ID CVE-2013-3012
Summary Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 1.4.2 before 1.4.2 SR13-FP18, 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3009 and CVE-2013-3011.
References
Vulnerable Configurations
  • IBM Java 5.0.0.0
    cpe:2.3:a:ibm:java:5.0.0.0
  • IBM Java 5.0.11.0 Service Refresh 11
    cpe:2.3:a:ibm:java:5.0.11.0
  • IBM Java 5.0.11.1 Service Refresh 11 (FixPack 1)
    cpe:2.3:a:ibm:java:5.0.11.1
  • IBM Java 5.0.11.2 Service Refresh 11 (FixPack 2)
    cpe:2.3:a:ibm:java:5.0.11.2
  • IBM Java 5.0.12.0 Service Refresh 12
    cpe:2.3:a:ibm:java:5.0.12.0
  • IBM Java 5.0.12.1 Service Refresh 12 (FixPack 1)
    cpe:2.3:a:ibm:java:5.0.12.1
  • IBM Java 5.0.12.2 Service Refresh 12 (FixPack 2)
    cpe:2.3:a:ibm:java:5.0.12.2
  • IBM Java 5.0.12.3 Service Refresh 12 (FixPack 3)
    cpe:2.3:a:ibm:java:5.0.12.3
  • IBM Java 5.0.12.4 Service Refresh 12 (FixPack 4)
    cpe:2.3:a:ibm:java:5.0.12.4
  • IBM Java 5.0.12.5 Service Refresh 12 (FixPack 5)
    cpe:2.3:a:ibm:java:5.0.12.5
  • IBM Java 5.0.13.0 Service Refresh 13
    cpe:2.3:a:ibm:java:5.0.13.0
  • IBM Java 5.0.14.0 Service Refresh 14
    cpe:2.3:a:ibm:java:5.0.14.0
  • IBM Java 5.0.15.0 Service Refresh 15
    cpe:2.3:a:ibm:java:5.0.15.0
  • IBM Java 5.0.16.0 Service Refresh 16
    cpe:2.3:a:ibm:java:5.0.16.0
  • IBM Java 5.0.16.1 Service Refresh 16 (Fix Pack 1)
    cpe:2.3:a:ibm:java:5.0.16.1
  • IBM Java 5.0.16.2 Service Refresh 16 (Fix Pack 2)
    cpe:2.3:a:ibm:java:5.0.16.2
  • IBM Java 6.0.0.0
    cpe:2.3:a:ibm:java:6.0.0.0
  • IBM Java 6.0.1.0 Service Refresh 1
    cpe:2.3:a:ibm:java:6.0.1.0
  • IBM Java 6.0.2.0 Service Refresh 2
    cpe:2.3:a:ibm:java:6.0.2.0
  • IBM Java 6.0.3.0 Service Refresh 3
    cpe:2.3:a:ibm:java:6.0.3.0
  • IBM Java 6.0.4.0 Service Refresh 4
    cpe:2.3:a:ibm:java:6.0.4.0
  • IBM Java 6.0.5.0 Service Refresh 5
    cpe:2.3:a:ibm:java:6.0.5.0
  • IBM Java 6.0.6.0 Service Refresh 6
    cpe:2.3:a:ibm:java:6.0.6.0
  • IBM Java 6.0.7.0 Service Refresh 7
    cpe:2.3:a:ibm:java:6.0.7.0
  • IBM Java 6.0.8.0 Service Refresh 8
    cpe:2.3:a:ibm:java:6.0.8.0
  • IBM Java 6.0.8.1 Service Refresh 8 (FixPack 1)
    cpe:2.3:a:ibm:java:6.0.8.1
  • IBM Java 6.0.9.0 Service Refresh 9
    cpe:2.3:a:ibm:java:6.0.9.0
  • IBM Java 6.0.9.1 Service Refresh 9 (FixPack 1)
    cpe:2.3:a:ibm:java:6.0.9.1
  • IBM Java 6.0.9.2 Service Refresh 9 (FixPack 2)
    cpe:2.3:a:ibm:java:6.0.9.2
  • IBM Java 6.0.10.0 Service Refresh 10
    cpe:2.3:a:ibm:java:6.0.10.0
  • IBM Java 6.0.10.1 Service Refresh 10 (FixPack 1)
    cpe:2.3:a:ibm:java:6.0.10.1
  • IBM Java 6.0.11.0 Service Refresh 11
    cpe:2.3:a:ibm:java:6.0.11.0
  • IBM Java 6.0.12.0 Service Refresh 12
    cpe:2.3:a:ibm:java:6.0.12.0
  • IBM Java 6.0.13.0 Service Refresh 13
    cpe:2.3:a:ibm:java:6.0.13.0
  • IBM Java 6.0.13.1 Service Refresh 13 (Fix Pack 1)
