var-201302-0232
Vulnerability from variot

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to the installation process of the client. Java 7 Update 11, Java 6 Update 38, and earlier versions of Java contain vulnerabilities that can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. (DoS) An attack may be carried out. Oracle Java SE is prone to a remote security vulnerability in Java Runtime Environment. This issue affects the 'Install' sub-component. This vulnerability affects the following supported versions: 7 Update 11 and prior, 6 Update 38 and prior Note: This issue was previously discussed in BID 57670 (Oracle Java Runtime Environment Multiple Security Vulnerabilities) but has been given its own record to better document it. ============================================================================ Ubuntu Security Notice USN-1724-1 February 14, 2013

openjdk-6, openjdk-7 vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 12.10
  • Ubuntu 12.04 LTS
  • Ubuntu 11.10
  • Ubuntu 10.04 LTS

Summary:

Several security issues were fixed in OpenJDK.

Software Description: - openjdk-7: Open Source Java implementation - openjdk-6: Open Source Java implementation

Details:

Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit these to cause a denial of service. (CVE-2012-1541, CVE-2012-3342, CVE-2013-0351, CVE-2013-0419, CVE-2013-0423, CVE-2013-0446, CVE-2012-3213, CVE-2013-0425, CVE-2013-0426, CVE-2013-0428, CVE-2013-0429, CVE-2013-0430, CVE-2013-0441, CVE-2013-0442, CVE-2013-0445, CVE-2013-0450, CVE-2013-1475, CVE-2013-1476, CVE-2013-1478, CVE-2013-1480)

Vulnerabilities were discovered in the OpenJDK JRE related to information disclosure. (CVE-2013-0409, CVE-2013-0434, CVE-2013-0438)

Several data integrity vulnerabilities were discovered in the OpenJDK JRE. (CVE-2013-0424, CVE-2013-0427, CVE-2013-0433, CVE-2013-1473)

Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and data integrity. (CVE-2013-0432, CVE-2013-0435, CVE-2013-0443)

A vulnerability was discovered in the OpenJDK JRE related to availability. An attacker could exploit this to cause a denial of service. (CVE-2013-0440)

A vulnerability was discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit this to cause a denial of service. (CVE-2013-0444)

A data integrity vulnerability was discovered in the OpenJDK JRE. (CVE-2013-0448)

An information disclosure vulnerability was discovered in the OpenJDK JRE. (CVE-2013-0449)

A vulnerability was discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit this to cause a denial of service. (CVE-2013-1481)

Update instructions:

The problem can be corrected by updating your system to the following package versions:

Ubuntu 12.10: icedtea-7-jre-jamvm 7u13-2.3.6-0ubuntu0.12.10.1 openjdk-7-jre 7u13-2.3.6-0ubuntu0.12.10.1 openjdk-7-jre-headless 7u13-2.3.6-0ubuntu0.12.10.1 openjdk-7-jre-lib 7u13-2.3.6-0ubuntu0.12.10.1 openjdk-7-jre-zero 7u13-2.3.6-0ubuntu0.12.10.1

Ubuntu 12.04 LTS: icedtea-6-jre-cacao 6b27-1.12.1-2ubuntu0.12.04.2 icedtea-6-jre-jamvm 6b27-1.12.1-2ubuntu0.12.04.2 openjdk-6-jre 6b27-1.12.1-2ubuntu0.12.04.2 openjdk-6-jre-headless 6b27-1.12.1-2ubuntu0.12.04.2 openjdk-6-jre-lib 6b27-1.12.1-2ubuntu0.12.04.2 openjdk-6-jre-zero 6b27-1.12.1-2ubuntu0.12.04.2

Ubuntu 11.10: icedtea-6-jre-cacao 6b27-1.12.1-2ubuntu0.11.10.2 icedtea-6-jre-jamvm 6b27-1.12.1-2ubuntu0.11.10.2 openjdk-6-jre 6b27-1.12.1-2ubuntu0.11.10.2 openjdk-6-jre-headless 6b27-1.12.1-2ubuntu0.11.10.2 openjdk-6-jre-lib 6b27-1.12.1-2ubuntu0.11.10.2 openjdk-6-jre-zero 6b27-1.12.1-2ubuntu0.11.10.2

Ubuntu 10.04 LTS: icedtea-6-jre-cacao 6b27-1.12.1-2ubuntu0.10.04.2 openjdk-6-jre 6b27-1.12.1-2ubuntu0.10.04.2 openjdk-6-jre-headless 6b27-1.12.1-2ubuntu0.10.04.2 openjdk-6-jre-lib 6b27-1.12.1-2ubuntu0.10.04.2 openjdk-6-jre-zero 6b27-1.12.1-2ubuntu0.10.04.2

This update uses a new upstream release which includes additional bug fixes. After a standard system update you need to restart any Java applications or applets to make all the necessary changes. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201401-30


                                        http://security.gentoo.org/

Severity: High Title: Oracle JRE/JDK: Multiple vulnerabilities Date: January 27, 2014 Bugs: #404071, #421073, #433094, #438706, #451206, #455174, #458444, #460360, #466212, #473830, #473980, #488210, #498148 ID: 201401-30


Synopsis

Multiple vulnerabilities have been found in the Oracle JRE/JDK, allowing attackers to cause unspecified impact.

