rhsa-2013_0757
Vulnerability from csaf_redhat
Published
2013-04-18 18:18
Modified
2024-12-08 10:38
Summary
Red Hat Security Advisory: java-1.7.0-oracle security update
Notes
Topic
Updated java-1.7.0-oracle packages that fix several security issues are now
available for Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
Details
Oracle Java SE version 7 includes the Oracle Java Runtime Environment and
the Oracle Java Software Development Kit.
This update fixes several vulnerabilities in the Oracle Java Runtime
Environment and the Oracle Java Software Development Kit. Further
information about these flaws can be found on the Oracle Java SE Critical
Patch Update Advisory page, listed in the References section.
(CVE-2013-0401, CVE-2013-0402, CVE-2013-1488, CVE-2013-1491, CVE-2013-1518,
CVE-2013-1537, CVE-2013-1540, CVE-2013-1557, CVE-2013-1558, CVE-2013-1561,
CVE-2013-1563, CVE-2013-1564, CVE-2013-1569, CVE-2013-2383, CVE-2013-2384,
CVE-2013-2394, CVE-2013-2414, CVE-2013-2415, CVE-2013-2416, CVE-2013-2417,
CVE-2013-2418, CVE-2013-2419, CVE-2013-2420, CVE-2013-2421, CVE-2013-2422,
CVE-2013-2423, CVE-2013-2424, CVE-2013-2425, CVE-2013-2426, CVE-2013-2427,
CVE-2013-2428, CVE-2013-2429, CVE-2013-2430, CVE-2013-2431, CVE-2013-2432,
CVE-2013-2433, CVE-2013-2434, CVE-2013-2435, CVE-2013-2436, CVE-2013-2438,
CVE-2013-2439, CVE-2013-2440)
All users of java-1.7.0-oracle are advised to upgrade to these updated
packages, which provide Oracle Java 7 Update 21 and resolve these issues.
All running instances of Oracle Java must be restarted for the update to
take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Critical" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated java-1.7.0-oracle packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 5 and 6 Supplementary.\n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.", "title": "Topic" }, { "category": "general", "text": "Oracle Java SE version 7 includes the Oracle Java Runtime Environment and\nthe Oracle Java Software Development Kit.\n\nThis update fixes several vulnerabilities in the Oracle Java Runtime\nEnvironment and the Oracle Java Software Development Kit. Further\ninformation about these flaws can be found on the Oracle Java SE Critical\nPatch Update Advisory page, listed in the References section.\n(CVE-2013-0401, CVE-2013-0402, CVE-2013-1488, CVE-2013-1491, CVE-2013-1518,\nCVE-2013-1537, CVE-2013-1540, CVE-2013-1557, CVE-2013-1558, CVE-2013-1561,\nCVE-2013-1563, CVE-2013-1564, CVE-2013-1569, CVE-2013-2383, CVE-2013-2384,\nCVE-2013-2394, CVE-2013-2414, CVE-2013-2415, CVE-2013-2416, CVE-2013-2417,\nCVE-2013-2418, CVE-2013-2419, CVE-2013-2420, CVE-2013-2421, CVE-2013-2422,\nCVE-2013-2423, CVE-2013-2424, CVE-2013-2425, CVE-2013-2426, CVE-2013-2427,\nCVE-2013-2428, CVE-2013-2429, CVE-2013-2430, CVE-2013-2431, CVE-2013-2432,\nCVE-2013-2433, CVE-2013-2434, CVE-2013-2435, CVE-2013-2436, CVE-2013-2438,\nCVE-2013-2439, CVE-2013-2440)\n\nAll users of java-1.7.0-oracle are advised to upgrade to these updated\npackages, which provide Oracle Java 7 Update 21 and resolve these issues.\nAll running instances of Oracle Java must be restarted for the update to\ntake effect.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2013:0757", "url": "https://access.redhat.com/errata/RHSA-2013:0757" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#critical", "url": "https://access.redhat.com/security/updates/classification/#critical" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html" }, { "category": "external", "summary": "920245", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=920245" }, { "category": "external", "summary": "920246", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=920246" }, { "category": "external", "summary": "920247", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=920247" }, { "category": "external", "summary": "920248", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=920248" }, { "category": "external", "summary": "952387", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952387" }, { "category": "external", "summary": "952389", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952389" }, { "category": "external", "summary": "952398", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952398" }, { "category": "external", "summary": "952509", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952509" }, { "category": "external", "summary": "952521", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952521" }, { "category": "external", "summary": "952524", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952524" }, { "category": "external", "summary": "952550", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952550" }, { "category": "external", "summary": "952638", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952638" }, { "category": "external", "summary": "952640", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952640" }, { "category": "external", "summary": "952642", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952642" }, { "category": "external", "summary": "952645", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952645" }, { "category": "external", "summary": "952646", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952646" }, { "category": "external", "summary": "952648", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952648" }, { "category": "external", "summary": "952649", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952649" }, { "category": "external", "summary": "952653", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952653" }, { "category": "external", "summary": "952656", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952656" }, { "category": "external", "summary": "952657", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952657" }, { "category": "external", "summary": "952708", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952708" }, { "category": "external", "summary": "952709", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952709" }, { "category": "external", "summary": "952711", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952711" }, { "category": "external", "summary": "953135", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953135" }, { "category": "external", "summary": "953166", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953166" }, { "category": "external", "summary": "953172", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953172" }, { "category": "external", "summary": "953265", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953265" }, { "category": "external", "summary": "953266", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953266" }, { "category": "external", "summary": "953267", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953267" }, { "category": "external", "summary": "953268", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953268" }, { "category": "external", "summary": "953269", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953269" }, { "category": "external", "summary": "953270", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953270" }, { "category": "external", "summary": "953272", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953272" }, { "category": "external", "summary": "953273", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953273" }, { "category": "external", "summary": "953274", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953274" }, { "category": "external", "summary": "953275", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953275" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2013/rhsa-2013_0757.json" } ], "title": "Red