    cpe:2.3:a:ibm:java:6.0.13.1
  • IBM Java 6.0.13.2 Service Refresh 13 (Fix Pack 2)
    cpe:2.3:a:ibm:java:6.0.13.2
  • IBM Java 7.0.0.0
    cpe:2.3:a:ibm:java:7.0.0.0
  • IBM Java 7.0.1.0 Service Refresh 1
    cpe:2.3:a:ibm:java:7.0.1.0
  • IBM Java 7.0.2.0 Service Refresh 2
    cpe:2.3:a:ibm:java:7.0.2.0
  • IBM Java 7.0.3.0 Service Refresh 3
    cpe:2.3:a:ibm:java:7.0.3.0
  • IBM Java 7.0.4.0 Service Refresh 4
    cpe:2.3:a:ibm:java:7.0.4.0
  • IBM Java 7.0.4.1 Service Refresh 4 (Fix Pack 1)
    cpe:2.3:a:ibm:java:7.0.4.1
  • IBM Java 7.0.4.2 Service Refresh 4 (Fix Pack 2)
    cpe:2.3:a:ibm:java:7.0.4.2
  • IBM Java 1.4.2
    cpe:2.3:a:ibm:java:1.4.2
  • IBM Java 1.4.2.13 Service Refresh 13
    cpe:2.3:a:ibm:java:1.4.2.13
  • IBM Java 1.4.2.13.1 Service Refresh 13 (FixPack 1)
    cpe:2.3:a:ibm:java:1.4.2.13.1
  • IBM Java 1.4.2.13.2 Service Refresh 13 (FixPack 2)
    cpe:2.3:a:ibm:java:1.4.2.13.2
  • IBM Java 1.4.2.13.3 Service Refresh 13 (FixPack 3)
    cpe:2.3:a:ibm:java:1.4.2.13.3
  • IBM Java 1.4.2.13.4 Service Refresh 13 (FixPack 4)
    cpe:2.3:a:ibm:java:1.4.2.13.4
  • IBM Java 1.4.2.13.5 Service Refresh 13 (FixPack 5)
    cpe:2.3:a:ibm:java:1.4.2.13.5
  • IBM Java 1.4.2.13.6 Service Refresh 13 (FixPack 6)
    cpe:2.3:a:ibm:java:1.4.2.13.6
  • IBM Java 1.4.2.13.7 Service Refresh 13 (FixPack 7)
    cpe:2.3:a:ibm:java:1.4.2.13.7
  • IBM Java 1.4.2.13.8 Service Refresh 13 (FixPack 8)
    cpe:2.3:a:ibm:java:1.4.2.13.8
  • IBM Java 1.4.2.13.9 Service Refresh 13 (FixPack 9)
    cpe:2.3:a:ibm:java:1.4.2.13.9
  • IBM Java 1.4.2.13.10 Service Refresh 13 (FixPack 10)
    cpe:2.3:a:ibm:java:1.4.2.13.10
  • IBM Java 1.4.2.13.11 Service Refresh 13 (FixPack 11)
    cpe:2.3:a:ibm:java:1.4.2.13.11
  • IBM Java 1.4.2.13.12 Service Refresh 13 (FixPack 12)
    cpe:2.3:a:ibm:java:1.4.2.13.12
  • IBM Java 1.4.2.13.13 Service Refresh 13 (FixPack 13)
    cpe:2.3:a:ibm:java:1.4.2.13.13
  • IBM Java 1.4.2.13.14 Service Refresh 13 (FixPack 14)
    cpe:2.3:a:ibm:java:1.4.2.13.14
  • IBM Java 1.4.2.13.15 Service Refresh 13 (FixPack 15)
    cpe:2.3:a:ibm:java:1.4.2.13.15
  • IBM Java 1.4.2.13.16 Service Refresh 13 (FixPack 16)
    cpe:2.3:a:ibm:java:1.4.2.13.16
  • IBM Java 1.4.2.13.17 Service Refresh 13 (FixPack 17)
    cpe:2.3:a:ibm:java:1.4.2.13.17
CVSS
Base: 9.3 (as of 23-07-2013 - 13:00)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
nessus via4
  • NASL family Windows
    NASL id LOTUS_DOMINO_9_0_1.NASL
