Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2013-2425
Vulnerability from cvelistv5
Published
2013-04-17 15:00
Modified
2024-08-06 15:36
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T15:36:46.383Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "oval:org.mitre.oval:def:16471", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16471" }, { "name": "TA13-107A", "tags": [ "third-party-advisory", "x_refsource_CERT", "x_transferred" ], "url": "http://www.us-cert.gov/ncas/alerts/TA13-107A" }, { "name": "RHSA-2013:0757", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2013-0757.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2013-04-16T00:00:00", "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-18T12:57:01", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle" }, "references": [ { "name": "oval:org.mitre.oval:def:16471", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16471" }, { "name": "TA13-107A", "tags": [ "third-party-advisory", "x_refsource_CERT" ], "url": "http://www.us-cert.gov/ncas/alerts/TA13-107A" }, { "name": "RHSA-2013:0757", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2013-0757.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert_us@oracle.com", "ID": "CVE-2013-2425", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "oval:org.mitre.oval:def:16471", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16471" }, { "name": "TA13-107A", "refsource": "CERT", "url": "http://www.us-cert.gov/ncas/alerts/TA13-107A" }, { "name": "RHSA-2013:0757", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2013-0757.html" }, { "name": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2013-2425", "datePublished": "2013-04-17T15:00:00", "dateReserved": "2013-03-05T00:00:00", "dateUpdated": "2024-08-06T15:36:46.383Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2013-2425\",\"sourceIdentifier\":\"secalert_us@oracle.com\",\"published\":\"2013-04-17T18:55:07.160\",\"lastModified\":\"2024-11-21T01:51:41.680\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad no especificada en el entorno de ejecuci\u00f3n de Java (JRE) en el componente Oracle Java SE 7 Update 17 y anteriores permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a trav\u00e9s de vectores desconocidos relacionados con la instalaci\u00f3n.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":10.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:*:update17:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.7.0\",\"matchCriteriaId\":\"9CBAECF5-3BFA-425A-A43F-8AEC3489A70F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C27372B-A091-46D5-AE39-A44BBB1D9EE2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4B153FD-E20B-4909-8B10-884E48F5B590\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.7.0:update10:*:*:*:*:*:*\",\"matchCriteriaId\":\"F21933FB-A27C-4AF3-9811-2DE28484A5A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.7.0:update11:*:*:*:*:*:*\",\"matchCriteriaId\":\"B2B20041-EB5D-4FA4-AC7D-C35E7878BCFD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.7.0:update13:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3C3C9C7-73AE-4B1D-AA85-C7F5330A4DE6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.7.0:update15:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D8BB8D7-D5EC-42D6-BEAA-CB03D1D6513E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB106FA9-26CE-48C5-AEA5-FD1A5454AEE2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*\",\"matchCriteriaId\":\"5831D70B-3854-4CB8-B88D-40F1743DAEE0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*\",\"matchCriteriaId\":\"EEB101C9-CA38-4421-BC0C-C1AD47AA2CC9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA302DF3-ABBB-4262-B206-4C0F7B5B1E91\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*\",\"matchCriteriaId\":\"F9A8EBCB-5E6A-42F0-8D07-F3A3D1C850F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.7.0:update7:*:*:*:*:*:*\",\"matchCriteriaId\":\"0CD8A54E-185B-4D34-82EF-C0C05739EC12\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.7.0:update9:*:*:*:*:*:*\",\"matchCriteriaId\":\"4FFC7F0D-1F32-4235-8359-277CE41382DF\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:*:update17:*:*:*:*:*:*\",\"versionEndIncluding\":\"1.7.0\",\"matchCriteriaId\":\"D80851A9-BF3D-44EB-897A-5E992B98DBE1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E44FC8AF-F76F-4A8E-8D03-4F8BCA8CB031\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*\",\"matchCriteriaId\":\"6152036D-6421-4AE4-9223-766FE07B5A44\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.7.0:update10:*:*:*:*:*:*\",\"matchCriteriaId\":\"FE8B0935-6637-413D-B896-28E0ED7F2CEC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.7.0:update11:*:*:*:*:*:*\",\"matchCriteriaId\":\"30B480BC-0886-4B19-B0A5-57B531077F40\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.7.0:update13:*:*:*:*:*:*\",\"matchCriteriaId\":\"7FA1990D-BBC2-429C-872C-6150459516B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.7.0:update15:*:*:*:*:*:*\",\"matchCriteriaId\":\"8DC2887E-610B-42FE-9A96-1E2F01BF17A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*\",\"matchCriteriaId\":\"D375CECB-405C-4E18-A7E8-9C5A2F97BD69\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*\",\"matchCriteriaId\":\"52EEEA5A-E77C-43CF-A063-9D5C64EA1870\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*\",\"matchCriteriaId\":\"003746F6-DEF0-4D0F-AD97-9E335868E301\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.7.0:update5:*:*:*:*:*:*\",\"matchCriteriaId\":\"CF830E0E-0169-4B6A-81FF-2E9FCD7D913B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.7.0:update6:*:*:*:*:*:*\",\"matchCriteriaId\":\"6BAE3670-0938-480A-8472-DFF0B3A0D0BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.7.0:update7:*:*:*:*:*:*\",\"matchCriteriaId\":\"0EC967FF-26A6-4498-BC09-EC23B2B75CBA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.7.0:update9:*:*:*:*:*:*\",\"matchCriteriaId\":\"02781457-4E40-46A9-A5F7-945232A8C2B1\"}]}]}],\"references\":[{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-0757.html\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.us-cert.gov/ncas/alerts/TA13-107A\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"US Government Resource\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16471\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2013-0757.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.us-cert.gov/ncas/alerts/TA13-107A\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16471\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}" } }
rhsa-2013_0757
Vulnerability from csaf_redhat
Published
2013-04-18 18:18
Modified
2024-12-08 10:38
Summary
Red Hat Security Advisory: java-1.7.0-oracle security update
Notes
Topic
Updated java-1.7.0-oracle packages that fix several security issues are now
available for Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
Details
Oracle Java SE version 7 includes the Oracle Java Runtime Environment and
the Oracle Java Software Development Kit.