Hat Security Advisory: java-1.7.0-oracle security update", "tracking": { "current_release_date": "2024-12-08T10:38:10+00:00", "generator": { "date": "2024-12-08T10:38:10+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.3" } }, "id": "RHSA-2013:0757", "initial_release_date": "2013-04-18T18:18:00+00:00", "revision_history": [ { "date": "2013-04-18T18:18:00+00:00", "number": "1", "summary": "Initial version" }, { "date": "2013-11-13T11:10:43+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-12-08T10:38:10+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux Server Supplementary (v. 5)", "product": { "name": "Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.9.Z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:5::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.4.z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.4.z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.4.z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.4.z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux Supplementary" }, { "branches": [ { "category": "product_version", "name": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "product": { "name": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "product_id": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-devel@1.7.0.21-1jpp.1.el5?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "product": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "product_id": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-jdbc@1.7.0.21-1jpp.1.el5?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "product": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "product_id": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-plugin@1.7.0.21-1jpp.1.el5?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "product": { "name": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "product_id": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-src@1.7.0.21-1jpp.1.el5?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "product": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "product_id": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-javafx@1.7.0.21-1jpp.1.el5?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "product": { "name": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "product_id": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle@1.7.0.21-1jpp.1.el5?arch=i386\u0026epoch=1" } } } ], "category": "architecture", "name": "i386" }, { "branches": [ { "category": "product_version", "name": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "product": { "name": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "product_id": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-devel@1.7.0.21-1jpp.1.el5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "product": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "product_id": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-jdbc@1.7.0.21-1jpp.1.el5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "product": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "product_id": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-plugin@1.7.0.21-1jpp.1.el5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "product": { "name": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "product_id": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-src@1.7.0.21-1jpp.1.el5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "product": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "product_id": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-javafx@1.7.0.21-1jpp.1.el5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "product": { "name": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "product_id": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle@1.7.0.21-1jpp.1.el5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "product": { "name": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "product_id": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-devel@1.7.0.21-1jpp.1.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "product": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "product_id": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-jdbc@1.7.0.21-1jpp.1.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "product": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "product_id": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-plugin@1.7.0.21-1jpp.1.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "product": { "name": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "product_id": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-src@1.7.0.21-1jpp.1.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "product": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "product_id": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-javafx@1.7.0.21-1jpp.1.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "product": { "name": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "product_id": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle@1.7.0.21-1jpp.1.el6?arch=x86_64\u0026epoch=1" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "product": { "name": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "product_id": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-devel@1.7.0.21-1jpp.1.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "product": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "product_id": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-jdbc@1.7.0.21-1jpp.1.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "product": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "product_id": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-plugin@1.7.0.21-1jpp.1.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "product": { "name": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "product_id": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-src@1.7.0.21-1jpp.1.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "product": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "product_id": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-javafx@1.7.0.21-1jpp.1.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "product": { "name": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "product_id": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle@1.7.0.21-1jpp.1.el6?arch=i686\u0026epoch=1" } } } ], "category": "architecture", "name": "i686" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "relates_to_product_reference": "5Server-Supplementary-5.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "relates_to_product_reference": "5Server-Supplementary-5.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "relates_to_product_reference": "5Server-Supplementary-5.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "relates_to_product_reference": "5Server-Supplementary-5.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386" }, "product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "relates_to_product_reference": "5Server-Supplementary-5.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64" }, "product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "relates_to_product_reference": "5Server-Supplementary-5.