    description The remote host has a version of IBM Domino (formerly Lotus Domino) 9.x prior to 9.0.1 installed. It is, therefore, reportedly affected by the following vulnerabilities : - The included version of the IBM Java SDK contains a version of IBM JRE that contains numerous security issues. (CVE-2013-0809, CVE-2013-1493, CVE-2013-2436, CVE-2013-2455, CVE-2013-3006, CVE-2013-3007, CVE-2013-3008, CVE-2013-3009, CVE-2013-3010, CVE-2013-3011, CVE-2013-3012) - An input validation error exists related to handling content in email messages that could allow cross-site scripting attacks. (CVE-2013-4063) - An input validation error exists related to iNotes when running in 'ultra-light' mode that could allow cross- site scripting attacks. (CVE-2013-4064) - An input validation error exists related to handling content in email messages and iNotes when running in 'ultra-light' mode that could allow cross-site scripting attacks. (CVE-2013-4065) - Note that fixes in the Oracle Java CPUs for February, April and June 2013 are included in the fixed IBM Java release, which is included in the fixed IBM Domino release. (CVE-2012-1541, CVE-2012-3213, CVE-2012-3342, CVE-2013-0351, CVE-2013-0401, CVE-2013-0402, CVE-2013-0409, CVE-2013-0419, CVE-2013-0423, CVE-2013-0424, CVE-2013-0425, CVE-2013-0426, CVE-2013-0427, CVE-2013-0428, CVE-2013-0429, CVE-2013-0430, CVE-2013-0431, CVE-2013-0432, CVE-2013-0433, CVE-2013-0434, CVE-2013-0435, CVE-2013-0437, CVE-2013-0438, CVE-2013-0440, CVE-2013-0441, CVE-2013-0442, CVE-2013-0443, CVE-2013-0444, CVE-2013-0445, CVE-2013-0446, CVE-2013-0448, CVE-2013-0449, CVE-2013-0450, CVE-2013-1473, CVE-2013-1475, CVE-2013-1476, CVE-2013-1478, CVE-2013-1479, CVE-2013-1480, CVE-2013-1481, CVE-2013-1488, CVE-2013-1489, CVE-2013-1491, CVE-2013-1500, CVE-2013-1518, CVE-2013-1537, CVE-2013-1540, CVE-2013-1557, CVE-2013-1558, CVE-2013-1561, CVE-2013-1563, CVE-2013-1564, CVE-2013-1569, CVE-2013-1571, CVE-2013-2383, CVE-2013-2384, CVE-2013-2394, CVE-2013-2400, CVE-2013-2407, CVE-2013-2412, CVE-2013-2414, CVE-2013-2415, CVE-2013-2416, CVE-2013-2417, CVE-2013-2418, CVE-2013-2419, CVE-2013-2420, CVE-2013-2421, CVE-2013-2422, CVE-2013-2423, CVE-2013-2424, CVE-2013-2425, CVE-2013-2426, CVE-2013-2427, CVE-2013-2428, CVE-2013-2429, CVE-2013-2430, CVE-2013-2431, CVE-2013-2432, CVE-2013-2433, CVE-2013-2434, CVE-2013-2435, CVE-2013-2437, CVE-2013-2438, CVE-2013-2439, CVE-2013-2440, CVE-2013-2442, CVE-2013-2443, CVE-2013-2444, CVE-2013-2445, CVE-2013-2446, CVE-2013-2447, CVE-2013-2448, CVE-2013-2449, CVE-2013-2450, CVE-2013-2451, CVE-2013-2452, CVE-2013-2453, CVE-2013-2454, CVE-2013-2456, CVE-2013-2457, CVE-2013-2458, CVE-2013-2459, CVE-2013-2460, CVE-2013-2461, CVE-2013-2462, CVE-2013-2463, CVE-2013-2464, CVE-2013-2465, CVE-2013-2466, CVE-2013-2467, CVE-2013-2468, CVE-2013-2469, CVE-2013-2470, CVE-2013-2471, CVE-2013-2472, CVE-2013-2473, CVE-2013-3743, CVE-2013-3744, CVE-2013-4002)
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 71861
    published 2014-01-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=71861
    title IBM Domino 9.x < 9.0.1 Multiple Vulnerabilities (credentialed check)
  • NASL family Misc.