Affected packages

-------------------------------------------------------------------
 Package              /     Vulnerable     /            Unaffected
-------------------------------------------------------------------

1 dev-java/sun-jdk <= 1.6.0.45 Vulnerable! 2 dev-java/oracle-jdk-bin < 1.7.0.51 >= 1.7.0.51 * 3 dev-java/sun-jre-bin <= 1.6.0.45 Vulnerable! 4 dev-java/oracle-jre-bin < 1.7.0.51 >= 1.7.0.51 * 5 app-emulation/emul-linux-x86-java < 1.7.0.51 >= 1.7.0.51 * ------------------------------------------------------------------- NOTE: Certain packages are still vulnerable. Users should migrate to another package if one is available or wait for the existing packages to be marked stable by their architecture maintainers. ------------------------------------------------------------------- NOTE: Packages marked with asterisks require manual intervention! ------------------------------------------------------------------- 5 affected packages

Description

Multiple vulnerabilities have been reported in the Oracle Java implementation. Please review the CVE identifiers referenced below for details.

Workaround

There is no known workaround at this time.

Resolution

All Oracle JDK 1.7 users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot -v ">=dev-java/oracle-jdk-bin-1.7.0.51"

All Oracle JRE 1.7 users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot -v ">=dev-java/oracle-jre-bin-1.7.0.51"

All users of the precompiled 32-bit Oracle JRE should upgrade to the latest version:

# emerge --sync # emerge -a -1 -v ">=app-emulation/emul-linux-x86-java-1.7.0.51"

All Sun Microsystems JDK/JRE 1.6 users are suggested to upgrade to one of the newer Oracle packages like dev-java/oracle-jdk-bin or dev-java/oracle-jre-bin or choose another alternative we provide; eg. the IBM JDK/JRE or the open source IcedTea.