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386" }, "product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "relates_to_product_reference": "5Server-Supplementary-5.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64" }, "product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "relates_to_product_reference": "5Server-Supplementary-5.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386" }, "product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "relates_to_product_reference": "5Server-Supplementary-5.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64" }, "product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "relates_to_product_reference": "5Server-Supplementary-5.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386" }, "product_reference": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "relates_to_product_reference": "5Server-Supplementary-5.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64" }, "product_reference": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "relates_to_product_reference": "5Server-Supplementary-5.9.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "relates_to_product_reference": "6Client-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "relates_to_product_reference": "6Client-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686" }, "product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "relates_to_product_reference": "6Client-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64" }, "product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686" }, "product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "relates_to_product_reference": "6Client-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64" }, "product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686" }, "product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "relates_to_product_reference": "6Client-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64" }, "product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686" }, "product_reference": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "relates_to_product_reference": "6Client-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" }, "product_reference": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686" }, "product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64" }, "product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686" }, "product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64" }, "product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686" }, "product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64" }, "product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686" }, "product_reference": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" }, "product_reference": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "relates_to_product_reference": "6Server-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "relates_to_product_reference": "6Server-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686" }, "product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "relates_to_product_reference": "6Server-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64" }, "product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686" }, "product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "relates_to_product_reference": "6Server-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64" }, "product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686" }, "product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "relates_to_product_reference": "6Server-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64" }, "product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686" }, "product_reference": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "relates_to_product_reference": "6Server-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" }, "product_reference": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686" }, "product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64" }, "product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686" }, "product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64" }, "product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686" }, "product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64" }, "product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686" }, "product_reference": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.4.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" }, "product_reference": "java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.4.z" } ] }, "vulnerabilities": [ { "cve": "CVE-2013-0401", "discovery_date": "2013-03-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "920245" } ], "notes": [ { "category": "description", "text": "The Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to execute arbitrary code via vectors related to AWT, as demonstrated by Ben Murphy during a Pwn2Own competition at CanSecWest 2013. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to invocation of the system class loader by the sun.awt.datatransfer.ClassLoaderObjectInputStream class, which allows remote attackers to bypass Java sandbox restrictions.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: sun.awt.datatransfer.ClassLoaderObjectInputStream class may incorrectly invoke the system class loader (CanSecWest 2013, AWT, 8009305)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-0401" }, { "category": "external", "summary": "RHBZ#920245", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=920245" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-0401", "url": "https://www.cve.org/CVERecord?id=CVE-2013-0401" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-0401", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0401" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: sun.awt.datatransfer.ClassLoaderObjectInputStream class may incorrectly invoke the system class loader (CanSecWest 2013, AWT, 8009305)" }, { "cve": "CVE-2013-0402", "discovery_date": "2013-03-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "920246" } ], "notes": [ { "category": "description", "text": "Heap-based buffer overflow in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to execute arbitrary code via unspecified vectors related to JavaFX, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2013.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified JavaFX buffer overflow leading to JVM compromise (CanSecWest 2013, JavaFX)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-0402" }, { "category": "external", "summary": "RHBZ#920246", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=920246" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-0402", "url": "https://www.cve.org/CVERecord?id=CVE-2013-0402" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-0402", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0402" } ], "release_date": "2013-03-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JDK: unspecified JavaFX buffer overflow leading to JVM compromise (CanSecWest 2013, JavaFX)" }, { "cve": "CVE-2013-1488", "discovery_date": "2013-03-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "920247" } ], "notes": [ { "category": "description", "text": "The Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to execute arbitrary code via unspecified vectors involving reflection, Libraries, \"improper toString calls,\" and the JDBC driver manager, as demonstrated by James Forshaw during a Pwn2Own competition at CanSecWest 2013.