    NASL id DOMINO_8_5_3FP5.NASL
    description According to its banner, the version of IBM Domino (formerly IBM Lotus Domino) on the remote host is 8.5.x earlier than 8.5.3 FP5. It is, therefore, affected by the following vulnerabilities : - The included version of the IBM Java SDK contains a version of the IBM JRE that contains numerous security issues. (CVE-2013-0809, CVE-2013-1493, CVE-2013-2436, CVE-2013-2455, CVE-2013-3006, CVE-2013-3007, CVE-2013-3008, CVE-2013-3009, CVE-2013-3010, CVE-2013-3011, CVE-2013-3012) - Note also that fixes in the Oracle Java CPUs for February, April and June 2013 are included in the fixed IBM Java release, which is included in the fixed IBM Domino release. (CVE-2012-1541, CVE-2012-3213, CVE-2012-3342, CVE-2013-0351, CVE-2013-0401, CVE-2013-0402, CVE-2013-0409, CVE-2013-0419, CVE-2013-0423, CVE-2013-0424, CVE-2013-0425, CVE-2013-0426, CVE-2013-0427, CVE-2013-0428, CVE-2013-0429, CVE-2013-0430, CVE-2013-0431, CVE-2013-0432, CVE-2013-0433, CVE-2013-0434, CVE-2013-0435, CVE-2013-0437, CVE-2013-0438, CVE-2013-0440, CVE-2013-0441, CVE-2013-0442, CVE-2013-0443, CVE-2013-0444, CVE-2013-0445, CVE-2013-0446, CVE-2013-0448, CVE-2013-0449, CVE-2013-0450, CVE-2013-1473, CVE-2013-1475, CVE-2013-1476, CVE-2013-1478, CVE-2013-1479, CVE-2013-1480, CVE-2013-1481, CVE-2013-1488, CVE-2013-1489, CVE-2013-1491, CVE-2013-1500, CVE-2013-1518, CVE-2013-1537, CVE-2013-1540, CVE-2013-1557, CVE-2013-1558, CVE-2013-1561, CVE-2013-1563, CVE-2013-1564, CVE-2013-1569, CVE-2013-1571, CVE-2013-2383, CVE-2013-2384, CVE-2013-2394, CVE-2013-2400, CVE-2013-2407, CVE-2013-2412, CVE-2013-2414, CVE-2013-2415, CVE-2013-2416, CVE-2013-2417, CVE-2013-2418, CVE-2013-2419, CVE-2013-2420, CVE-2013-2421, CVE-2013-2422, CVE-2013-2423, CVE-2013-2424, CVE-2013-2425, CVE-2013-2426, CVE-2013-2427, CVE-2013-2428, CVE-2013-2429, CVE-2013-2430, CVE-2013-2431, CVE-2013-2432, CVE-2013-2433, CVE-2013-2434, CVE-2013-2435, CVE-2013-2437, CVE-2013-2438, CVE-2013-2439, CVE-2013-2440, CVE-2013-2442, CVE-2013-2443, CVE-2013-2444, CVE-2013-2445, CVE-2013-2446, CVE-2013-2447, CVE-2013-2448, CVE-2013-2449, CVE-2013-2450, CVE-2013-2451, CVE-2013-2452, CVE-2013-2453, CVE-2013-2454, CVE-2013-2456, CVE-2013-2457, CVE-2013-2458, CVE-2013-2459, CVE-2013-2460, CVE-2013-2461, CVE-2013-2462, CVE-2013-2463, CVE-2013-2464, CVE-2013-2465, CVE-2013-2466, CVE-2013-2467, CVE-2013-2468, CVE-2013-2469, CVE-2013-2470, CVE-2013-2471, CVE-2013-2472, CVE-2013-2473, CVE-2013-3743, CVE-2013-3744, CVE-2013-4002)
    last seen 2019-02-21
    modified 2018-07-10
    plugin id 70742
    published 2013-11-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70742
    title IBM Domino 8.5.x < 8.5.3 FP 5 Multiple Vulnerabilities
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2013-1256-1.NASL
    description IBM Java 1.7.0 has been updated to SR5 to fix bugs and security issues. Please see also http://www.ibm.com/developerworks/java/jdk/alerts/ Also the following bugs have been fixed : - add Europe/Busingen to tzmappings (bnc#817062) - mark files in jre/bin and bin/ as executable (bnc#823034) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-07-31
    plugin id 83595
    published 2015-05-20
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=83595
    title SUSE SLES11 Security Update : java-1_7_0-ibm (SUSE-SU-2013:1256-1)
  • NASL family Misc.