References

[ 1 ] CVE-2011-3563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3563 [ 2 ] CVE-2011-5035 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5035 [ 3 ] CVE-2012-0497 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0497 [ 4 ] CVE-2012-0498 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0498 [ 5 ] CVE-2012-0499 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0499 [ 6 ] CVE-2012-0500 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0500 [ 7 ] CVE-2012-0501 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0501 [ 8 ] CVE-2012-0502 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0502 [ 9 ] CVE-2012-0503 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0503 [ 10 ] CVE-2012-0504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0504 [ 11 ] CVE-2012-0505 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0505 [ 12 ] CVE-2012-0506 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0506 [ 13 ] CVE-2012-0507 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0507 [ 14 ] CVE-2012-0547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0547 [ 15 ] CVE-2012-1531 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1531 [ 16 ] CVE-2012-1532 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1532 [ 17 ] CVE-2012-1533 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1533 [ 18 ] CVE-2012-1541 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1541 [ 19 ] CVE-2012-1682 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1682 [ 20 ] CVE-2012-1711 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1711 [ 21 ] CVE-2012-1713 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1713 [ 22 ] CVE-2012-1716 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1716 [ 23 ] CVE-2012-1717 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1717 [ 24 ] CVE-2012-1718 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1718 [ 25 ] CVE-2012-1719 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1719 [ 26 ] CVE-2012-1721 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1721 [ 27 ] CVE-2012-1722 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1722 [ 28 ] CVE-2012-1723 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1723 [ 29 ] CVE-2012-1724 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1724 [ 30 ] CVE-2012-1725 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1725 [ 31 ] CVE-2012-1726 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1726 [ 32 ] CVE-2012-3136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3136 [ 33 ] CVE-2012-3143 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3143 [ 34 ] CVE-2012-3159 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3159 [ 35 ] CVE-2012-3174 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3174 [ 36 ] CVE-2012-3213 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3213 [ 37 ] CVE-2012-3216 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3216 [ 38 ] CVE-2012-3342 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3342 [ 39 ] CVE-2012-4416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4416 [ 40 ] CVE-2012-4681 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4681 [ 41 ] CVE-2012-5067 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5067 [ 42 ] CVE-2012-5068 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5068 [ 43 ] CVE-2012-5069 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5069 [ 44 ] CVE-2012-5070 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5070 [ 45 ] CVE-2012-5071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5071 [ 46 ] CVE-2012-5072 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5072 [ 47 ] CVE-2012-5073 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5073 [ 48 ] CVE-2012-5074 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5074 [ 49 ] CVE-2012-5075 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5075 [ 50 ] CVE-2012-5076 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5076 [ 51 ] CVE-2012-5077 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5077 [ 52 ] CVE-2012-5079 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5079 [ 53 ] CVE-2012-5081 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5081 [ 54 ] CVE-2012-5083 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5083 [ 55 ] CVE-2012-5084 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5084 [ 56 ] CVE-2012-5085 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5085 [ 57 ] CVE-2012-5086 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5086 [ 58 ] CVE-2012-5087 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5087 [ 59 ] CVE-2012-5088 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5088 [ 60 ] CVE-2012-5089 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5089 [ 61 ] CVE-2013-0169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0169 [ 62 ] CVE-2013-0351 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0351 [ 63 ] CVE-2013-0401 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0401 [ 64 ] CVE-2013-0402 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0402 [ 65 ] CVE-2013-0409 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0409 [ 66 ] CVE-2013-0419 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0419 [ 67 ] CVE-2013-0422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0422 [ 68 ] CVE-2013-0423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0423 [ 69 ] CVE-2013-0430 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0430 [ 70 ] CVE-2013-0437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0437 [ 71 ] CVE-2013-0438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0438 [ 72 ] CVE-2013-0445 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0445 [ 73 ] CVE-2013-0446 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0446 [ 74 ] CVE-2013-0448 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0448 [ 75 ] CVE-2013-0449 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0449 [ 76 ] CVE-2013-0809 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0809 [ 77 ] CVE-2013-1473 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1473 [ 78 ] CVE-2013-1479 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1479 [ 79 ] CVE-2013-1481 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1481 [ 80 ] CVE-2013-1484 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1484 [ 81 ] CVE-2013-1485 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1485 [ 82 ] CVE-2013-1486 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1486 [ 83 ] CVE-2013-1487 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1487 [ 84 ] CVE-2013-1488 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1488 [ 85 ] CVE-2013-1491 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1491 [ 86 ] CVE-2013-1493 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1493 [ 87 ] CVE-2013-1500 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1500 [ 88 ] CVE-2013-1518 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1518 [ 89 ] CVE-2013-1537 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1537 [ 90 ] CVE-2013-1540 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1540 [ 91 ] CVE-2013-1557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1557 [ 92 ] CVE-2013-1558 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1558 [ 93 ] CVE-2013-1561 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1561 [ 94 ] CVE-2013-1563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1563 [ 95 ] CVE-2013-1564 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1564 [ 96 ] CVE-2013-1569 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1569 [ 97 ] CVE-2013-1571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1571 [ 98 ] CVE-2013-2383 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2383 [ 99 ] CVE-2013-2384 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2384 [ 100 ] CVE-2013-2394 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2394 [ 101 ] CVE-2013-2400 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2400 [ 102 ] CVE-2013-2407 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2407 [ 103 ] CVE-2013-2412 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2412 [ 104 ] CVE-2013-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2414 [ 105 ] CVE-2013-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2415 [ 106 ] CVE-2013-2416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2416 [ 107 ] CVE-2013-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2417 [ 108 ] CVE-2013-2418 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2418 [ 109 ] CVE-2013-2419 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2419 [ 110 ] CVE-2013-2420 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2420 [ 111 ] CVE-2013-2421 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2421 [ 112 ] CVE-2013-2422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2422 [ 113 ] CVE-2013-2423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2423 [ 114 ] CVE-2013-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2424 [ 115 ] CVE-2013-2425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2425 [ 116 ] CVE-2013-2426 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2426 [ 117 ] CVE-2013-2427 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2427 [ 118 ] CVE-2013-2428 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2428 [ 119 ] CVE-2013-2429 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2429 [ 120 ] CVE-2013-2430 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2430 [ 121 ] CVE-2013-2431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2431 [ 122 ] CVE-2013-2432 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2432 [ 123 ] CVE-2013-2433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2433 [ 124 ] CVE-2013-2434 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2434 [ 125 ] CVE-2013-2435 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2435 [ 126 ] CVE-2013-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2436 [ 127 ] CVE-2013-2437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2437 [ 128 ] CVE-2013-2438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2438 [ 129 ] CVE-2013-2439 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2439 [ 130 ] CVE-2013-2440 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2440 [ 131 ] CVE-2013-2442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2442 [ 132 ] CVE-2013-2443 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2443 [ 133 ] CVE-2013-2444 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2444 [ 134 ] CVE-2013-2445 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2445 [ 135 ] CVE-2013-2446 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2446 [ 136 ] CVE-2013-2447 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2447 [ 137 ] CVE-2013-2448 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2448 [ 138 ] CVE-2013-2449 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2449 [ 139 ] CVE-2013-2450 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2450 [ 140 ] CVE-2013-2451 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2451 [ 141 ] CVE-2013-2452 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2452 [ 142 ] CVE-2013-2453 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2453 [ 143 ] CVE-2013-2454 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2454 [ 144 ] CVE-2013-2455 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2455 [ 145 ] CVE-2013-2456 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2456 [ 146 ] CVE-2013-2457 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2457 [ 147 ] CVE-2013-2458 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2458 [ 148 ] CVE-2013-2459 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2459 [ 149 ] CVE-2013-2460 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2460 [ 150 ] CVE-2013-2461 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2461 [ 151 ] CVE-2013-2462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2462 [ 152 ] CVE-2013-2463 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2463 [ 153 ] CVE-2013-2464 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2464 [ 154 ] CVE-2013-2465 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2465 [ 155 ] CVE-2013-2466 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2466 [ 156 ] CVE-2013-2467 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2467 [ 157 ] CVE-2013-2468 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2468 [ 158 ] CVE-2013-2469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2469 [ 159 ] CVE-2013-2470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2470 [ 160 ] CVE-2013-2471 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2471 [ 161 ] CVE-2013-2472 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2472 [ 162 ] CVE-2013-2473 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2473 [ 163 ] CVE-2013-3743 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3743 [ 164 ] CVE-2013-3744 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3744 [ 165 ] CVE-2013-3829 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3829 [ 166 ] CVE-2013-5772 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5772 [ 167 ] CVE-2013-5774 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5774 [ 168 ] CVE-2013-5775 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5775 [ 169 ] CVE-2013-5776 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5776 [ 170 ] CVE-2013-5777 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5777 [ 171 ] CVE-2013-5778 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5778 [ 172 ] CVE-2013-5780 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5780 [ 173 ] CVE-2013-5782 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5782 [ 174 ] CVE-2013-5783 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5783 [ 175 ] CVE-2013-5784 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5784 [ 176 ] CVE-2013-5787 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5787 [ 177 ] CVE-2013-5788 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5788 [ 178 ] CVE-2013-5789 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5789 [ 179 ] CVE-2013-5790 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5790 [ 180 ] CVE-2013-5797 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5797 [ 181 ] CVE-2013-5800 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5800 [ 182 ] CVE-2013-5801 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5801 [ 183 ] CVE-2013-5802 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5802 [ 184 ] CVE-2013-5803 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5803 [ 185 ] CVE-2013-5804 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5804 [ 186 ] CVE-2013-5805 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5805 [ 187 ] CVE-2013-5806 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5806 [ 188 ] CVE-2013-5809 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5809 [ 189 ] CVE-2013-5810 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5810 [ 190 ] CVE-2013-5812 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5812 [ 191 ] CVE-2013-5814 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5814 [ 192 ] CVE-2013-5817 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5817 [ 193 ] CVE-2013-5818 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5818 [ 194 ] CVE-2013-5819 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5819 [ 195 ] CVE-2013-5820 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5820 [ 196 ] CVE-2013-5823 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5823 [ 197 ] CVE-2013-5824 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5824 [ 198 ] CVE-2013-5825 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5825 [ 199 ] CVE-2013-5829 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5829 [ 200 ] CVE-2013-5830 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5830 [ 201 ] CVE-2013-5831 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5831 [ 202 ] CVE-2013-5832 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5832 [ 203 ] CVE-2013-5838 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5838 [ 204 ] CVE-2013-5840 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5840 [ 205 ] CVE-2013-5842 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5842 [ 206 ] CVE-2013-5843 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5843 [ 207 ] CVE-2013-5844 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5844 [ 208 ] CVE-2013-5846 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5846 [ 209 ] CVE-2013-5848 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5848 [ 210 ] CVE-2013-5849 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5849 [ 211 ] CVE-2013-5850 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5850 [ 212 ] CVE-2013-5851 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5851 [ 213 ] CVE-2013-5852 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5852 [ 214 ] CVE-2013-5854 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5854 [ 215 ] CVE-2013-5870 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5870 [ 216 ] CVE-2013-5878 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5878 [ 217 ] CVE-2013-5887 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5887 [ 218 ] CVE-2013-5888 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5888 [ 219 ] CVE-2013-5889 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5889 [ 220 ] CVE-2013-5893 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5893 [ 221 ] CVE-2013-5895 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5895 [ 222 ] CVE-2013-5896 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5896 [ 223 ] CVE-2013-5898 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5898 [ 224 ] CVE-2013-5899 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5899 [ 225 ] CVE-2013-5902 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5902 [ 226 ] CVE-2013-5904 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5904 [ 227 ] CVE-2013-5905 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5905 [ 228 ] CVE-2013-5906 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5906 [ 229 ] CVE-2013-5907 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5907 [ 230 ] CVE-2013-5910 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5910 [ 231 ] CVE-2014-0368 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0368 [ 232 ] CVE-2014-0373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0373 [ 233 ] CVE-2014-0375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0375 [ 234 ] CVE-2014-0376 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0376 [ 235 ] CVE-2014-0382 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0382 [ 236 ] CVE-2014-0385 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0385 [ 237 ] CVE-2014-0387 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0387 [ 238 ] CVE-2014-0403 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0403 [ 239 ] CVE-2014-0408 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0408 [ 240 ] CVE-2014-0410 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0410 [ 241 ] CVE-2014-0411 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0411 [ 242 ] CVE-2014-0415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0415 [ 243 ] CVE-2014-0416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0416 [ 244 ] CVE-2014-0417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0417 [ 245 ] CVE-2014-0418 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0418 [ 246 ] CVE-2014-0422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0422 [ 247 ] CVE-2014-0423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0423 [ 248 ] CVE-2014-0424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0424 [ 249 ] CVE-2014-0428 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0428