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: JDBC driver manager improper toString calls (CanSecWest 2013, Libraries, 8009814)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-1488" }, { "category": "external", "summary": "RHBZ#920247", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=920247" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-1488", "url": "https://www.cve.org/CVERecord?id=CVE-2013-1488" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-1488", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1488" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: JDBC driver manager improper toString calls (CanSecWest 2013, Libraries, 8009814)" }, { "cve": "CVE-2013-1491", "discovery_date": "2013-03-08T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "920248" } ], "notes": [ { "category": "description", "text": "The Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5.0 Update 41 and earlier, and JavaFX 2.2.7 and earlier allows remote attackers to execute arbitrary code via vectors related to 2D, as demonstrated by Joshua Drake during a Pwn2Own competition at CanSecWest 2013.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified sanbox bypass (CanSecWest 2013, 2D)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-1491" }, { "category": "external", "summary": "RHBZ#920248", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=920248" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-1491", "url": "https://www.cve.org/CVERecord?id=CVE-2013-1491" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-1491", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1491" } ], "release_date": "2013-03-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JDK: unspecified sanbox bypass (CanSecWest 2013, 2D)" }, { "cve": "CVE-2013-1518", "discovery_date": "2013-04-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "952646" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAXP. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to \"missing security restrictions.\"", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: JAXP missing security restrictions (JAXP, 6657673)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-1518" }, { "category": "external", "summary": "RHBZ#952646", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952646" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-1518", "url": "https://www.cve.org/CVERecord?id=CVE-2013-1518" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-1518", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1518" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: JAXP missing security restrictions (JAXP, 6657673)" }, { "cve": "CVE-2013-1537", "discovery_date": "2013-04-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "952387" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to the default java.rmi.server.useCodebaseOnly setting of false, which allows remote attackers to perform \"dynamic class downloading\" and execute arbitrary code.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: remote code loading enabled by default (RMI, 8001040)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-1537" }, { "category": "external", "summary": "RHBZ#952387", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952387" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-1537", "url": "https://www.cve.org/CVERecord?id=CVE-2013-1537" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-1537", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1537" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: remote code loading enabled by default (RMI, 8001040)" }, { "cve": "CVE-2013-1540", "discovery_date": "2013-04-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "953166" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2433.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-1540" }, { "category": "external", "summary": "RHBZ#953166", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953166" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-1540", "url": "https://www.cve.org/CVERecord?id=CVE-2013-1540" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-1540", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1540" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment)" }, { "cve": "CVE-2013-1557", "discovery_date": "2013-04-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "952648" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to \"missing security restrictions\" in the LogStream.setDefaultStream method.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: LogStream.setDefaultStream() missing security restrictions (RMI, 8001329)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-1557" }, { "category": "external", "summary": "RHBZ#952648", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952648" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-1557", "url": "https://www.cve.org/CVERecord?id=CVE-2013-1557" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-1557", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1557" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: LogStream.setDefaultStream() missing security restrictions (RMI, 8001329)" }, { "cve": "CVE-2013-1558", "discovery_date": "2013-04-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "952640" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Beans.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: java.beans.ThreadGroupContext missing restrictions (Beans, 7200507)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-1558" }, { "category": "external", "summary": "RHBZ#952640", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952640" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-1558", "url": "https://www.cve.org/CVERecord?id=CVE-2013-1558" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-1558", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1558" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: java.beans.ThreadGroupContext missing restrictions (Beans, 7200507)" }, { "cve": "CVE-2013-1561", "discovery_date": "2013-04-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "953135" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality via unknown vectors related to JavaFX.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: multiple unspecified JavaFX vulnerabilities fixed in 7u21 (JavaFX)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-1561" }, { "category": "external", "summary": "RHBZ#953135", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953135" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-1561", "url": "https://www.cve.org/CVERecord?id=CVE-2013-1561" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-1561", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1561" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JDK: multiple unspecified JavaFX vulnerabilities fixed in 7u21 (JavaFX)" }, { "cve": "CVE-2013-1563", "discovery_date": "2013-04-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "953172" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Install)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-1563" }, { "category": "external", "summary": "RHBZ#953172", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953172" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-1563", "url": "https://www.cve.org/CVERecord?id=CVE-2013-1563" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-1563", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1563" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Install)" }, { "cve": "CVE-2013-1564", "discovery_date": "2013-04-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "953135" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect integrity via unknown vectors related to JavaFX.