    NASL id DOMINO_9_0_1.NASL
    description According to its banner, the version of IBM Domino (formerly IBM Lotus Domino) on the remote host is 9.x earlier than 9.0.1. It is, therefore, affected by the following vulnerabilities : - The included version of the IBM Java SDK contains a version of IBM JRE that contains numerous security issues. (CVE-2013-0809, CVE-2013-1493, CVE-2013-2436, CVE-2013-2455, CVE-2013-3006, CVE-2013-3007, CVE-2013-3008, CVE-2013-3009, CVE-2013-3010, CVE-2013-3011, CVE-2013-3012) - An input validation error exists related to handling content in email messages that could allow cross-site scripting attacks. (CVE-2013-4063) - An input validation error exists related to iNotes when running in 'ultra-light' mode that could allow cross- site scripting attacks. (CVE-2013-4064) - An input validation error exists related to handling content in email messages and iNotes when running in 'ultra-light' mode that could allow cross-site scripting attacks. (CVE-2013-4065) - Note that fixes in the Oracle Java CPUs for February, April and June 2013 are included in the fixed IBM Java release, which is included in the fixed IBM Domino release. (CVE-2012-1541, CVE-2012-3213, CVE-2012-3342, CVE-2013-0351, CVE-2013-0401, CVE-2013-0402, CVE-2013-0409, CVE-2013-0419, CVE-2013-0423, CVE-2013-0424, CVE-2013-0425, CVE-2013-0426, CVE-2013-0427, CVE-2013-0428, CVE-2013-0429, CVE-2013-0430, CVE-2013-0431, CVE-2013-0432, CVE-2013-0433, CVE-2013-0434, CVE-2013-0435, CVE-2013-0437, CVE-2013-0438, CVE-2013-0440, CVE-2013-0441, CVE-2013-0442, CVE-2013-0443, CVE-2013-0444, CVE-2013-0445, CVE-2013-0446, CVE-2013-0448, CVE-2013-0449, CVE-2013-0450, CVE-2013-1473, CVE-2013-1475, CVE-2013-1476, CVE-2013-1478, CVE-2013-1479, CVE-2013-1480, CVE-2013-1481, CVE-2013-1488, CVE-2013-1489, CVE-2013-1491, CVE-2013-1500, CVE-2013-1518, CVE-2013-1537, CVE-2013-1540, CVE-2013-1557, CVE-2013-1558, CVE-2013-1561, CVE-2013-1563, CVE-2013-1564, CVE-2013-1569, CVE-2013-1571, CVE-2013-2383, CVE-2013-2384, CVE-2013-2394, CVE-2013-2400, CVE-2013-2407, CVE-2013-2412, CVE-2013-2414, CVE-2013-2415, CVE-2013-2416, CVE-2013-2417, CVE-2013-2418, CVE-2013-2419, CVE-2013-2420, CVE-2013-2421, CVE-2013-2422, CVE-2013-2423, CVE-2013-2424, CVE-2013-2425, CVE-2013-2426, CVE-2013-2427, CVE-2013-2428, CVE-2013-2429, CVE-2013-2430, CVE-2013-2431, CVE-2013-2432, CVE-2013-2433, CVE-2013-2434, CVE-2013-2435, CVE-2013-2437, CVE-2013-2438, CVE-2013-2439, CVE-2013-2440, CVE-2013-2442, CVE-2013-2443, CVE-2013-2444, CVE-2013-2445, CVE-2013-2446, CVE-2013-2447, CVE-2013-2448, CVE-2013-2449, CVE-2013-2450, CVE-2013-2451, CVE-2013-2452, CVE-2013-2453, CVE-2013-2454, CVE-2013-2456, CVE-2013-2457, CVE-2013-2458, CVE-2013-2459, CVE-2013-2460, CVE-2013-2461, CVE-2013-2462, CVE-2013-2463, CVE-2013-2464, CVE-2013-2465, CVE-2013-2466, CVE-2013-2467, CVE-2013-2468, CVE-2013-2469, CVE-2013-2470, CVE-2013-2471, CVE-2013-2472, CVE-2013-2473, CVE-2013-3743, CVE-2013-3744, CVE-2013-4002)
    last seen 2019-02-21
    modified 2018-07-10
    plugin id 71859
    published 2014-01-08
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=71859
    title IBM Domino 9.x < 9.0.1 Multiple Vulnerabilities (uncredentialed check)
  • NASL family Windows
    NASL id LOTUS_DOMINO_8_5_3_FP5.NASL