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201401-30.xml

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

License

Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5 .

Release Date: 2013-04-29 Last Updated: 2013-04-29

Potential Security Impact: Java Runtime Environment (JRE) security update

Source: Hewlett-Packard Company, HP Software Security Response Team

VULNERABILITY SUMMARY Several potential security vulnerabilities have been identified with HP Service Manager for Windows, Linux, HP-UX, Solaris and AIX.

References: CVE-2013-1487, CVE-2013-1486, CVE-2013-1484,CVE-2013-1485,CVE-2013-0169, CVE-2013-0437, CVE-2013-1478, CVE-2013-0442, CVE-2013-0445, CVE-2013-1480, CVE-2013-0441, CVE-2013-1475, CVE-2013-1476, CVE-2012-1541, CVE-2013-0446, CVE-2012-3342, CVE-2013-0450, CVE-2013-1479, CVE-2013-0425, CVE-2013-0426, CVE-2013-0428, CVE-2012-3213, CVE-2013-1481, CVE-2013-0436, CVE-2013-0439, CVE-2013-0447, CVE-2013-1472, CVE-2012-4301, CVE-2013-1477, CVE-2013-1482, CVE-2013-1483, CVE-2013-1474, CVE-2012-4305, CVE-2013-0444, CVE-2013-0429, CVE-2013-0419, CVE-2013-0423, CVE-2012-1543, CVE-2013-0351, CVE-2013-0430, CVE-2013-0432, CVE-2013-0449, CVE-2013-1473, CVE-2013-0435, CVE-2013-0434, CVE-2013-0409, CVE-2013-0431, CVE-2013-0427, CVE-2013-0448, CVE-2013-0433, CVE-2013-0424, CVE-2013-0440, CVE-2013-0438, CVE-2013-0443, CVE-2013-1489

SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP Service Manager for Windows, Linux, HP-UX, Solaris and AIX v 9.30, v9.31

BACKGROUND

CVSS 2.0 Base Metrics

Reference Base Vector Base Score CVE-2012-1541 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-1543 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2012-3213 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-3342 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-4301 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-4305 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2013-0169 (AV:N/AC:H/Au:N/C:P/I:N/A:N) 2.6 CVE-2013-0351 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2013-0409 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2013-0419 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2013-0423 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2013-0424 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2013-0425 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-0426 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-0427 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2013-0428 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-0429 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2013-0430 (AV:L/AC:M/Au:N/C:C/I:C/A:C) 6.9 CVE-2013-0431 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2013-0432 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4 CVE-2013-0433 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2013-0434 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2013-0435 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2013-0436 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-0437 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-0438 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2013-0439 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-0440 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2013-0441 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-0442 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-0443 (AV:N/AC:H/Au:N/C:P/I:P/A:N) 4.0 CVE-2013-0444 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2013-0445 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-0446 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-0447 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-0448 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2013-0449 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2013-0450 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1472 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1473 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2013-1474 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 CVE-2013-1475 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1476 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1477 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1478 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1479 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1480 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1481 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1482 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1483 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1484 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1485 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2013-1486 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1487 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1489 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002

RESOLUTION

HP has provided an update for Service Manager that updates the JRE to the latest version, thus eliminating known JRE7-related security vulnerabilities. Download and install the updates from The HP Software Support Online (SSO).

SM 9.31P2 Server Windows Server 9.31.2004 p2 http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00423

HP Itanium Server 9.31.2004 p2 http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00420

Linux Server 9.31.2004 p2 http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00421

Solaris Server 9.31.2004 p2 http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00422

AIX Server 9.31.2004 p2 http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00419

SM 9.31P2 Web Tier Web Tier 9.31.2004 p2 http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00424

SM 9.31P2 Windows Client Windows Client 9.31.2004 p2 http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00425

SM 9.31P2 Knowledge Management SM 9.31P2 Knowledge Management http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00426

HISTORY Version:1 (rev.1) - 29 April 2013 Initial release

Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.

Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.

Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com

Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins

Security Bulletin List: A list of HP Security Bulletins, updated periodically, is contained in HP Security Notice HPSN-2011-001: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c02964430

Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/

Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.

3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX

Copyright 2013 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

===================================================================== Red Hat Security Advisory

Synopsis: Critical: java-1.6.0-sun security update Advisory ID: RHSA-2013:0236-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2013-0236.html Issue date: 2013-02-04 CVE Names: CVE-2012-1541 CVE-2012-3213 CVE-2012-3342 CVE-2013-0351 CVE-2013-0409 CVE-2013-0419 CVE-2013-0423 CVE-2013-0424 CVE-2013-0425 CVE-2013-0426 CVE-2013-0427 CVE-2013-0428 CVE-2013-0429 CVE-2013-0430 CVE-2013-0432 CVE-2013-0433 CVE-2013-0434 CVE-2013-0435 CVE-2013-0438 CVE-2013-0440 CVE-2013-0441 CVE-2013-0442 CVE-2013-0443 CVE-2013-0445 CVE-2013-0446 CVE-2013-0450 CVE-2013-1473 CVE-2013-1475 CVE-2013-1476 CVE-2013-1478 CVE-2013-1480 CVE-2013-1481 =====================================================================

  1. Summary:

Updated java-1.6.0-sun packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary.

The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

  1. Relevant releases/architectures:

Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64

  1. (CVE-2012-1541, CVE-2012-3213, CVE-2012-3342, CVE-2013-0351, CVE-2013-0409, CVE-2013-0419, CVE-2013-0423, CVE-2013-0424, CVE-2013-0425, CVE-2013-0426, CVE-2013-0427, CVE-2013-0428, CVE-2013-0429, CVE-2013-0430, CVE-2013-0432, CVE-2013-0433, CVE-2013-0434, CVE-2013-0435, CVE-2013-0438, CVE-2013-0440, CVE-2013-0441, CVE-2013-0442, CVE-2013-0443, CVE-2013-0445, CVE-2013-0446, CVE-2013-0450, CVE-2013-1473, CVE-2013-1475, CVE-2013-1476, CVE-2013-1478, CVE-2013-1480, CVE-2013-1481)

All users of java-1.6.0-sun are advised to upgrade to these updated packages, which provide Oracle Java 6 Update 39. All running instances of Oracle Java must be restarted for the update to take effect.

  1. Solution:

Before applying this update, make sure all previously-released errata relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258

  1. Bugs fixed (http://bugzilla.redhat.com/):

859140 - CVE-2013-0440 OpenJDK: CPU consumption DoS via repeated SSL ClientHello packets (JSSE, 7192393) 860652 - CVE-2013-1475 OpenJDK: IIOP type reuse sandbox bypass (CORBA, 8000540, SE-2012-01 Issue 50) 906813 - CVE-2013-0424 OpenJDK: RMI CGIHandler XSS issue (RMI, 6563318) 906892 - CVE-2013-0435 OpenJDK: com.sun.xml.internal.* not restricted packages (JAX-WS, 7201068) 906894 - CVE-2013-1478 OpenJDK: image parser insufficient raster parameter checks (2D, 8001972) 906899 - CVE-2013-0442 OpenJDK: insufficient privilege checking issue (AWT, 7192977) 906900 - CVE-2013-0445 OpenJDK: insufficient privilege checking issue (AWT, 8001057) 906904 - CVE-2013-1480 OpenJDK: image parser insufficient raster parameter checks (AWT, 8002325) 906911 - CVE-2013-0450 OpenJDK: RequiredModelMBean missing access control context checks (JMX, 8000537) 906914 - CVE-2012-1541 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment) 906916 - CVE-2013-0446 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment) 906917 - CVE-2012-3342 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment) 906918 - CVE-2013-0419 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment) 906921 - CVE-2013-0423 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment) 906923 - CVE-2013-0351 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment) 906930 - CVE-2013-0430 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Install) 906933 - CVE-2013-1473 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment) 906935 - CVE-2013-0438 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment) 907207 - CVE-2013-0428 OpenJDK: reflection API incorrect checks for proxy classes (Libraries, 7197546, SE-2012-01 Issue 29) 907219 - CVE-2013-0432 OpenJDK: insufficient clipboard access premission checks (AWT, 7186952) 907223 - CVE-2012-3213 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Scripting) 907224 - CVE-2013-1481 Oracle JDK: unspecified vulnerability fixed in 6u39 (Sound) 907226 - CVE-2013-0409 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (JMX) 907340 - CVE-2013-0443 OpenJDK: insufficient Diffie-Hellman public key checks (JSSE, 7192392) 907344 - CVE-2013-0425 OpenJDK: logging insufficient access control checks (Libraries, 6664509) 907346 - CVE-2013-0426 OpenJDK: logging insufficient access control checks (Libraries, 6664528) 907453 - CVE-2013-0434 OpenJDK: loadPropertyFile missing restrictions (JAXP, 8001235) 907455 - CVE-2013-0427 OpenJDK: invalid threads subject to interrupts (Libraries, 6776941) 907456 - CVE-2013-0433 OpenJDK: InetSocketAddress serialization issue (Networking, 7201071) 907457 - CVE-2013-1476 OpenJDK: missing ValueHandlerImpl class constructor access restriction (CORBA, 8000631) 907458 - CVE-2013-0441 OpenJDK: missing serialization restriction (CORBA, 7201066) 907460 - CVE-2013-0429 OpenJDK: PresentationManager incorrectly shared (CORBA, 7141694)