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: multiple unspecified JavaFX vulnerabilities fixed in 7u21 (JavaFX)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-1564" }, { "category": "external", "summary": "RHBZ#953135", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953135" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-1564", "url": "https://www.cve.org/CVERecord?id=CVE-2013-1564" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-1564", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1564" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JDK: multiple unspecified JavaFX vulnerabilities fixed in 7u21 (JavaFX)" }, { "cve": "CVE-2013-1569", "discovery_date": "2013-04-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "952711" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to \"checking of [a] glyph table\" in the International Components for Unicode (ICU) Layout Engine before 51.2.", "title": "Vulnerability description" }, { "category": "summary", "text": "ICU: Layout Engine font layout and glyph table errors (JDK 2D, 8004994)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-1569" }, { "category": "external", "summary": "RHBZ#952711", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952711" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-1569", "url": "https://www.cve.org/CVERecord?id=CVE-2013-1569" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-1569", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1569" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "ICU: Layout Engine font layout and glyph table errors (JDK 2D, 8004994)" }, { "cve": "CVE-2013-2383", "discovery_date": "2013-04-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "952708" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-1569, CVE-2013-2384, and CVE-2013-2420. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to \"handling of [a] glyph table\" in the International Components for Unicode (ICU) Layout Engine before 51.2.", "title": "Vulnerability description" }, { "category": "summary", "text": "ICU: Layout Engine font layout and glyph table errors (JDK 2D, 8004986)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2383" }, { "category": "external", "summary": "RHBZ#952708", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952708" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2383", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2383" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2383", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2383" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "ICU: Layout Engine font layout and glyph table errors (JDK 2D, 8004986)" }, { "cve": "CVE-2013-2384", "discovery_date": "2013-04-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "952709" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-1569, CVE-2013-2383, and CVE-2013-2420. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to \"font layout\" in the International Components for Unicode (ICU) Layout Engine before 51.2.", "title": "Vulnerability description" }, { "category": "summary", "text": "ICU: Layout Engine font layout and glyph table errors (JDK 2D, 8004987)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2384" }, { "category": "external", "summary": "RHBZ#952709", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952709" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2384", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2384" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2384", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2384" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "ICU: Layout Engine font layout and glyph table errors (JDK 2D, 8004987)" }, { "cve": "CVE-2013-2394", "discovery_date": "2013-04-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "953265" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5.0 Update 41 and earlier, and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-2432 and CVE-2013-1491.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 7u21 and 6u45 (2D)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2394" }, { "category": "external", "summary": "RHBZ#953265", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953265" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2394", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2394" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2394", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2394" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "JDK: unspecified vulnerability fixed in 7u21 and 6u45 (2D)" }, { "cve": "CVE-2013-2414", "discovery_date": "2013-04-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "953135" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX, a different vulnerability than CVE-2013-0402, CVE-2013-2427, and CVE-2013-2428.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: multiple unspecified JavaFX vulnerabilities fixed in 7u21 (JavaFX)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2414" }, { "category": "external", "summary": "RHBZ#953135", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953135" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2414", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2414" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2414", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2414" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JDK: multiple unspecified JavaFX vulnerabilities fixed in 7u21 (JavaFX)" }, { "cve": "CVE-2013-2415", "cwe": { "id": "CWE-732", "name": "Incorrect Permission Assignment for Critical Resource" }, "discovery_date": "2013-04-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "952389" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows local users to affect confidentiality via vectors related to JAX-WS. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to \"processing of MTOM attachments\" and the creation of temporary files with weak permissions.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: temporary files created with insecure permissions (JAX-WS, 8003542)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2415" }, { "category": "external", "summary": "RHBZ#952389", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952389" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2415", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2415" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2415", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2415" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 1.9, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "OpenJDK: temporary files created with insecure permissions (JAX-WS, 8003542)" }, { "cve": "CVE-2013-2416", "discovery_date": "2013-04-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "953266" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 7u21 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2416" }, { "category": "external", "summary": "RHBZ#953266", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953266" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2416", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2416" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2416", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2416" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: unspecified vulnerability fixed in 7u21 (Deployment)" }, { "cve": "CVE-2013-2417", "discovery_date": "2013-04-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "952657" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect availability via unknown vectors related to Networking. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to an information leak involving InetAddress serialization. CVE has not investigated the apparent discrepancy between vendor reports regarding the impact of this issue.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: Network InetAddress serialization information disclosure (Networking, 8000724)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2417" }, { "category": "external", "summary": "RHBZ#952657", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952657" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2417", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2417" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2417", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2417" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: Network InetAddress serialization information disclosure (Networking, 8000724)" }, { "cve": "CVE-2013-2418", "discovery_date": "2013-04-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "953267" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2418" }, { "category": "external", "summary": "RHBZ#953267", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953267" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2418", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2418" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2418", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2418" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment)" }, { "cve": "CVE-2013-2419", "discovery_date": "2013-04-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "952656" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect availability via unknown vectors related to 2D. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to \"font processing errors\" in the International Components for Unicode (ICU) Layout Engine before 51.2.", "title": "Vulnerability description" }, { "category": "summary", "text": "ICU: Layout Engine font processing errors (JDK 2D, 8001031)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2419" }, { "category": "external", "summary": "RHBZ#952656", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952656" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2419", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2419" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2419", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2419" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "ICU: Layout Engine font processing errors (JDK 2D, 8001031)" }, { "cve": "CVE-2013-2420", "discovery_date": "2013-04-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "952638" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to insufficient \"validation of images\" in share/native/sun/awt/image/awt_ImageRep.c, possibly involving offsets.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: image processing vulnerability (2D, 8007617)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2420" }, { "category": "external", "summary": "RHBZ#952638", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952638" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2420", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2420" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2420", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2420" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: image processing vulnerability (2D, 8007617)" }, { "cve": "CVE-2013-2421", "discovery_date": "2013-04-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "952649" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to HotSpot. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect MethodHandle lookups, which allows remote attackers to bypass Java sandbox restrictions.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: Hotspot MethodHandle lookup error (Hotspot, 8009699)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2421" }, { "category": "external", "summary": "RHBZ#952649", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952649" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2421", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2421" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2421", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2421" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: Hotspot MethodHandle lookup error (Hotspot, 8009699)" }, { "cve": "CVE-2013-2422", "discovery_date": "2013-04-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "952642" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper method-invocation restrictions by the MethodUtil trampoline class, which allows remote attackers to bypass the Java sandbox.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: MethodUtil trampoline class incorrect restrictions (Libraries, 8009857)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2422" }, { "category": "external", "summary": "RHBZ#952642", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952642" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2422", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2422" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2422", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2422" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: MethodUtil trampoline class incorrect restrictions (Libraries, 8009857)" }, { "cve": "CVE-2013-2423", "discovery_date": "2013-04-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "952398" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 7, allows remote attackers to affect integrity via unknown vectors related to HotSpot. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from the original researcher that this vulnerability allows remote attackers to bypass permission checks by the MethodHandles method and modify arbitrary public final fields using reflection and type confusion, as demonstrated using integer and double fields to disable the security manager.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: incorrect setter access checks in MethodHandles (Hostspot, 8009677)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2423" }, { "category": "external", "summary": "RHBZ#952398", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952398" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2423", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2423" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2423", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2423" }, { "category": "external", "summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog", "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "exploit_status", "date": "2022-05-25T00:00:00+00:00", "details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog" }, { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: incorrect setter access checks in MethodHandles (Hostspot, 8009677)" }, { "cve": "CVE-2013-2424", "discovery_date": "2013-04-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "952509" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality via vectors related to JMX. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to \"insufficient class access checks\" when \"creating new instances\" using MBeanInstantiator.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: MBeanInstantiator insufficient class access checks (JMX, 8006435)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2424" }, { "category": "external", "summary": "RHBZ#952509", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952509" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2424", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2424" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2424", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2424" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: MBeanInstantiator insufficient class access checks (JMX, 8006435)" }, { "cve": "CVE-2013-2425", "discovery_date": "2013-04-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "953268" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 7u21 (Install)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2425" }, { "category": "external", "summary": "RHBZ#953268", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953268" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2425", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2425" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2425", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2425" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JDK: unspecified vulnerability fixed in 7u21 (Install)" }, { "cve": "CVE-2013-2426", "discovery_date": "2013-04-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "952653" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect invocation of the defaultReadObject method in the ConcurrentHashMap class, which allows remote attackers to bypass the Java sandbox.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: ConcurrentHashMap incorrectly calls defaultReadObject() method (Libraries, 8009063)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2426" }, { "category": "external", "summary": "RHBZ#952653", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952653" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2426", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2426" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2426", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2426" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: ConcurrentHashMap incorrectly calls defaultReadObject() method (Libraries, 8009063)" }, { "cve": "CVE-2013-2427", "discovery_date": "2013-04-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "953135" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX, a different vulnerability than CVE-2013-0402, CVE-2013-2414, and CVE-2013-2428.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: multiple unspecified JavaFX vulnerabilities fixed in 7u21 (JavaFX)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2427" }, { "category": "external", "summary": "RHBZ#953135", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953135" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2427", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2427" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2427", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2427" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JDK: multiple unspecified JavaFX vulnerabilities fixed in 7u21 (JavaFX)" }, { "cve": "CVE-2013-2428", "discovery_date": "2013-04-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "953135" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX, a different vulnerability than CVE-2013-0402, CVE-2013-2414, and CVE-2013-2427.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: multiple unspecified JavaFX vulnerabilities fixed in 7u21 (JavaFX)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2428" }, { "category": "external", "summary": "RHBZ#953135", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953135" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2428", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2428" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2428", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2428" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JDK: multiple unspecified JavaFX vulnerabilities fixed in 7u21 (JavaFX)" }, { "cve": "CVE-2013-2429", "discovery_date": "2013-04-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "952521" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to ImageIO. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to \"JPEGImageWriter state corruption\" when using native code, which triggers memory corruption.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: JPEGImageWriter state corruption (ImageIO, 8007918)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2429" }, { "category": "external", "summary": "RHBZ#952521", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952521" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2429", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2429" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2429", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2429" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: JPEGImageWriter state corruption (ImageIO, 8007918)" }, { "cve": "CVE-2013-2430", "discovery_date": "2013-04-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "952524" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; JavaFX 2.2.7 and earlier; and OpenJDK 6 and 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to ImageIO. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to \"JPEGImageReader state corruption\" when using native code.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: JPEGImageReader state corruption (ImageIO, 8007667)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2430" }, { "category": "external", "summary": "RHBZ#952524", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952524" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2430", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2430" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2430", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2430" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: JPEGImageReader state corruption (ImageIO, 8007667)" }, { "cve": "CVE-2013-2431", "discovery_date": "2013-04-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "952645" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to HotSpot. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to bypassing the Java sandbox using \"method handle intrinsic frames.