ID CVE-2013-0426
Summary Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-0425 and CVE-2013-0428. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect "access control checks" in the logging API that allow remote attackers to bypass Java sandbox restrictions. Per http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html "Applies to client deployment of Java only. This vulnerability can be exploited only through untrusted Java Web Start applications and untrusted Java applets. (Untrusted Java Web Start applications and untrusted applets run in the Java sandbox with limited privileges.)"
References
Vulnerable Configurations
  • cpe:2.3:a:oracle:jre:1.7.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.7.0:update10:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.7.0:update10:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.7.0:update11:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.7.0:update11:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.7.0:update7:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.7.0:update7:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.7.0:update9:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.7.0:update9:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.7.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.7.0:update10:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.7.0:update10:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.7.0:update11:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.7.0:update11:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.7.0:update5:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.7.0:update5:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.7.0:update6:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.7.0:update6:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.7.0:update7:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.7.0:update7:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.7.0:update9:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.7.0:update9:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.6.0:update_22:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.6.0:update_22:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.6.0:update_23:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.6.0:update_23:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.6.0:update_24:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.6.0:update_24:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.6.0:update_25:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.6.0:update_25:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.6.0:update_26:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.6.0:update_26:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.6.0:update_27:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.6.0:update_27:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.6.0:update_29:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.6.0:update_29:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.6.0:update_30:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.6.0:update_30:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.6.0:update_31:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.6.0:update_31:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.6.0:update_32:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.6.0:update_32:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.6.0:update_33:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.6.0:update_33:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.6.0:update_34:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.6.0:update_34:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.6.0:update_35:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.6.0:update_35:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.6.0:update_37:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.6.0:update_37:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.6.0:update_38:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.6.0:update_38:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.6.0:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.6.0:update_1:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.6.0:update_1:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.6.0:update_10:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.6.0:update_10:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.6.0:update_11:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.6.0:update_11:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.6.0:update_12:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.6.0:update_12:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.6.0:update_13:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.6.0:update_13:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.6.0:update_14:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.6.0:update_14:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.6.0:update_15:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.6.0:update_15:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.6.0:update_16:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.6.0:update_16:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.6.0:update_17:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.6.0:update_17:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.6.0:update_18:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.6.0:update_18:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.6.0:update_19:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.6.0:update_19:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.6.0:update_2:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.6.0:update_2:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.6.0:update_20:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.6.0:update_20:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.6.0:update_21:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.6.0:update_21:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.6.0:update_3:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.6.0:update_3:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.6.0:update_4:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.6.0:update_4:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.6.0:update_5:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.6.0:update_5:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.6.0:update_6:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.6.0:update_6:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.6.0:update_7:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.6.0:update_7:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.6.0:update_9:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.6.0:update_9:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.6.0:update_22:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.6.0:update_22:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.6.0:update_23:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.6.0:update_23:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.6.0:update_24:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.6.0:update_24:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.6.0:update_25:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.6.0:update_25:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.6.0:update_26:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.6.0:update_26:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.6.0:update_27:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.6.0:update_27:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.6.0:update_29:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.6.0:update_29:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.6.0:update_30:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.6.0:update_30:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.6.0:update_31:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.6.0:update_31:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.6.0:update_32:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.6.0:update_32:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.6.0:update_33:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.6.0:update_33:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.6.0:update_34:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.6.0:update_34:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.6.0:update_35:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.6.0:update_35:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.6.0:update_37:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.6.0:update_37:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.6.0:update_38:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.6.0:update_38:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.6.0:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.6.0:update1:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.6.0:update1:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.6.0:update1_b06:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.6.0:update1_b06:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.6.0:update2:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.6.0:update2:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.6.0:update_10:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.6.0:update_10:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.6.0:update_11:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.6.0:update_11:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.6.0:update_12:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.6.0:update_12:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.6.0:update_13:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.6.0:update_13:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.6.0:update_14:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.6.0:update_14:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.6.0:update_15:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.6.0:update_15:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.6.0:update_16:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.6.0:update_16:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.6.0:update_17:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.6.0:update_17:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.6.0:update_18:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.6.0:update_18:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.6.0:update_19:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.6.0:update_19:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.6.0:update_20:