  1. Package List:

Red Hat Enterprise Linux Desktop Supplementary (v. 5):

i386: java-1.6.0-sun-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-demo-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-jdbc-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-plugin-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-src-1.6.0.39-1jpp.4.el5_9.i586.rpm

x86_64: java-1.6.0-sun-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-1.6.0.39-1jpp.4.el5_9.x86_64.rpm java-1.6.0-sun-demo-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-demo-1.6.0.39-1jpp.4.el5_9.x86_64.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.4.el5_9.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-jdbc-1.6.0.39-1jpp.4.el5_9.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-plugin-1.6.0.39-1jpp.4.el5_9.x86_64.rpm java-1.6.0-sun-src-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-src-1.6.0.39-1jpp.4.el5_9.x86_64.rpm

Red Hat Enterprise Linux Server Supplementary (v. 5):

i386: java-1.6.0-sun-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-demo-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-jdbc-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-plugin-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-src-1.6.0.39-1jpp.4.el5_9.i586.rpm

x86_64: java-1.6.0-sun-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-1.6.0.39-1jpp.4.el5_9.x86_64.rpm java-1.6.0-sun-demo-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-demo-1.6.0.39-1jpp.4.el5_9.x86_64.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.4.el5_9.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-jdbc-1.6.0.39-1jpp.4.el5_9.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-plugin-1.6.0.39-1jpp.4.el5_9.x86_64.rpm java-1.6.0-sun-src-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-src-1.6.0.39-1jpp.4.el5_9.x86_64.rpm

Red Hat Enterprise Linux Desktop Supplementary (v. 6):

i386: java-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-demo-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-jdbc-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-plugin-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-src-1.6.0.39-1jpp.1.el6_3.i686.rpm

x86_64: java-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-demo-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-src-1.6.0.39-1jpp.1.el6_3.x86_64.rpm

Red Hat Enterprise Linux HPC Node Supplementary (v. 6):

x86_64: java-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-demo-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-src-1.6.0.39-1jpp.1.el6_3.x86_64.rpm

Red Hat Enterprise Linux Server Supplementary (v. 6):

i386: java-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-demo-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-jdbc-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-plugin-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-src-1.6.0.39-1jpp.1.el6_3.i686.rpm

x86_64: java-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-demo-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-src-1.6.0.39-1jpp.1.el6_3.x86_64.rpm

Red Hat Enterprise Linux Workstation Supplementary (v. 6):

i386: java-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-demo-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-jdbc-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-plugin-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-src-1.6.0.39-1jpp.1.el6_3.i686.rpm

x86_64: java-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-demo-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-src-1.6.0.39-1jpp.1.el6_3.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package

