2013-2472, CVE-2013-2473, CVE-2013-3743, CVE-2013-3744, CVE-2013-4002)
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 71861
    published 2014-01-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=71861
    title IBM Domino 9.x < 9.0.1 Multiple Vulnerabilities (credentialed check)
  • NASL family Misc.
    NASL id DOMINO_8_5_3FP5.NASL
    description According to its banner, the version of IBM Domino (formerly IBM Lotus Domino) on the remote host is 8.5.x earlier than 8.5.3 FP5. It is, therefore, affected by the following vulnerabilities : - The included version of the IBM Java SDK contains a version of the IBM JRE that contains numerous security issues. (CVE-2013-0809, CVE-2013-1493, CVE-2013-2436, CVE-2013-2455, CVE-2013-3006, CVE-2013-3007, CVE-2013-3008, CVE-2013-3009, CVE-2013-3010, CVE-2013-3011, CVE-2013-3012) - Note also that fixes in the Oracle Java CPUs for February, April and June 2013 are included in the fixed IBM Java release, which is included in the fixed IBM Domino release. (CVE-2012-1541, CVE-2012-3213, CVE-2012-3342, CVE-2013-0351, CVE-2013-0401, CVE-2013-0402, CVE-2013-0409, CVE-2013-0419, CVE-2013-0423, CVE-2013-0424, CVE-2013-0425, CVE-2013-0426, CVE-2013-0427, CVE-2013-0428, CVE-2013-0429, CVE-2013-0430, CVE-2013-0431, CVE-2013-0432, CVE-2013-0433, CVE-2013-0434, CVE-2013-0435, CVE-2013-0437, CVE-2013-0438, CVE-2013-0440, CVE-2013-0441, CVE-2013-0442, CVE-2013-0443, CVE-2013-0444, CVE-2013-0445, CVE-2013-0446, CVE-2013-0448, CVE-2013-0449, CVE-2013-0450, CVE-2013-1473, CVE-2013-1475, CVE-2013-1476, CVE-2013-1478, CVE-2013-1479, CVE-2013-1480, CVE-2013-1481, CVE-2013-1488, CVE-2013-1489, CVE-2013-1491, CVE-2013-1500, CVE-2013-1518, CVE-2013-1537, CVE-2013-1540, CVE-2013-1557, CVE-2013-1558, CVE-2013-1561, CVE-2013-1563, CVE-2013-1564, CVE-2013-1569, CVE-2013-1571, CVE-2013-2383, CVE-2013-2384, CVE-2013-2394, CVE-2013-2400, CVE-2013-2407, CVE-2013-2412, CVE-2013-2414, CVE-2013-2415, CVE-2013-2416, CVE-2013-2417, CVE-2013-2418, CVE-2013-2419, CVE-2013-2420, CVE-2013-2421, CVE-2013-2422, CVE-2013-2423, CVE-2013-2424, CVE-2013-2425, CVE-2013-2426, CVE-2013-2427, CVE-2013-2428, CVE-2013-2429, CVE-2013-2430, CVE-2013-2431, CVE-2013-2432, CVE-2013-2433, CVE-2013-2434, CVE-2013-2435, CVE-2013-2437, CVE-2013-2438, CVE-2013-2439, CVE-2013-2440, CVE-2013-2442, CVE-2013-2443, CVE-2013-2444, CVE-2013-2445, CVE-2013-2446, CVE-2013-2447, CVE-2013-2448, CVE-2013-2449, CVE-2013-2450, CVE-2013-2451, CVE-2013-2452, CVE-2013-2453, CVE-2013-2454, CVE-2013-2456, CVE-2013-2457, CVE-2013-2458, CVE-2013-2459, CVE-2013-2460, CVE-2013-2461, CVE-2013-2462, CVE-2013-2463, CVE-2013-2464, CVE-2013-2465, CVE-2013-2466, CVE-2013-2467, CVE-2013-2468, CVE-2013-2469, CVE-2013-2470, CVE-2013-2471, CVE-2013-2472, CVE-2013-2473, CVE-2013-3743, CVE-2013-3744, CVE-2013-4002)
    last seen 2019-02-21
    modified 2018-07-10
    plugin id 70742
    published 2013-11-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70742
    title IBM Domino 8.5.x < 8.5.3 FP 5 Multiple Vulnerabilities
  • NASL family Misc.