This update fixes several vulnerabilities in the Oracle Java Runtime
Environment and the Oracle Java Software Development Kit. Further
information about these flaws can be found on the Oracle Java SE Critical
Patch Update Advisory page, listed in the References section.
(CVE-2013-0401, CVE-2013-0402, CVE-2013-1488, CVE-2013-1491, CVE-2013-1518,
CVE-2013-1537, CVE-2013-1540, CVE-2013-1557, CVE-2013-1558, CVE-2013-1561,
CVE-2013-1563, CVE-2013-1564, CVE-2013-1569, CVE-2013-2383, CVE-2013-2384,
CVE-2013-2394, CVE-2013-2414, CVE-2013-2415, CVE-2013-2416, CVE-2013-2417,
CVE-2013-2418, CVE-2013-2419, CVE-2013-2420, CVE-2013-2421, CVE-2013-2422,
CVE-2013-2423, CVE-2013-2424, CVE-2013-2425, CVE-2013-2426, CVE-2013-2427,
CVE-2013-2428, CVE-2013-2429, CVE-2013-2430, CVE-2013-2431, CVE-2013-2432,
CVE-2013-2433, CVE-2013-2434, CVE-2013-2435, CVE-2013-2436, CVE-2013-2438,
CVE-2013-2439, CVE-2013-2440)
All users of java-1.7.0-oracle are advised to upgrade to these updated
packages, which provide Oracle Java 7 Update 21 and resolve these issues.
All running instances of Oracle Java must be restarted for the update to
take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Critical" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated java-1.7.0-oracle packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 5 and 6 Supplementary.\n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.", "title": "Topic" }, { "category": "general", "text": "Oracle Java SE version 7 includes the Oracle Java Runtime Environment and\nthe Oracle Java Software Development Kit.\n\nThis update fixes several vulnerabilities in the Oracle Java Runtime\nEnvironment and the Oracle Java Software Development Kit. Further\ninformation about these flaws can be found on the Oracle Java SE Critical\nPatch Update Advisory page, listed in the References section.\n(CVE-2013-0401, CVE-2013-0402, CVE-2013-1488, CVE-2013-1491, CVE-2013-1518,\nCVE-2013-1537, CVE-2013-1540, CVE-2013-1557, CVE-2013-1558, CVE-2013-1561,\nCVE-2013-1563, CVE-2013-1564, CVE-2013-1569, CVE-2013-2383, CVE-2013-2384,\nCVE-2013-2394, CVE-2013-2414, CVE-2013-2415, CVE-2013-2416, CVE-2013-2417,\nCVE-2013-2418, CVE-2013-2419, CVE-2013-2420, CVE-2013-2421, CVE-2013-2422,\nCVE-2013-2423, CVE-2013-2424, CVE-2013-2425, CVE-2013-2426, CVE-2013-2427,\nCVE-2013-2428, CVE-2013-2429, CVE-2013-2430, CVE-2013-2431, CVE-2013-2432,\nCVE-2013-2433, CVE-2013-2434, CVE-2013-2435, CVE-2013-2436, CVE-2013-2438,\nCVE-2013-2439, CVE-2013-2440)\n\nAll users of java-1.7.0-oracle are advised to upgrade to these updated\npackages, which provide Oracle Java 7 Update 21 and resolve these issues.\nAll running instances of Oracle Java must be restarted for the update to\ntake effect.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2013:0757", "url": "https://access.redhat.com/errata/RHSA-2013:0757" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#critical", "url": "https://access.redhat.com/security/updates/classification/#critical" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html" }, { "category": "external", "summary": "920245", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=920245" }, { "category": "external", "summary": "920246", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=920246" }, { "category": "external", "summary": "920247", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=920247" }, { "category": "external", "summary": "920248", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=920248" }, { "category": "external", "summary": "952387", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952387" }, { "category": "external", "summary": "952389", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952389" }, { "category": "external", "summary": "952398", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952398" }, { "category": "external", "summary": "952509", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952509" }, { "category": "external", "summary": "952521", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952521" }, { "category": "external", "summary": "952524", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952524" }, { "category": "external", "summary": "952550", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952550" }, { "category": "external", "summary": "952638", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952638" }, { "category": "external", "summary": "952640", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952640" }, { "category": "external", "summary": "952642", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952642" }, { "category": "external", "summary": "952645", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952645" }, { "category": "external", "summary": "952646", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952646" }, { "category": "external", "summary": "952648", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952648" }, { "category": "external", "summary": "952649", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952649" }, { "category": "external", "summary": "952653", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952653" }, { "category": "external", "summary": "952656", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952656" }, { "category": "external", "summary": "952657", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952657" }, { "category": "external", "summary": "952708", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952708" }, { "category": "external", "summary": "952709", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952709" }, { "category": "external", "summary": "952711", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952711" }, { "category": "external", "summary": "953135", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953135" }, { "category": "external", "summary": "953166", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953166" }, { "category": "external", "summary": "953172", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953172" }, { "category": "external", "summary": "953265", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953265" }, { "category": "external", "summary": "953266", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953266" }, { "category": "external", "summary": "953267", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953267" }, { "category": "external", "summary": "953268", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953268" }, { "category": "external", "summary": "953269", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953269" }, { "category": "external", "summary": "953270", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953270" }, { "category": "external", "summary": "953272", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953272" }, { "category": "external", "summary": "953273", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953273" }, { "category": "external", "summary": "953274", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953274" }, { "category": "external", "summary": "953275", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953275" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2013/rhsa-2013_0757.json" } ], "title": "Red Hat Security Advisory: java-1.7.0-oracle security update", "tracking": { "current_release_date": "2024-12-08T10:38:10+00:00", "generator": { "date": "2024-12-08T10:38:10+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.3" } }, "id": "RHSA-2013:0757", "initial_release_date": "2013-04-18T18:18:00+00:00", "revision_history": [ { "date": "2013-04-18T18:18:00+00:00", "number": "1", "summary": "Initial version" }, { "date": "2013-11-13T11:10:43+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-12-08T10:38:10+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux Server Supplementary (v. 5)", "product": { "name": "Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.9.Z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:5::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.4.z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.4.z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.4.z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.4.z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux Supplementary" }, { "branches": [ { "category": "product_version", "name": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "product": { "name": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "product_id": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-devel@1.7.0.21-1jpp.1.el5?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "product": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "product_id": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-jdbc@1.7.0.21-1jpp.1.el5?