    description The remote host has a version of IBM Domino (formerly Lotus Domino) 8.5.x prior to 8.5.3 Fix Pack 5 installed. It is, therefore, reportedly affected by the following vulnerabilities : - The included version of the IBM Java SDK contains a version of the IBM JRE that contains numerous security issues. (CVE-2013-0809, CVE-2013-1493, CVE-2013-2436, CVE-2013-2455, CVE-2013-3006, CVE-2013-3007, CVE-2013-3008, CVE-2013-3009, CVE-2013-3010, CVE-2013-3011, CVE-2013-3012) - Note also that fixes in the Oracle Java CPUs for February, April and June 2013 are included in the fixed IBM Java release, which is itself included in the fixed IBM Domino release. (CVE-2012-1541, CVE-2012-3213, CVE-2012-3342, CVE-2013-0351, CVE-2013-0401, CVE-2013-0402, CVE-2013-0409, CVE-2013-0419, CVE-2013-0423, CVE-2013-0424, CVE-2013-0425, CVE-2013-0426, CVE-2013-0427, CVE-2013-0428, CVE-2013-0429, CVE-2013-0430, CVE-2013-0431, CVE-2013-0432, CVE-2013-0433, CVE-2013-0434, CVE-2013-0435, CVE-2013-0437, CVE-2013-0438, CVE-2013-0440, CVE-2013-0441, CVE-2013-0442, CVE-2013-0443, CVE-2013-0444, CVE-2013-0445, CVE-2013-0446, CVE-2013-0448, CVE-2013-0449, CVE-2013-0450, CVE-2013-1473, CVE-2013-1475, CVE-2013-1476, CVE-2013-1478, CVE-2013-1479, CVE-2013-1480, CVE-2013-1481, CVE-2013-1488, CVE-2013-1489, CVE-2013-1491, CVE-2013-1500, CVE-2013-1518, CVE-2013-1537, CVE-2013-1540, CVE-2013-1557, CVE-2013-1558, CVE-2013-1561, CVE-2013-1563, CVE-2013-1564, CVE-2013-1569, CVE-2013-1571, CVE-2013-2383, CVE-2013-2384, CVE-2013-2394, CVE-2013-2400, CVE-2013-2407, CVE-2013-2412, CVE-2013-2414, CVE-2013-2415, CVE-2013-2416, CVE-2013-2417, CVE-2013-2418, CVE-2013-2419, CVE-2013-2420, CVE-2013-2421, CVE-2013-2422, CVE-2013-2423, CVE-2013-2424, CVE-2013-2425, CVE-2013-2426, CVE-2013-2427, CVE-2013-2428, CVE-2013-2429, CVE-2013-2430, CVE-2013-2431, CVE-2013-2432, CVE-2013-2433, CVE-2013-2434, CVE-2013-2435, CVE-2013-2437, CVE-2013-2438, CVE-2013-2439, CVE-2013-2440, CVE-2013-2442, CVE-2013-2443, CVE-2013-2444, CVE-2013-2445, CVE-2013-2446, CVE-2013-2447, CVE-2013-2448, CVE-2013-2449, CVE-2013-2450, CVE-2013-2451, CVE-2013-2452, CVE-2013-2453, CVE-2013-2454, CVE-2013-2456, CVE-2013-2457, CVE-2013-2458, CVE-2013-2459, CVE-2013-2460, CVE-2013-2461, CVE-2013-2462, CVE-2013-2463, CVE-2013-2464, CVE-2013-2465, CVE-2013-2466, CVE-2013-2467, CVE-2013-2468, CVE-2013-2469, CVE-2013-2470, CVE-2013-2471, CVE-2013-2472, CVE-2013-2473, CVE-2013-3743, CVE-2013-3744, CVE-2013-4002)
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 70743
    published 2013-11-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70743
    title IBM Domino 8.5.x < 8.5.3 FP5 Multiple Vulnerabilities
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_JAVA-1_4_2-IBM-130723.NASL
    description IBM Java 1.4.2 was updated to SR13-FP18 to fix bugs and security issues. Please see also http://www.ibm.com/developerworks/java/jdk/alerts/ Also the following bug has been fixed : - mark files in jre/bin and bin/ as executable (bnc#823034)
    last seen 2019-02-21
    modified 2013-11-18
    plugin id 69090
    published 2013-07-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=69090
    title SuSE 11.2 Security Update : java-1_4_2-ibm (SAT Patch Number 8109)
  • NASL family Windows
    NASL id LOTUS_NOTES_8_5_3_FP5.NASL