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.6.0:update_20:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.6.0:update_21:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.6.0:update_21:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.6.0:update_3:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.6.0:update_3:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.6.0:update_4:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.6.0:update_4:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.6.0:update_5:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.6.0:update_5:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.6.0:update_6:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.6.0:update_6:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.6.0:update_7:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.6.0:update_7:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.5.0:update_36:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.5.0:update_36:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.5.0:update_38:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.5.0:update_38:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.5.0:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.5.0:update1:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.5.0:update1:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.5.0:update10:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.5.0:update10:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.5.0:update11:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.5.0:update11:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.5.0:update12:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.5.0:update12:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.5.0:update13:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.5.0:update13:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.5.0:update14:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.5.0:update14:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.5.0:update15:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.5.0:update15:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.5.0:update16:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.5.0:update16:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.5.0:update17:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.5.0:update17:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.5.0:update18:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.5.0:update18:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.5.0:update19:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.5.0:update19:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.5.0:update2:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.5.0:update2:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.5.0:update20:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.5.0:update20:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.5.0:update21:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.5.0:update21:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.5.0:update22:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.5.0:update22:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.5.0:update23:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.5.0:update23:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.5.0:update24:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.5.0:update24:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.5.0:update25:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.5.0:update25:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.5.0:update26:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.5.0:update26:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.5.0:update27:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.5.0:update27:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.5.0:update28:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.5.0:update28:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.5.0:update29:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.5.0:update29:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.5.0:update3:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.5.0:update3:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.5.0:update31:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.5.0:update31:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.5.0:update33:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.5.0:update33:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.5.0:update4:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.5.0:update4:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.5.0:update5:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.5.0:update5:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.5.0:update6:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.5.0:update6:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.5.0:update7:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.5.0:update7:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.5.0:update8:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.5.0:update8:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.5.0:update9:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.5.0:update9:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.5.0:update_36:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.5.0:update_36:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.5.0:update_38:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.5.0:update_38:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.5.0:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.5.0:update1:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.5.0:update1:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.5.0:update10:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.5.0:update10:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.5.0:update11:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.5.0:update11:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.5.0:update11_b03:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.5.0:update11_b03:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.5.0:update12:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.5.0:update12:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.5.0:update13:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.5.0:update13:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.5.0:update14:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.5.0:update14:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.5.0:update15:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.5.0:update15:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.5.0:update16:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.5.0:update16:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.5.0:update17:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.5.0:update17:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.5.0:update18:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.5.0:update18:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.5.0:update19:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.5.0:update19:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.5.0:update2:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.5.0:update2:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.5.0:update20:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.5.0:update20:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.5.0:update21:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.5.0:update21:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.5.0:update22:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.5.0:update22:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.5.0:update23:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.5.0:update23:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.5.0:update24:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.5.0:update24:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.5.0:update25:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.5.0:update25:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.5.0:update26:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.5.0:update26:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.5.0:update27:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.5.0:update27:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.5.0:update28:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.5.0:update28:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.5.0:update29:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.5.0:update29:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.5.0:update3:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.5.0:update3:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.5.0:update31:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.5.0:update31:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.5.0:update33:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.5.0:update33:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.5.0:update4:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.5.0:update4:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.5.0:update5:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.5.0:update5:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.5.0:update6:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.5.0:update6:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.5.0:update7:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.5.0:update7:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.5.0:update7_b03:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.5.0:update7_b03:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.5.0:update8:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.5.0:update8:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.5.0:update9:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.5.0:update9:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.4.2_38:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.4.2_38:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:-:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:-:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.4.2_40:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.4.2_40:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.4.2:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.4.2:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.4.2_1:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.4.2_1:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.4.2_2:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