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "product": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "product_id": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-plugin@1.7.0.21-1jpp.1.el5?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "product": { "name": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "product_id": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-src@1.7.0.21-1jpp.1.el5?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "product": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "product_id": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-javafx@1.7.0.21-1jpp.1.el5?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "product": { "name": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "product_id": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle@1.7.0.21-1jpp.1.el5?arch=i386\u0026epoch=1" } } } ], "category": "architecture", "name": "i386" }, { "branches": [ { "category": "product_version", "name": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "product": { "name": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "product_id": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-devel@1.7.0.21-1jpp.1.el5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "product": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "product_id": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-jdbc@1.7.0.21-1jpp.1.el5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "product": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "product_id": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-plugin@1.7.0.21-1jpp.1.el5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "product": { "name": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "product_id": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-src@1.7.0.21-1jpp.1.el5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "product": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "product_id": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-javafx@1.7.0.21-1jpp.1.el5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "product": { "name": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "product_id": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle@1.7.0.21-1jpp.1.el5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "product": { "name": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "product_id": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-devel@1.7.0.21-1jpp.1.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "product": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "product_id": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-jdbc@1.7.0.21-1jpp.1.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "product": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "product_id": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-plugin@1.7.0.21-1jpp.1.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "product": { "name": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "product_id": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-src@1.7.0.21-1jpp.1.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "product": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "product_id": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-javafx@1.7.0.21-1jpp.1.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "product": { "name": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "product_id": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle@1.7.0.21-1jpp.1.el6?arch=x86_64\u0026epoch=1" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "product": { "name": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "product_id": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-devel@1.7.0.21-1jpp.1.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "product": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "product_id": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-jdbc@1.7.0.21-1jpp.1.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "product": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "product_id": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-plugin@1.7.0.21-1jpp.1.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "product": { "name": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "product_id": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-src@1.7.0.21-1jpp.1.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "product": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "product_id": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-javafx@1.7.0.21-1jpp.1.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "product": { "name": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "product_id": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle@1.7.0.21-1jpp.1.el6?arch=i686\u0026epoch=1" } } } ], "category": "architecture", "name": "i686" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "relates_to_product_reference": "5Server-Supplementary-5.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "relates_to_product_reference": "5Server-Supplementary-5.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "relates_to_product_reference": "5Server-Supplementary-5.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "relates_to_product_reference": "5Server-Supplementary-5.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386" }, "product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "relates_to_product_reference": "5Server-Supplementary-5.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64" }, "product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "relates_to_product_reference": "5Server-Supplementary-5.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386" }, "product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "relates_to_product_reference": "5Server-Supplementary-5.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64" }, "product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "relates_to_product_reference": "5Server-Supplementary-5.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386" }, "product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "relates_to_product_reference": "5Server-Supplementary-5.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64" }, "product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "relates_to_product_reference": "5Server-Supplementary-5.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386" }, "product_reference": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "relates_to_product_reference": "5Server-Supplementary-5.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64" }, "product_reference": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "relates_to_product_reference": "5Server-Supplementary-5.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "relates_to_product_reference": "6Client-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "relates_to_product_reference": "6Client-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686" }, "product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "relates_to_product_reference": "6Client-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64" }, "product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686" }, "product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "relates_to_product_reference": "6Client-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64" }, "product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686" }, "product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "relates_to_product_reference": "6Client-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64" }, "product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686" }, "product_reference": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "relates_to_product_reference": "6Client-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" }, "product_reference": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686" }, "product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64" }, "product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686" }, "product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64" }, "product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686" }, "product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64" }, "product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686" }, "product_reference": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" }, "product_reference": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "relates_to_product_reference": "6Server-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "relates_to_product_reference": "6Server-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686" }, "product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "relates_to_product_reference": "6Server-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64" }, "product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