fkie_cve-2013-2434
Vulnerability from fkie_nvd
Published
2013-04-17 18:55
Modified
2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | jre | * | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jdk | * | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | javafx | * | |
| oracle | javafx | 2.0 | |
| oracle | javafx | 2.0.2 | |
| oracle | javafx | 2.0.3 | |
| oracle | javafx | 2.1 | |
| oracle | javafx | 2.2 | |
| oracle | javafx | 2.2.3 | |
| oracle | javafx | 2.2.4 | |
| oracle | javafx | 2.2.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jre:*:update17:*:*:*:*:*:*",
"matchCriteriaId": "9CBAECF5-3BFA-425A-A43F-8AEC3489A70F",
"versionEndIncluding": "1.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5C27372B-A091-46D5-AE39-A44BBB1D9EE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "F4B153FD-E20B-4909-8B10-884E48F5B590",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update10:*:*:*:*:*:*",
"matchCriteriaId": "F21933FB-A27C-4AF3-9811-2DE28484A5A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update11:*:*:*:*:*:*",
"matchCriteriaId": "B2B20041-EB5D-4FA4-AC7D-C35E7878BCFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update13:*:*:*:*:*:*",
"matchCriteriaId": "F3C3C9C7-73AE-4B1D-AA85-C7F5330A4DE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update15:*:*:*:*:*:*",
"matchCriteriaId": "1D8BB8D7-D5EC-42D6-BEAA-CB03D1D6513E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "CB106FA9-26CE-48C5-AEA5-FD1A5454AEE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "5831D70B-3854-4CB8-B88D-40F1743DAEE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "EEB101C9-CA38-4421-BC0C-C1AD47AA2CC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "BA302DF3-ABBB-4262-B206-4C0F7B5B1E91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "F9A8EBCB-5E6A-42F0-8D07-F3A3D1C850F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update7:*:*:*:*:*:*",
"matchCriteriaId": "0CD8A54E-185B-4D34-82EF-C0C05739EC12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update9:*:*:*:*:*:*",
"matchCriteriaId": "4FFC7F0D-1F32-4235-8359-277CE41382DF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:*:update17:*:*:*:*:*:*",
"matchCriteriaId": "D80851A9-BF3D-44EB-897A-5E992B98DBE1",
"versionEndIncluding": "1.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E44FC8AF-F76F-4A8E-8D03-4F8BCA8CB031",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "6152036D-6421-4AE4-9223-766FE07B5A44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update10:*:*:*:*:*:*",
"matchCriteriaId": "FE8B0935-6637-413D-B896-28E0ED7F2CEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update11:*:*:*:*:*:*",
"matchCriteriaId": "30B480BC-0886-4B19-B0A5-57B531077F40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update13:*:*:*:*:*:*",
"matchCriteriaId": "7FA1990D-BBC2-429C-872C-6150459516B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update15:*:*:*:*:*:*",
"matchCriteriaId": "8DC2887E-610B-42FE-9A96-1E2F01BF17A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "D375CECB-405C-4E18-A7E8-9C5A2F97BD69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "52EEEA5A-E77C-43CF-A063-9D5C64EA1870",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "003746F6-DEF0-4D0F-AD97-9E335868E301",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "CF830E0E-0169-4B6A-81FF-2E9FCD7D913B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "6BAE3670-0938-480A-8472-DFF0B3A0D0BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update7:*:*:*:*:*:*",
"matchCriteriaId": "0EC967FF-26A6-4498-BC09-EC23B2B75CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update9:*:*:*:*:*:*",
"matchCriteriaId": "02781457-4E40-46A9-A5F7-945232A8C2B1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:javafx:*:*:*:*:*:*:*:*",
"matchCriteriaId": "42C5A003-20C4-48E9-96B3-6C4A0C29E6F2",
"versionEndIncluding": "2.2.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:javafx:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "64BDB79F-96E0-43A4-81CD-BADF0B039006",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:javafx:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EC0E861D-AEBC-46EF-8CA6-CF7DE2518DB6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:javafx:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "EB4477BB-9B0A-4874-9A5B-1B6193DC94E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:javafx:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BBA3A1CE-1531-426A-A600-4DD6FB63D01A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:javafx:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1E2179A9-513A-46AA-BC4D-ED988B38650F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:javafx:2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F37311B5-5404-435B-BBB6-76DA3EA19730",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:javafx:2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "55CB5B80-C778-456D-8871-CA79DED61078",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:javafx:2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "00472766-CED3-42FD-AD93-811EDBC45790",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en el entorno de ejecuci\u00f3n de Java (JRE) en el componente Oracle Java SE v7 Update v17 y anteriores y JavaFX v2.2.7 y anteriores permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a trav\u00e9s de vectores desconocidos relacionados con 2D."
}
],
"id": "CVE-2013-2434",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-04-17T18:55:07.370",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=137283787217316\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0757.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/ncas/alerts/TA13-107A"
},
{
"source": "secalert_us@oracle.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16201"
},
{
"source": "secalert_us@oracle.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19462"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=137283787217316\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0757.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/ncas/alerts/TA13-107A"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16201"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19462"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…