.4.2_2:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.4.2_3:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.4.2_3:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.4.2_4:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.4.2_4:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.4.2_5:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.4.2_5:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.4.2_6:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.4.2_6:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.4.2_7:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.4.2_7:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.4.2_8:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.4.2_8:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.4.2_9:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.4.2_9:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.4.2_10:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.4.2_10:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.4.2_11:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.4.2_11:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.4.2_12:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.4.2_12:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.4.2_13:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.4.2_13:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.4.2_14:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.4.2_14:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.4.2_15:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.4.2_15:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.4.2_16:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.4.2_16:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.4.2_17:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.4.2_17:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.4.2_18:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.4.2_18:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.4.2_19:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.4.2_19:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.4.2_20:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.4.2_20:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.4.2_21:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.4.2_21:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.4.2_22:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.4.2_22:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.4.2_23:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.4.2_23:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.4.2_24:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.4.2_24:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.4.2_25:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.4.2_25:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.4.2_26:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.4.2_26:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.4.2_27:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.4.2_27:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.4.2_28:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.4.2_28:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.4.2_29:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.4.2_29:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.4.2_30:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.4.2_30:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.4.2_31:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.4.2_31:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.4.2_32:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.4.2_32:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.4.2_33:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.4.2_33:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.4.2_34:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.4.2_34:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.4.2_35:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.4.2_35:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.4.2_36:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.4.2_36:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jre:1.4.2_37:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jre:1.4.2_37:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.4.2_38:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.4.2_38:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.4.2_40:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.4.2_40:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.4.2:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.4.2:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.4.2_1:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.4.2_1:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.4.2_2:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.4.2_2:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.4.2_3:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.4.2_3:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.4.2_4:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.4.2_4:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.4.2_5:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.4.2_5:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.4.2_6:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.4.2_6:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.4.2_7:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.4.2_7:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.4.2_8:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.4.2_8:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.4.2_9:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.4.2_9:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.4.2_10:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.4.2_10:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.4.2_11:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.4.2_11:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.4.2_12:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.4.2_12:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.4.2_13:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.4.2_13:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.4.2_14:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.4.2_14:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.4.2_15:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.4.2_15:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.4.2_16:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.4.2_16:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.4.2_17:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.4.2_17:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.4.2_18:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.4.2_18:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.4.2_19:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.4.2_19:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.4.2_22:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.4.2_22:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.4.2_23:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.4.2_23:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.4.2_25:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.4.2_25:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.4.2_26:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.4.2_26:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.4.2_27:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.4.2_27:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.4.2_28:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.4.2_28:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.4.2_29:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.4.2_29:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.4.2_30:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.4.2_30:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.4.2_31:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.4.2_31:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.4.2_32:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.4.2_32:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.4.2_33:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.4.2_33:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.4.2_34:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.4.2_34:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.4.2_35:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.4.2_35:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.4.2_36:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.4.2_36:*:*:*:*:*:*:*
  • cpe:2.3:a:sun:jdk:1.4.2_37:*:*:*:*:*:*:*
    cpe:2.3:a:sun:jdk:1.4.2_37:*:*:*:*:*:*:*
CVSS
Base: 10.0 (as of 19-09-2017 - 01:35)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:C/I:C/A:C
oval via4
  • accepted 2015-03-23T04:00:48.383-04:00
    class vulnerability
    contributors
    • name Sergey Artykhov
      organization ALTX-SOFT
    • name Maria Mikhno
      organization ALTX-SOFT
    definition_extensions
    • comment Java SE Runtime Environment 4 is installed
      oval oval:org.mitre.oval:def:16482
    • comment Java SE Runtime Environment 5 is installed
      oval oval:org.mitre.oval:def:15748
    • comment Java SE Runtime Environment 6 is installed
      oval oval:org.mitre.oval:def:16362
    • comment Java SE Runtime Environment 7 is installed
      oval oval:org.mitre.oval:def:16050
    description Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-0425 and CVE-2013-0428. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect "access control checks" in the logging API that allow remote attackers to bypass Java sandbox restrictions.
    family windows
    id oval:org.mitre.oval:def:15888
    status accepted
    submitted 2013-04-22T10:26:26.748+04:00
    title Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE (subcomponent: Libraries) 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-0425 and CVE-2013-0428. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect "access control checks" in the logging API that allow remote attackers to bypass Java sandbox restrictions.
    version 9
  • accepted 2015-04-20T04:01:02.066-04:00
    class vulnerability
    contributors
    • name Ganesh Manal
      organization Hewlett-Packard
    • name Sushant Kumar Singh
      organization Hewlett-Packard
    • name Prashant Kumar
      organization Hewlett-Packard
    • name Mike Cokus
      organization The MITRE Corporation
    description Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-0425 and CVE-2013-0428. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect "access control checks" in the logging API that allow remote attackers to bypass Java sandbox restrictions.