686" }, "product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "relates_to_product_reference": "6Server-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64" }, "product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686" }, "product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "relates_to_product_reference": "6Server-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64" }, "product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686" }, "product_reference": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "relates_to_product_reference": "6Server-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" }, "product_reference": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686" }, "product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64" }, "product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686" }, "product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64" }, "product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686" }, "product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64" }, "product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686" }, "product_reference": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" }, "product_reference": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.4.z" } ] }, "vulnerabilities": [ { "cve": "CVE-2013-0401", "discovery_date": "2013-03-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "920245" } ], "notes": [ { "category": "description", "text": "The Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to execute arbitrary code via vectors related to AWT, as demonstrated by Ben Murphy during a Pwn2Own competition at CanSecWest 2013. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to invocation of the system class loader by the sun.awt.datatransfer.ClassLoaderObjectInputStream class, which allows remote attackers to bypass Java sandbox restrictions.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: sun.awt.datatransfer.ClassLoaderObjectInputStream class may incorrectly invoke the system class loader (CanSecWest 2013, AWT, 8009305)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-0401" }, { "category": "external", "summary": "RHBZ#920245", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=920245" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-0401", "url": "https://www.cve.org/CVERecord?id=CVE-2013-0401" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-0401", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0401" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: sun.awt.datatransfer.ClassLoaderObjectInputStream class may incorrectly invoke the system class loader (CanSecWest 2013, AWT, 8009305)" }, { "cve": "CVE-2013-0402", "discovery_date": "2013-03-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "920246" } ], "notes": [ { "category": "description", "text": "Heap-based buffer overflow in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to execute arbitrary code via unspecified vectors related to JavaFX, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2013.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified JavaFX buffer overflow leading to JVM compromise (CanSecWest 2013, JavaFX)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-0402" }, { "category": "external", "summary": "RHBZ#920246", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=920246" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-0402", "url": "https://www.cve.org/CVERecord?id=CVE-2013-0402" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-0402", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0402" } ], "release_date": "2013-03-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JDK: unspecified JavaFX buffer overflow leading to JVM compromise (CanSecWest 2013, JavaFX)" }, { "cve": "CVE-2013-1488", "discovery_date": "2013-03-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "920247" } ], "notes": [ { "category": "description", "text": "The Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to execute arbitrary code via unspecified vectors involving reflection, Libraries, \"improper toString calls,\" and the JDBC driver manager, as demonstrated by James Forshaw during a Pwn2Own competition at CanSecWest 2013.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: JDBC driver manager improper toString calls (CanSecWest 2013, Libraries, 8009814)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-1488" }, { "category": "external", "summary": "RHBZ#920247", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=920247" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-1488", "url": "https://www.cve.org/CVERecord?id=CVE-2013-1488" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-1488", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1488" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: JDBC driver manager improper toString calls (CanSecWest 2013, Libraries, 8009814)" }, { "cve": "CVE-2013-1491", "discovery_date": "2013-03-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "920248" } ], "notes": [ { "category": "description", "text": "The Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5.0 Update 41 and earlier, and JavaFX 2.2.7 and earlier allows remote attackers to execute arbitrary code via vectors related to 2D, as demonstrated by Joshua Drake during a Pwn2Own competition at CanSecWest 2013.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified sanbox bypass (CanSecWest 2013, 2D)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-1491" }, { "category": "external", "summary": "RHBZ#920248", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=920248" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-1491", "url": "https://www.cve.org/CVERecord?id=CVE-2013-1491" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-1491", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1491" } ], "release_date": "2013-03-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JDK: unspecified sanbox bypass (CanSecWest 2013, 2D)" }, { "cve": "CVE-2013-1518", "discovery_date": "2013-04-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "952646" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAXP. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to \"missing security restrictions.\"", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: JAXP missing security restrictions (JAXP, 6657673)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-1518" }, { "category": "external", "summary": "RHBZ#952646", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952646" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-1518", "url": "https://www.cve.org/CVERecord?id=CVE-2013-1518" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-1518", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1518" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: JAXP missing security restrictions (JAXP, 6657673)" }, { "cve": "CVE-2013-1537", "discovery_date": "2013-04-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "952387" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to the default java.rmi.server.useCodebaseOnly setting of false, which allows remote attackers to perform \"dynamic class downloading\" and execute arbitrary code.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: remote code loading enabled by default (RMI, 8001040)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-1537" }, { "category": "external", "summary": "RHBZ#952387", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952387" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-1537", "url": "https://www.cve.org/CVERecord?id=CVE-2013-1537" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-1537", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1537" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: remote code loading enabled by default (RMI, 8001040)" }, { "cve": "CVE-2013-1540", "discovery_date": "2013-04-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "953166" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2433.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-1540" }, { "category": "external", "summary": "RHBZ#953166", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953166" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-1540", "url": "https://www.cve.org/CVERecord?id=CVE-2013-1540" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-1540", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1540" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment)" }, { "cve": "CVE-2013-1557", "discovery_date": "2013-04-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "952648" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to \"missing security restrictions\" in the LogStream.setDefaultStream method.