    NASL id VMWARE_ESX_VMSA-2013-0012_REMOTE.NASL
    description The remote VMware ESX / ESXi host is missing a security-related patch. It is, therefore, affected by a denial of service vulnerability in hostd-vmdb. A remote attacker can exploit this to cause a denial of service condition. Additionally, multiple vulnerabilities, including remote code execution vulnerabilities, exist in multiple Java Runtime Environment (JRE) components : - 2D - AWT - CORBA - Deployment - Hotspot - Install - JDBC - JMX - Libraries - Networking - Serialization - Serviceability - Sound
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 89668
    published 2016-03-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=89668
    title VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2013-0012) (remote check)
  • NASL family Misc.
    NASL id DOMINO_9_0_1.NASL
    description According to its banner, the version of IBM Domino (formerly IBM Lotus Domino) on the remote host is 9.x earlier than 9.0.1. It is, therefore, affected by the following vulnerabilities : - The included version of the IBM Java SDK contains a version of IBM JRE that contains numerous security issues. (CVE-2013-0809, CVE-2013-1493, CVE-2013-2436, CVE-2013-2455, CVE-2013-3006, CVE-2013-3007, CVE-2013-3008, CVE-2013-3009, CVE-2013-3010, CVE-2013-3011, CVE-2013-3012) - An input validation error exists related to handling content in email messages that could allow cross-site scripting attacks. (CVE-2013-4063) - An input validation error exists related to iNotes when running in 'ultra-light' mode that could allow cross- site scripting attacks. (CVE-2013-4064) - An input validation error exists related to handling content in email messages and iNotes when running in 'ultra-light' mode that could allow cross-site scripting attacks. (CVE-2013-4065) - Note that fixes in the Oracle Java CPUs for February, April and June 2013 are included in the fixed IBM Java release, which is included in the fixed IBM Domino release. (CVE-2012-1541, CVE-2012-3213, CVE-2012-3342, CVE-2013-0351, CVE-2013-0401, CVE-2013-0402, CVE-2013-0409, CVE-2013-0419, CVE-2013-0423, CVE-2013-0424, CVE-2013-0425, CVE-2013-0426, CVE-2013-0427, CVE-2013-0428, CVE-2013-0429, CVE-2013-0430, CVE-2013-0431, CVE-2013-0432, CVE-2013-0433, CVE-2013-0434, CVE-2013-0435, CVE-2013-0437, CVE-2013-0438, CVE-2013-0440, CVE-2013-0441, CVE-2013-0442, CVE-2013-0443, CVE-2013-0444, CVE-2013-0445, CVE-2013-0446, CVE-2013-0448, CVE-2013-0449, CVE-2013-0450, CVE-2013-1473, CVE-2013-1475, CVE-2013-1476, CVE-2013-1478, CVE-2013-1479, CVE-2013-1480, CVE-2013-1481, CVE-2013-1488, CVE-2013-1489, CVE-2013-1491, CVE-2013-1500, CVE-2013-1518, CVE-2013-1537, CVE-2013-1540, CVE-2013-1557, CVE-2013-1558, CVE-2013-1561, CVE-2013-1563, CVE-2013-1564, CVE-2013-1569, CVE-2013-1571, CVE-2013-2383, CVE-2013-2384, CVE-2013-2394, CVE-2013-2400, CVE-2013-2407, CVE-2013-2412, CVE-2013-2414, CVE-2013-2415, CVE-2013-2416, CVE-2013-2417, CVE-2013-2418, CVE-2013-2419, CVE-2013-2420, CVE-2013-2421, CVE-2013-2422, CVE-2013-2423, CVE-2013-2424, CVE-2013-2425, CVE-2013-2426, CVE-2013-2427, CVE-2013-2428, CVE-2013-2429, CVE-2013-2430, CVE-2013-2431, CVE-2013-2432, CVE-2013-2433, CVE-2013-2434, CVE-2013-2435, CVE-2013-2437, CVE-2013-2438, CVE-2013-2439, CVE-2013-2440, CVE-2013-2442, CVE-2013-2443, CVE-2013-2444, CVE-2013-2445, CVE-2013-2446, CVE-2013-2447, CVE-2013-2448, CVE-2013-2449, CVE-2013-2450, CVE-2013-2451, CVE-2013-2452, CVE-2013-2453, CVE-2013-2454, CVE-2013-2456, CVE-2013-2457, CVE-2013-2458, CVE-2013-2459, CVE-2013-2460, CVE-2013-2461, CVE-2013-2462, CVE-2013-2463, CVE-2013-2464, CVE-2013-2465, CVE-2013-2466, CVE-2013-2467, CVE-2013-2468, CVE-2013-2469, CVE-2013-2470, CVE-2013-2471, CVE-2013-2472, CVE-2013-2473, CVE-2013-3743, CVE-2013-3744, CVE-2013-4002)
    last seen 2019-02-21
    modified 2018-07-10
    plugin id 71859
    published 2014-01-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=71859
    title IBM Domino 9.x < 9.0.1 Multiple Vulnerabilities (uncredentialed check)
  • NASL family Windows
    NASL id LOTUS_DOMINO_8_5_3_FP5.NASL
    description The remote host has a version of IBM Domino (formerly Lotus Domino) 8.5.x prior to 8.5.3 Fix Pack 5 installed. It is, therefore, reportedly affected by the following vulnerabilities : - The included version of the IBM Java SDK contains a version of the IBM JRE that contains numerous security issues. (CVE-2013-0809, CVE-2013-1493, CVE-2013-2436, CVE-2013-2455, CVE-2013-3006, CVE-2013-3007, CVE-2013-3008, CVE-2013-3009, CVE-2013-3010, CVE-2013-3011, CVE-2013-3012) - Note also that fixes in the Oracle Java CPUs for February, April and June 2013 are included in the fixed IBM Java release, which is itself included in the fixed IBM Domino release. (CVE-2012-1541, CVE-2012-3213, CVE-2012-3342, CVE-2013-0351, CVE-2013-0401, CVE-2013-0402, CVE-2013-0409, CVE-2013-0419, CVE-2013-0423, CVE-2013-0424, CVE-2013-0425, CVE-2013-0426, CVE-2013-0427, CVE-2013-0428, CVE-2013-0429, CVE-2013-0430, CVE-2013-0431, CVE-2013-0432, CVE-2013-0433, CVE-2013-0434, CVE-2013-0435, CVE-2013-0437, CVE-2013-0438, CVE-2013-0440, CVE-2013-0441, CVE-2013-0442, CVE-2013-0443, CVE-2013-0444, CVE-2013-0445, CVE-2013-0446, CVE-2013-0448, CVE-2013-0449, CVE-2013-0450, CVE-2013-1473, CVE-2013-1475, CVE-2013-1476, CVE-2013-1478, CVE-2013-1479, CVE-2013-1480, CVE-2013-1481, CVE-2013-1488, CVE-2013-1489, CVE-2013-1491, CVE-2013-1500, CVE-2013-1518, CVE-2013-1537, CVE-2013-1540, CVE-2013-1557, CVE-2013-1558, CVE-2013-1561, CVE-2013-1563, CVE-2013-1564, CVE-2013-1569, CVE-2013-1571, CVE-2013-2383, CVE-2013-2384, CVE-2013-2394, CVE-2013-2400, CVE-2013-2407, CVE-2013-2412, CVE-2013-2414, CVE-2013-2415, CVE-2013-2416, CVE-2013-2417, CVE-2013-2418, CVE-2013-2419, CVE-2013-2420, CVE-2013-2421, CVE-2013-2422, CVE-2013-2423, CVE-2013-2424, CVE-2013-2425, CVE-2013-2426, CVE-2013-2427, CVE-2013-2428, CVE-2013-2429, CVE-2013-2430, CVE-2013-2431, CVE-2013-2432, CVE-2013-2433, CVE-2013-2434, CVE-2013-2435, CVE-2013-2437, CVE-2013-2438, CVE-2013-2439, CVE-2013-2440, CVE-2013-2442, CVE-2013-2443, CVE-2013-2444, CVE-2013-2445, CVE-2013-2446, CVE-2013-2447, CVE-2013-2448, CVE-2013-2449, CVE-2013-2450, CVE-2013-2451, CVE-2013-2452, CVE-2013-2453, CVE-2013-2454, CVE-2013-2456, CVE-2013-2457, CVE-2013-2458, CVE-2013-2459, CVE-2013-2460, CVE-2013-2461, CVE-2013-2462, CVE-2013-2463, CVE-2013-2464, CVE-2013-2465, CVE-2013-2466, CVE-2013-2467, CVE-2013-2468, CVE-2013-2469, CVE-2013-2470, CVE-2013-2471, CVE-2013-2472, CVE-2013-2473, CVE-2013-3743, CVE-2013-3744, CVE-2013-4002)
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 70743
    published 2013-11-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70743
    title IBM Domino 8.5.x < 8.5.3 FP5 Multiple Vulnerabilities
  • NASL family Windows
    NASL id ORACLE_JAVA_CPU_JUN_2013.NASL
    description The version of Oracle (formerly Sun) Java SE or Java for Business installed on the remote host is earlier than or equal to 7 Update 21, 6 Update 45 or 5 Update 45. It is, therefore, potentially affected by security issues in the following components : - 2D - AWT - CORBA - Deployment - Hotspot - Install - JDBC - JMX - Libraries - Networking - Serialization - Serviceability - Sound
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 66932
    published 2013-06-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=66932
    title Oracle Java SE Multiple Vulnerabilities (June 2013 CPU)
  • NASL family Windows
    NASL id LOTUS_NOTES_8_5_3_FP5.NASL
    description The remote host has a version of IBM Notes (formerly Lotus Notes) 8.5.x prior to 8.5.3 Fix Pack 5 installed. It is, therefore, reportedly affected by the following vulnerabilities : - The included version of the IBM Java SDK contains a version of the IBM JRE that contains numerous security issues. (CVE-2013-0809, CVE-2013-1493, CVE-2013-2436, CVE-2013-2455, CVE-2013-3006, CVE-2013-3007, CVE-2013-3008, CVE-2013-3009, CVE-2013-3010, CVE-2013-3011, CVE-2013-3012) - Note also that fixes in the Oracle Java CPUs for February, April and June 2013 are included in the fixed IBM Java release, which is included in the fixed IBM Notes release. (CVE-2012-1541, CVE-2012-3213, CVE-2012-3342, CVE-2013-0351, CVE-2013-0401, CVE-2013-0402, CVE-2013-0409, CVE-2013-0419, CVE-2013-0423, CVE-2013-0424, CVE-2013-0425, CVE-2013-0426, CVE-2013-0427, CVE-2013-0428, CVE-2013-0429, CVE-2013-0430, CVE-2013-0431, CVE-2013-0432, CVE-2013-0433, CVE-2013-0434, CVE-2013-0435, CVE-2013-0437, CVE-2013-0438, CVE-2013-0440, CVE-2013-0441, CVE-2013-0442, CVE-2013-0443, CVE-2013-0444, CVE-2013-0445, CVE-2013-0446, CVE-2013-0448, CVE-2013-0449, CVE-2013-0450, CVE-2013-1473, CVE-2013-1475, CVE-2013-1476, CVE-2013-1478, CVE-2013-1479, CVE-2013-1480, CVE-2013-1481, CVE-2013-1488, CVE-2013-1489, CVE-2013-1491, CVE-2013-1500, CVE-2013-151