    family unix
    id oval:org.mitre.oval:def:19261
    status accepted
    submitted 2013-11-22T11:43:28.000-05:00
    title HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
    version 45
  • accepted 2015-04-20T04:01:20.497-04:00
    class vulnerability
    contributors
    • name Ganesh Manal
      organization Hewlett-Packard
    • name Sushant Kumar Singh
      organization Hewlett-Packard
    • name Sushant Kumar Singh
      organization Hewlett-Packard
    • name Prashant Kumar
      organization Hewlett-Packard
    • name Mike Cokus
      organization The MITRE Corporation
    description Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-0425 and CVE-2013-0428. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect "access control checks" in the logging API that allow remote attackers to bypass Java sandbox restrictions.
    family unix
    id oval:org.mitre.oval:def:19471
    status accepted
    submitted 2013-11-22T11:43:28.000-05:00
    title HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
    version 46
  • accepted 2015-04-20T04:01:22.241-04:00
    class vulnerability
    contributors
    • name Ganesh Manal
      organization Hewlett-Packard
    • name Sushant Kumar Singh
      organization Hewlett-Packard
    • name Sushant Kumar Singh
      organization Hewlett-Packard
    • name Prashant Kumar
      organization Hewlett-Packard
    • name Mike Cokus
      organization The MITRE Corporation
    description Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-0425 and CVE-2013-0428. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect "access control checks" in the logging API that allow remote attackers to bypass Java sandbox restrictions.
    family unix
    id oval:org.mitre.oval:def:19484
    status accepted
    submitted 2013-11-22T11:43:28.000-05:00
    title HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
    version 46
redhat via4
advisories
  • rhsa
    id RHSA-2013:0236
  • rhsa
    id RHSA-2013:0237
  • rhsa
    id RHSA-2013:0245
  • rhsa
    id RHSA-2013:0246
  • rhsa
    id RHSA-2013:0247
  • rhsa
    id RHSA-2013:1455
  • rhsa
    id RHSA-2013:1456
rpms
  • java-1.6.0-openjdk-1:1.6.0.0-1.54.1.11.6.el6_3
  • java-1.6.0-openjdk-demo-1:1.6.0.0-1.54.1.11.6.el6_3
  • java-1.6.0-openjdk-devel-1:1.6.0.0-1.54.1.11.6.el6_3
  • java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.54.1.11.6.el6_3
  • java-1.6.0-openjdk-src-1:1.6.0.0-1.54.1.11.6.el6_3
  • java-1.6.0-openjdk-1:1.6.0.0-1.33.1.11.6.el5_9
  • java-1.6.0-openjdk-demo-1:1.6.0.0-1.33.1.11.6.el5_9
  • java-1.6.0-openjdk-devel-1:1.6.0.0-1.33.1.11.6.el5_9
  • java-1.6.0-openjdk-javadoc-1:1.6.0.0-1.33.1.11.6.el5_9
  • java-1.6.0-openjdk-src-1:1.6.0.0-1.33.1.11.6.el5_9
  • java-1.7.0-openjdk-1:1.7.0.9-2.3.5.3.el6_3
  • java-1.7.0-openjdk-demo-1:1.7.0.9-2.3.5.3.el6_3
  • java-1.7.0-openjdk-devel-1:1.7.0.9-2.3.5.3.el6_3
  • java-1.7.0-openjdk-javadoc-1:1.7.0.9-2.3.5.3.el6_3
  • java-1.7.0-openjdk-src-1:1.7.0.9-2.3.5.3.el6_3
  • java-1.7.0-openjdk-1:1.7.0.9-2.3.5.3.el5_9
  • java-1.7.0-openjdk-demo-1:1.7.0.9-2.3.5.3.el5_9
  • java-1.7.0-openjdk-devel-1:1.7.0.9-2.3.5.3.el5_9
  • java-1.7.0-openjdk-javadoc-1:1.7.0.9-2.3.5.3.el5_9
  • java-1.7.0-openjdk-src-1:1.7.0.9-2.3.5.3.el5_9
refmap via4
bid 57711
cert TA13-032A
cert-vn VU#858729
confirm
gentoo GLSA-201406-32
hp
  • HPSBMU02874
  • HPSBUX02857
  • HPSBUX02864
  • SSRT101103
  • SSRT101156
  • SSRT101184
mandriva MDVSA-2013:095
suse
  • SUSE-SU-2013:0478
  • openSUSE-SU-2013:0312
  • openSUSE-SU-2013:0377
Last major update 19-09-2017 - 01:35
Published 02-02-2013 - 00:55
Back to Top