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: LogStream.setDefaultStream() missing security restrictions (RMI, 8001329)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-1557" }, { "category": "external", "summary": "RHBZ#952648", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952648" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-1557", "url": "https://www.cve.org/CVERecord?id=CVE-2013-1557" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-1557", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1557" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: LogStream.setDefaultStream() missing security restrictions (RMI, 8001329)" }, { "cve": "CVE-2013-1558", "discovery_date": "2013-04-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "952640" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: java.beans.ThreadGroupContext missing restrictions (Beans, 7200507)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-1558" }, { "category": "external", "summary": "RHBZ#952640", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952640" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-1558", "url": "https://www.cve.org/CVERecord?id=CVE-2013-1558" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-1558", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1558" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: java.beans.ThreadGroupContext missing restrictions (Beans, 7200507)" }, { "cve": "CVE-2013-1561", "discovery_date": "2013-04-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "953135" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality via unknown vectors related to JavaFX.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: multiple unspecified JavaFX vulnerabilities fixed in 7u21 (JavaFX)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-1561" }, { "category": "external", "summary": "RHBZ#953135", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953135" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-1561", "url": "https://www.cve.org/CVERecord?id=CVE-2013-1561" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-1561", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1561" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JDK: multiple unspecified JavaFX vulnerabilities fixed in 7u21 (JavaFX)" }, { "cve": "CVE-2013-1563", "discovery_date": "2013-04-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "953172" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Install)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-1563" }, { "category": "external", "summary": "RHBZ#953172", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953172" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-1563", "url": "https://www.cve.org/CVERecord?id=CVE-2013-1563" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-1563", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1563" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Install)" }, { "cve": "CVE-2013-1564", "discovery_date": "2013-04-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "953135" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect integrity via unknown vectors related to JavaFX.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: multiple unspecified JavaFX vulnerabilities fixed in 7u21 (JavaFX)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-1564" }, { "category": "external", "summary": "RHBZ#953135", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953135" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-1564", "url": "https://www.cve.org/CVERecord?id=CVE-2013-1564" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-1564", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1564" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JDK: multiple unspecified JavaFX vulnerabilities fixed in 7u21 (JavaFX)" }, { "cve": "CVE-2013-1569", "discovery_date": "2013-04-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "952711" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to \"checking of [a] glyph table\" in the International Components for Unicode (ICU) Layout Engine before 51.2.", "title": "Vulnerability description" }, { "category": "summary", "text": "ICU: Layout Engine font layout and glyph table errors (JDK 2D, 8004994)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-1569" }, { "category": "external", "summary": "RHBZ#952711", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952711" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-1569", "url": "https://www.cve.org/CVERecord?id=CVE-2013-1569" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-1569", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1569" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "ICU: Layout Engine font layout and glyph table errors (JDK 2D, 8004994)" }, { "cve": "CVE-2013-2383", "discovery_date": "2013-04-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "952708" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-1569, CVE-2013-2384, and CVE-2013-2420. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to \"handling of [a] glyph table\" in the International Components for Unicode (ICU) Layout Engine before 51.2.", "title": "Vulnerability description" }, { "category": "summary", "text": "ICU: Layout Engine font layout and glyph table errors (JDK 2D, 8004986)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2383" }, { "category": "external", "summary": "RHBZ#952708", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952708" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2383", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2383" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2383", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2383" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "ICU: Layout Engine font layout and glyph table errors (JDK 2D, 8004986)" }, { "cve": "CVE-2013-2384", "discovery_date": "2013-04-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "952709" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-1569, CVE-2013-2383, and CVE-2013-2420. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to \"font layout\" in the International Components for Unicode (ICU) Layout Engine before 51.2.", "title": "Vulnerability description" }, { "category": "summary", "text": "ICU: Layout Engine font layout and glyph table errors (JDK 2D, 8004987)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2384" }, { "category": "external", "summary": "RHBZ#952709", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952709" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2384", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2384" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2384", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2384" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "ICU: Layout Engine font layout and glyph table errors (JDK 2D, 8004987)" }, { "cve": "CVE-2013-2394", "discovery_date": "2013-04-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "953265" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5.0 Update 41 and earlier, and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-2432 and CVE-2013-1491.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 7u21 and 6u45 (2D)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2394" }, { "category": "external", "summary": "RHBZ#953265", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953265" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2394", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2394" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2394", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2394" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "JDK: unspecified vulnerability fixed in 7u21 and 6u45 (2D)" }, { "cve": "CVE-2013-2414", "discovery_date": "2013-04-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "953135" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX, a different vulnerability than CVE-2013-0402, CVE-2013-2427, and CVE-2013-2428.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: multiple unspecified JavaFX vulnerabilities fixed in 7u21 (JavaFX)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2414" }, { "category": "external", "summary": "RHBZ#953135", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953135" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2414", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2414" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2414", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2414" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JDK: multiple unspecified JavaFX vulnerabilities fixed in 7u21 (JavaFX)" }, { "cve": "CVE-2013-2415", "cwe": { "id": "CWE-732", "name": "Incorrect Permission Assignment for Critical Resource" }, "discovery_date": "2013-04-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "952389" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows local users to affect confidentiality via vectors related to JAX-WS. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to \"processing of MTOM attachments\" and the creation of temporary files with weak permissions.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: temporary files created with insecure permissions (JAX-WS, 8003542)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2415" }, { "category": "external", "summary": "RHBZ#952389", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952389" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2415", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2415" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2415", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2415" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 1.9, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "OpenJDK: temporary files created with insecure permissions (JAX-WS, 8003542)" }, { "cve": "CVE-2013-2416", "discovery_date": "2013-04-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "953266" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 7u21 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2416" }, { "category": "external", "summary": "RHBZ#953266", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953266" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2416", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2416" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2416", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2416" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: unspecified vulnerability fixed in 7u21 (Deployment)" }, { "cve": "CVE-2013-2417", "discovery_date": "2013-04-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "952657" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect availability via unknown vectors related to Networking. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to an information leak involving InetAddress serialization. CVE has not investigated the apparent discrepancy between vendor reports regarding the impact of this issue.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: Network InetAddress serialization information disclosure (Networking, 8000724)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2417" }, { "category": "external", "summary": "RHBZ#952657", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952657" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2417", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2417" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2417", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2417" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: Network InetAddress serialization information disclosure (Networking, 8000724)" }, { "cve": "CVE-2013-2418", "discovery_date": "2013-04-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "953267" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2418" }, { "category": "external", "summary": "RHBZ#953267", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953267" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2418", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2418" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2418", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2418" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment)" }, { "cve": "CVE-2013-2419", "discovery_date": "2013-04-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "952656" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect availability via unknown vectors related to 2D. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to \"font processing errors\" in the International Components for Unicode (ICU) Layout Engine before 51.2.", "title": "Vulnerability description" }, { "category": "summary", "text": "ICU: Layout Engine font processing errors (JDK 2D, 8001031)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2419" }, { "category": "external", "summary": "RHBZ#952656", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952656" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2419", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2419" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2419", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2419" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "ICU: Layout Engine font processing errors (JDK 2D, 8001031)" }, { "cve": "CVE-2013-2420", "discovery_date": "2013-04-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "952638" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to insufficient \"validation of images\" in share/native/sun/awt/image/awt_ImageRep.c, possibly involving offsets.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: image processing vulnerability (2D, 8007617)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2420" }, { "category": "external", "summary": "RHBZ#952638", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952638" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2420", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2420" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2420", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2420" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: image processing vulnerability (2D, 8007617)" }, { "cve": "CVE-2013-2421", "discovery_date": "2013-04-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "952649" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to HotSpot. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect MethodHandle lookups, which allows remote attackers to bypass Java sandbox restrictions.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: Hotspot MethodHandle lookup error (Hotspot, 8009699)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2421" }, { "category": "external", "summary": "RHBZ#952649", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952649" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2421", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2421" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2421", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2421" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: Hotspot MethodHandle lookup error (Hotspot, 8009699)" }, { "cve": "CVE-2013-2422", "discovery_date": "2013-04-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "952642" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper method-invocation restrictions by the MethodUtil trampoline class, which allows remote attackers to bypass the Java sandbox.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: MethodUtil trampoline class incorrect restrictions (Libraries, 8009857)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2422" }, { "category": "external", "summary": "RHBZ#952642", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952642" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2422", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2422" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2422", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2422" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: MethodUtil trampoline class incorrect restrictions (Libraries, 8009857)" }, { "cve": "CVE-2013-2423", "discovery_date": "2013-04-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "952398" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 7, allows remote attackers to affect integrity via unknown vectors related to HotSpot. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from the original researcher that this vulnerability allows remote attackers to bypass permission checks by the MethodHandles method and modify arbitrary public final fields using reflection and type confusion, as demonstrated using integer and double fields to disable the security manager.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: incorrect setter access checks in MethodHandles (Hostspot, 8009677)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2423" }, { "category": "external", "summary": "RHBZ#952398", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952398" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2423", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2423" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2423", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2423" }, { "category": "external", "summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "exploit_status", "date": "2022-05-25T00:00:00+00:00", "details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog" }, { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: incorrect setter access checks in MethodHandles (Hostspot, 8009677)" }, { "cve": "CVE-2013-2424", "discovery_date": "2013-04-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "952509" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality via vectors related to JMX. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to \"insufficient class access checks\" when \"creating new instances\" using MBeanInstantiator.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: MBeanInstantiator insufficient class access checks (JMX, 8006435)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2424" }, { "category": "external", "summary": "RHBZ#952509", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952509" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2424", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2424" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2424", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2424" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: MBeanInstantiator insufficient class access checks (JMX, 8006435)" }, { "cve": "CVE-2013-2425", "discovery_date": "2013-04-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "953268" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 7u21 (Install)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2425" }, { "category": "external", "summary": "RHBZ#953268", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953268" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2425", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2425" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2425", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2425" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JDK: unspecified vulnerability fixed in 7u21 (Install)" }, { "cve": "CVE-2013-2426", "discovery_date": "2013-04-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "952653" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect invocation of the defaultReadObject method in the ConcurrentHashMap class, which allows remote attackers to bypass the Java sandbox.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: ConcurrentHashMap incorrectly calls defaultReadObject() method (Libraries, 8009063)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2426" }, { "category": "external", "summary": "RHBZ#952653", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952653" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2426", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2426" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2426", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2426" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: ConcurrentHashMap incorrectly calls defaultReadObject() method (Libraries, 8009063)" }, { "cve": "CVE-2013-2427", "discovery_date": "2013-04-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "953135" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX, a different vulnerability than CVE-2013-0402, CVE-2013-2414, and CVE-2013-2428.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: multiple unspecified JavaFX vulnerabilities fixed in 7u21 (JavaFX)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2427" }, { "category": "external", "summary": "RHBZ#953135", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953135" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2427", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2427" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2427", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2427" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JDK: multiple unspecified JavaFX vulnerabilities fixed in 7u21 (JavaFX)" }, { "cve": "CVE-2013-2428", "discovery_date": "2013-04-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "953135" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX, a different vulnerability than CVE-2013-0402, CVE-2013-2414, and CVE-2013-2427.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: multiple unspecified JavaFX vulnerabilities fixed in 7u21 (JavaFX)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2428" }, { "category": "external", "summary": "RHBZ#953135", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953135" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2428", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2428" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2428", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2428" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JDK: multiple unspecified JavaFX vulnerabilities fixed in 7u21 (JavaFX)" }, { "cve": "CVE-2013-2429", "discovery_date": "2013-04-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "952521" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to ImageIO. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to \"JPEGImageWriter state corruption\" when using native code, which triggers memory corruption.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: JPEGImageWriter state corruption (ImageIO, 8007918)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2429" }, { "category": "external", "summary": "RHBZ#952521", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952521" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2429", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2429" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2429", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2429" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: JPEGImageWriter state corruption (ImageIO, 8007918)" }, { "cve": "CVE-2013-2430", "discovery_date": "2013-04-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "952524" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; JavaFX 2.2.7 and earlier; and OpenJDK 6 and 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to ImageIO. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to \"JPEGImageReader state corruption\" when using native code.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: JPEGImageReader state corruption (ImageIO, 8007667)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2430" }, { "category": "external", "summary": "RHBZ#952524", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952524" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2430", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2430" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2430", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2430" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: JPEGImageReader state corruption (ImageIO, 8007667)" }, { "cve": "CVE-2013-2431", "discovery_date": "2013-04-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "952645" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to HotSpot. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to bypassing the Java sandbox using \"method handle intrinsic frames.\"", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: Hotspot intrinsic frames vulnerability (Hotspot, 8004336)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2431" }, { "category": "external", "summary": "RHBZ#952645", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952645" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2431", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2431" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2431", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2431" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: Hotspot intrinsic frames vulnerability (Hotspot, 8004336)" }, { "cve": "CVE-2013-2432", "discovery_date": "2013-04-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "953269" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5.0 Update 41 and earlier, and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-2394 and CVE-2013-1491.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 7u21 and 6u45 (2D)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2432" }, { "category": "external", "summary": "RHBZ#953269", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953269" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2432", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2432" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2432", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2432" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JDK: unspecified vulnerability fixed in 7u21 and 6u45 (2D)" }, { "cve": "CVE-2013-2433", "discovery_date": "2013-04-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "953270" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-1540.