    description The remote host has a version of IBM Notes (formerly Lotus Notes) 8.5.x prior to 8.5.3 Fix Pack 5 installed. It is, therefore, reportedly affected by the following vulnerabilities : - The included version of the IBM Java SDK contains a version of the IBM JRE that contains numerous security issues. (CVE-2013-0809, CVE-2013-1493, CVE-2013-2436, CVE-2013-2455, CVE-2013-3006, CVE-2013-3007, CVE-2013-3008, CVE-2013-3009, CVE-2013-3010, CVE-2013-3011, CVE-2013-3012) - Note also that fixes in the Oracle Java CPUs for February, April and June 2013 are included in the fixed IBM Java release, which is included in the fixed IBM Notes release. (CVE-2012-1541, CVE-2012-3213, CVE-2012-3342, CVE-2013-0351, CVE-2013-0401, CVE-2013-0402, CVE-2013-0409, CVE-2013-0419, CVE-2013-0423, CVE-2013-0424, CVE-2013-0425, CVE-2013-0426, CVE-2013-0427, CVE-2013-0428, CVE-2013-0429, CVE-2013-0430, CVE-2013-0431, CVE-2013-0432, CVE-2013-0433, CVE-2013-0434, CVE-2013-0435, CVE-2013-0437, CVE-2013-0438, CVE-2013-0440, CVE-2013-0441, CVE-2013-0442, CVE-2013-0443, CVE-2013-0444, CVE-2013-0445, CVE-2013-0446, CVE-2013-0448, CVE-2013-0449, CVE-2013-0450, CVE-2013-1473, CVE-2013-1475, CVE-2013-1476, CVE-2013-1478, CVE-2013-1479, CVE-2013-1480, CVE-2013-1481, CVE-2013-1488, CVE-2013-1489, CVE-2013-1491, CVE-2013-1500, CVE-2013-1518, CVE-2013-1537, CVE-2013-1540, CVE-2013-1557, CVE-2013-1558, CVE-2013-1561, CVE-2013-1563, CVE-2013-1564, CVE-2013-1569, CVE-2013-1571, CVE-2013-2383, CVE-2013-2384, CVE-2013-2394, CVE-2013-2400, CVE-2013-2407, CVE-2013-2412, CVE-2013-2414, CVE-2013-2415, CVE-2013-2416, CVE-2013-2417, CVE-2013-2418, CVE-2013-2419, CVE-2013-2420, CVE-2013-2421, CVE-2013-2422, CVE-2013-2423, CVE-2013-2424, CVE-2013-2425, CVE-2013-2426, CVE-2013-2427, CVE-2013-2428, CVE-2013-2429, CVE-2013-2430, CVE-2013-2431, CVE-2013-2432, CVE-2013-2433, CVE-2013-2434, CVE-2013-2435, CVE-2013-2437, CVE-2013-2438, CVE-2013-2439, CVE-2013-2440, CVE-2013-2442, CVE-2013-2443, CVE-2013-2444, CVE-2013-2445, CVE-2013-2446, CVE-2013-2447, CVE-2013-2448, CVE-2013-2449, CVE-2013-2450, CVE-2013-2451, CVE-2013-2452, CVE-2013-2453, CVE-2013-2454, CVE-2013-2456, CVE-2013-2457, CVE-2013-2458, CVE-2013-2459, CVE-2013-2460, CVE-2013-2461, CVE-2013-2462, CVE-2013-2463, CVE-2013-2464, CVE-2013-2465, CVE-2013-2466, CVE-2013-2467, CVE-2013-2468, CVE-2013-2469, CVE-2013-2470, CVE-2013-2471, CVE-2013-2472, CVE-2013-2473, CVE-2013-3743, CVE-2013-3744, CVE-2013-4002)
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 70744
    published 2013-11-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=70744
    title IBM Notes 8.5.x < 8.5.3 FP5 Multiple Vulnerabilities
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2013-1081.NASL
    description Updated java-1.5.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. IBM J2SE version 5.0 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Detailed vulnerability descriptions are linked from the IBM Security alerts page, listed in the References section. (CVE-2013-1500, CVE-2013-1571, CVE-2013-2443, CVE-2013-2444, CVE-2013-2446, CVE-2013-2447, CVE-2013-2448, CVE-2013-2450, CVE-2013-2452, CVE-2013-2454, CVE-2013-2455, CVE-2013-2456, CVE-2013-2457, CVE-2013-2459, CVE-2013-2463, CVE-2013-2464, CVE-2013-2465, CVE-2013-2469, CVE-2013-2470, CVE-2013-2471, CVE-2013-2472, CVE-2013-2473, CVE-2013-3743) Red Hat would like to thank Tim Brown for reporting CVE-2013-1500, and US-CERT for reporting CVE-2013-1571. US-CERT acknowledges Oracle as the original reporter of CVE-2013-1571. All users of java-1.5.0-ibm are advised to upgrade to these updated packages, containing the IBM J2SE 5.0 SR16-FP3 release. All running instances of IBM Java must be restarted for this update to take effect.