\"", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: Hotspot intrinsic frames vulnerability (Hotspot, 8004336)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2431" }, { "category": "external", "summary": "RHBZ#952645", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952645" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2431", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2431" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2431", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2431" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: Hotspot intrinsic frames vulnerability (Hotspot, 8004336)" }, { "cve": "CVE-2013-2432", "discovery_date": "2013-04-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "953269" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5.0 Update 41 and earlier, and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-2394 and CVE-2013-1491.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 7u21 and 6u45 (2D)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2432" }, { "category": "external", "summary": "RHBZ#953269", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953269" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2432", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2432" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2432", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2432" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JDK: unspecified vulnerability fixed in 7u21 and 6u45 (2D)" }, { "cve": "CVE-2013-2433", "discovery_date": "2013-04-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "953270" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-1540.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2433" }, { "category": "external", "summary": "RHBZ#953270", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953270" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2433", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2433" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2433", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2433" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment)" }, { "cve": "CVE-2013-2434", "discovery_date": "2013-04-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "953272" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 7u21 (2D)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2434" }, { "category": "external", "summary": "RHBZ#953272", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953272" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2434", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2434" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2434", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2434" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JDK: unspecified vulnerability fixed in 7u21 (2D)" }, { "cve": "CVE-2013-2435", "discovery_date": "2013-04-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "953273" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2440.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2435" }, { "category": "external", "summary": "RHBZ#953273", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953273" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2435", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2435" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2435", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2435" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment)" }, { "cve": "CVE-2013-2436", "discovery_date": "2013-04-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "952550" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-1488 and CVE-2013-2426. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect \"type checks\" and \"method handle binding\" involving Wrapper.convert.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: Wrapper.convert insufficient type checks (Libraries, 8009049)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2436" }, { "category": "external", "summary": "RHBZ#952550", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=952550" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2436", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2436" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2436", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2436" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: Wrapper.convert insufficient type checks (Libraries, 8009049)" }, { "cve": "CVE-2013-2438", "discovery_date": "2013-04-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "953135" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier allows remote attackers to affect integrity via unknown vectors related to JavaFX.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: multiple unspecified JavaFX vulnerabilities fixed in 7u21 (JavaFX)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2438" }, { "category": "external", "summary": "RHBZ#953135", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953135" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2438", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2438" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2438", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2438" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JDK: multiple unspecified JavaFX vulnerabilities fixed in 7u21 (JavaFX)" }, { "cve": "CVE-2013-2439", "discovery_date": "2013-04-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "953274" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5.0 Update 41 and earlier, and JavaFX 2.2.7 and earlier allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Install.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Install)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2439" }, { "category": "external", "summary": "RHBZ#953274", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953274" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2439", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2439" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2439", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2439" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Install)" }, { "cve": "CVE-2013-2440", "discovery_date": "2013-04-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "953275" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2435.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-2440" }, { "category": "external", "summary": "RHBZ#953275", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=953275" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-2440", "url": "https://www.cve.org/CVERecord?id=CVE-2013-2440" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-2440", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2440" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html", "url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html" } ], "release_date": "2013-04-16T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2013-04-18T18:18:00+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258", "product_ids": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2013:0757" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5.x86_64", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.i386", "5Server-Supplementary-5.9.Z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Client-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6ComputeNode-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Server-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6.x86_64", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.i686", "6Workstation-Supplementary-6.4.z:java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Deployment)" } ] }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.