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2433" }, { "category": "external", "summary": "RHBZ#953270", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953270" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2433", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2433" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2433", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2433" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment)" }, { "cve": "CVE-2013-2434", "discovery_date": "2013-04-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "953272" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 7u21 (2D)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2434" }, { "category": "external", "summary": "RHBZ#953272", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953272" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2434", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2434" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2434", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2434" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JDK: unspecified vulnerability fixed in 7u21 (2D)" }, { "cve": "CVE-2013-2435", "discovery_date": "2013-04-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "953273" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2440.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2435" }, { "category": "external", "summary": "RHBZ#953273", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953273" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2435", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2435" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2435", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2435" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment)" }, { "cve": "CVE-2013-2436", "discovery_date": "2013-04-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "952550" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-1488 and CVE-2013-2426. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect \"type checks\" and \"method handle binding\" involving Wrapper.convert.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: Wrapper.convert insufficient type checks (Libraries, 8009049)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2436" }, { "category": "external", "summary": "RHBZ#952550", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952550" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2436", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2436" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2436", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2436" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: Wrapper.convert insufficient type checks (Libraries, 8009049)" }, { "cve": "CVE-2013-2438", "discovery_date": "2013-04-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "953135" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier allows remote attackers to affect integrity via unknown vectors related to JavaFX.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: multiple unspecified JavaFX vulnerabilities fixed in 7u21 (JavaFX)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2438" }, { "category": "external", "summary": "RHBZ#953135", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953135" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2438", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2438" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2438", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2438" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JDK: multiple unspecified JavaFX vulnerabilities fixed in 7u21 (JavaFX)" }, { "cve": "CVE-2013-2439", "discovery_date": "2013-04-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "953274" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5.0 Update 41 and earlier, and JavaFX 2.2.7 and earlier allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Install.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Install)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2439" }, { "category": "external", "summary": "RHBZ#953274", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953274" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2439", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2439" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2439", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2439" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Install)" }, { "cve": "CVE-2013-2440", "discovery_date": "2013-04-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "953275" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2435.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2440" }, { "category": "external", "summary": "RHBZ#953275", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953275" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2440", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2440" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2440", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2440" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment)" } ] }
ghsa-r2cx-28wv-46g2
Vulnerability from github
Published
2022-05-17 00:55
Modified
2022-05-17 00:55
Details
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install.
{ "affected": [], "aliases": [ "CVE-2013-2425" ], "database_specific": { "cwe_ids": [], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2013-04-17T18:55:00Z", "severity": "HIGH" }, "details": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install.", "id": "GHSA-r2cx-28wv-46g2", "modified": "2022-05-17T00:55:30Z", "published": "2022-05-17T00:55:30Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2425" }, { "type": "WEB", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16471" }, { "type": "WEB", "url": "http://rhn.redhat.com/errata/RHSA-2013-0757.html" }, { "type": "WEB", "url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html" }, { "type": "WEB", "url": "http://www.us-cert.gov/ncas/alerts/TA13-107A" } ], "schema_version": "1.4.0", "severity": [] }
gsd-2013-2425
Vulnerability from gsd
Modified
2023-12-13 01:22
Details
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install.
Aliases
Aliases
{ "GSD": { "alias": "CVE-2013-2425", "description": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install.", "id": "GSD-2013-2425", "references": [ "https://www.suse.com/security/cve/CVE-2013-2425.html", "https://access.redhat.com/errata/RHSA-2013:0757" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2013-2425" ], "details": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install.", "id": "GSD-2013-2425", "modified": "2023-12-13T01:22:17.792568Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "secalert_us@oracle.com", "ID": "CVE-2013-2425", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "oval:org.mitre.oval:def:16471", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16471" }, { "name": "TA13-107A", "refsource": "CERT", "url": "http://www.us-cert.gov/ncas/alerts/TA13-107A" }, { "name": "RHSA-2013:0757", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2013-0757.html" }, { "name": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html" } ] } }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update7:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update9:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update13:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update15:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:*:update17:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "1.7.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update10:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update11:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update10:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update11:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update5:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update6:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:*:update17:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "1.7.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update7:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update9:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update13:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update15:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "secalert_us@oracle.com", "ID": "CVE-2013-2425" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ] } ] }, "references": { "reference_data": [ { "name": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html", "refsource": "CONFIRM", "tags": [ "Vendor Advisory" ], "url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html" }, { "name": "RHSA-2013:0757", "refsource": "REDHAT", "tags": [], "url": "http://rhn.redhat.com/errata/RHSA-2013-0757.html" }, { "name": "TA13-107A", "refsource": "CERT", "tags": [ "US Government Resource" ], "url": "http://www.us-cert.gov/ncas/alerts/TA13-107A" }, { "name": "oval:org.mitre.oval:def:16471", "refsource": "OVAL", "tags": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16471" } ] } }, "impact": { "baseMetricV2": { "cvssV2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false } }, "lastModifiedDate": "2017-09-19T01:36Z", "publishedDate": "2013-04-17T18:55Z" } } }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.