    last seen 2019-02-21
    modified 2018-12-20
    plugin id 68922
    published 2013-07-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68922
    title RHEL 5 / 6 : java-1.5.0-ibm (RHSA-2013:1081)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2013-1060.NASL
    description Updated java-1.7.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Detailed vulnerability descriptions are linked from the IBM Security alerts page, listed in the References section. (CVE-2013-1500, CVE-2013-1571, CVE-2013-2400, CVE-2013-2407, CVE-2013-2412, CVE-2013-2437, CVE-2013-2442, CVE-2013-2444, CVE-2013-2446, CVE-2013-2447, CVE-2013-2448, CVE-2013-2449, CVE-2013-2450, CVE-2013-2451, CVE-2013-2452, CVE-2013-2453, CVE-2013-2454, CVE-2013-2455, CVE-2013-2456, CVE-2013-2457, CVE-2013-2458, CVE-2013-2459, CVE-2013-2460, CVE-2013-2462, CVE-2013-2463, CVE-2013-2464, CVE-2013-2465, CVE-2013-2466, CVE-2013-2468, CVE-2013-2469, CVE-2013-2470, CVE-2013-2471, CVE-2013-2472, CVE-2013-2473, CVE-2013-3744) Red Hat would like to thank Tim Brown for reporting CVE-2013-1500, and US-CERT for reporting CVE-2013-1571. US-CERT acknowledges Oracle as the original reporter of CVE-2013-1571. All users of java-1.7.0-ibm are advised to upgrade to these updated packages, containing the IBM Java SE 7 SR5 release. All running instances of IBM Java must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-12-20
    plugin id 68901
    published 2013-07-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68901
    title RHEL 5 / 6 : java-1.7.0-ibm (RHSA-2013:1060)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_JAVA-1_6_0-IBM-130723.NASL
    description IBM Java 1.6.0 has been updated to SR14 to fix bugs and security issues. Please see also http://www.ibm.com/developerworks/java/jdk/alerts/ Also the following bugs have been fixed : - add Europe/Busingen to tzmappings. (bnc#817062) - mark files in jre/bin and bin/ as executable (bnc#823034)
    last seen 2019-02-21
    modified 2013-11-18
    plugin id 69069
    published 2013-07-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=69069
    title SuSE 11.2 / 11.3 Security Update : java-1_6_0-ibm (SAT Patch Numbers 8105 / 8107)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_11_JAVA-1_7_0-IBM-130723.NASL
    description IBM Java 1.7.0 has been updated to SR5 to fix bugs and security issues. Please see also http://www.ibm.com/developerworks/java/jdk/alerts/ Also the following bugs have been fixed : - add Europe/Busingen to tzmappings. (bnc#817062) - mark files in jre/bin and bin/ as executable (bnc#823034)
    last seen 2019-02-21
    modified 2013-11-18
    plugin id 69070
    published 2013-07-26
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=69070
    title SuSE 11.2 / 11.3 Security Update : java-1_7_0-ibm (SAT Patch Numbers 8106 / 8108)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2013-1059.NASL
    description Updated java-1.6.0-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Detailed vulnerability descriptions are linked from the IBM Security alerts page, listed in the References section. (CVE-2013-1500, CVE-2013-1571, CVE-2013-2407, CVE-2013-2412, CVE-2013-2437, CVE-2013-2442, CVE-2013-2443, CVE-2013-2444, CVE-2013-2446, CVE-2013-2447, CVE-2013-2448, CVE-2013-2450, CVE-2013-2451, CVE-2013-2452, CVE-2013-2453, CVE-2013-2454, CVE-2013-2455, CVE-2013-2456, CVE-2013-2457, CVE-2013-2459, CVE-2013-2463, CVE-2013-2464, CVE-2013-2465, CVE-2013-2466, CVE-2013-2468, CVE-2013-2469, CVE-2013-2470, CVE-2013-2471, CVE-2013-2472, CVE-2013-2473, CVE-2013-3743) Red Hat would like to thank Tim Brown for reporting CVE-2013-1500, and US-CERT for reporting CVE-2013-1571. US-CERT acknowledges Oracle as the original reporter of CVE-2013-1571. All users of java-1.6.0-ibm are advised to upgrade to these updated packages, containing the IBM Java SE 6 SR14 release. All running instances of IBM Java must be restarted for the update to take effect.
    last seen 2019-02-21
    modified 2018-12-20
    plugin id 68900
    published 2013-07-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=68900
    title RHEL 5 / 6 : java-1.6.0-ibm (RHSA-2013:1059)
redhat via4
advisories
  • rhsa
    id RHSA-2013:1059
  • rhsa
    id RHSA-2013:1060
  • rhsa
    id RHSA-2013:1081
refmap via4
aixapar
  • IV44796
  • IV44797
  • IV44798
  • PM91730
confirm
secunia 54154
suse
  • SUSE-SU-2013:1255
  • SUSE-SU-2013:1256
  • SUSE-SU-2013:1257
  • SUSE-SU-2013:1263
  • SUSE-SU-2013:1264
  • SUSE-SU-2013:1293
  • SUSE-SU-2013:1305
xf ibm-java-cve20133012(84153)
Last major update 30-01-2014 - 00:11
Published 23-07-2013 - 07:03
Last modified 28-11-2017 - 21:29
Back to Top