  1. References:

https://www.redhat.com/security/data/cve/CVE-2012-1541.html https://www.redhat.com/security/data/cve/CVE-2012-3213.html https://www.redhat.com/security/data/cve/CVE-2012-3342.html https://www.redhat.com/security/data/cve/CVE-2013-0351.html https://www.redhat.com/security/data/cve/CVE-2013-0409.html https://www.redhat.com/security/data/cve/CVE-2013-0419.html https://www.redhat.com/security/data/cve/CVE-2013-0423.html https://www.redhat.com/security/data/cve/CVE-2013-0424.html https://www.redhat.com/security/data/cve/CVE-2013-0425.html https://www.redhat.com/security/data/cve/CVE-2013-0426.html https://www.redhat.com/security/data/cve/CVE-2013-0427.html https://www.redhat.com/security/data/cve/CVE-2013-0428.html https://www.redhat.com/security/data/cve/CVE-2013-0429.html https://www.redhat.com/security/data/cve/CVE-2013-0430.html https://www.redhat.com/security/data/cve/CVE-2013-0432.html https://www.redhat.com/security/data/cve/CVE-2013-0433.html https://www.redhat.com/security/data/cve/CVE-2013-0434.html https://www.redhat.com/security/data/cve/CVE-2013-0435.html https://www.redhat.com/security/data/cve/CVE-2013-0438.html https://www.redhat.com/security/data/cve/CVE-2013-0440.html https://www.redhat.com/security/data/cve/CVE-2013-0441.html https://www.redhat.com/security/data/cve/CVE-2013-0442.html https://www.redhat.com/security/data/cve/CVE-2013-0443.html https://www.redhat.com/security/data/cve/CVE-2013-0445.html https://www.redhat.com/security/data/cve/CVE-2013-0446.html https://www.redhat.com/security/data/cve/CVE-2013-0450.html https://www.redhat.com/security/data/cve/CVE-2013-1473.html https://www.redhat.com/security/data/cve/CVE-2013-1475.html https://www.redhat.com/security/data/cve/CVE-2013-1476.html https://www.redhat.com/security/data/cve/CVE-2013-1478.html https://www.redhat.com/security/data/cve/CVE-2013-1480.html https://www.redhat.com/security/data/cve/CVE-2013-1481.html https://access.redhat.com/security/updates/classification/#critical http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html

  1. Contact:

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

Copyright 2013 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFREE7WXlSAg2UNWIIRAuWTAJ4g2iIk0XnUEpbIXz6nDgDjaHxz7ACbBcjy gqkoqFew2BZDYA/n817qYO8= =m5pJ -----END PGP SIGNATURE-----

-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . ----------------------------------------------------------------------

The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/


TITLE: Oracle Java Multiple Vulnerabilities

SECUNIA ADVISORY ID: SA52064

VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/52064/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=52064

RELEASE DATE: 2013-02-02

DISCUSS ADVISORY: http://secunia.com/advisories/52064/#comments

AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)

http://secunia.com/advisories/52064/

ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS

https://ca.secunia.com/?page=viewadvisory&vuln_id=52064

ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING

http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/

DESCRIPTION: Multiple vulnerabilities have been reported in Oracle Java, which can be exploited by malicious local users to gain escalated privileges and by malicious people to disclose certain sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.

1) An unspecified error in the 2D component of the client and server deployment can be exploited to potentially execute arbitrary code.

2) An unspecified error in the 2D component of the client and server deployment can be exploited to potentially execute arbitrary code.

3) An unspecified error in the AWT component of the client deployment can be exploited to potentially execute arbitrary code.

4) An unspecified error in the AWT component of the client deployment can be exploited to potentially execute arbitrary code.

5) An unspecified error in the AWT component of the client and server deployment can be exploited to potentially execute arbitrary code.

6) An unspecified error in the CORBA component of the client deployment can be exploited to potentially execute arbitrary code.

7) An unspecified error in the CORBA component of the client deployment can be exploited to potentially execute arbitrary code.

8) An unspecified error in the CORBA component of the client deployment can be exploited to potentially execute arbitrary code.

9) An unspecified error in the Deployment component of the client deployment can be exploited to potentially execute arbitrary code.

10) An unspecified error in the Deployment component of the client deployment can be exploited to potentially execute arbitrary code.

11) An unspecified error in the Deployment component of the client deployment can be exploited to potentially execute arbitrary code.

12) An unspecified error in the JMX component of the client deployment can be exploited to potentially execute arbitrary code.

13) An unspecified error in the JavaFX component of the client deployment can be exploited to potentially execute arbitrary code.

14) An unspecified error in the Libraries component of the client deployment can be exploited to potentially execute arbitrary code.

15) An unspecified error in the Libraries component of the client deployment can be exploited to potentially execute arbitrary code.

16) An unspecified error in the Libraries component of the client deployment can be exploited to potentially execute arbitrary code.

17) An unspecified error in the Scripting component of the client deployment can be exploited to potentially execute arbitrary code.

18) An unspecified error in the Sound component of the client deployment can be exploited to potentially execute arbitrary code.

19) An unspecified error in the Beans component of the client deployment can be exploited to potentially execute arbitrary code.

20) An unspecified error in the CORBA component of the client deployment can be exploited to potentially execute arbitrary code.

21) An unspecified error in the Deployment component of the client deployment can be exploited to potentially execute arbitrary code.

22) An unspecified error in the Deployment component of the client deployment can be exploited to potentially execute arbitrary code.

23) An unspecified error in the Deployment component of the client deployment can be exploited to disclose and manipulate certain data and cause a DoS.

24) An unspecified error in the Install component of the client deployment can be exploited by a local user to gain escalated privileges.

25) An unspecified error in the AWT component of the client deployment can be exploited to disclose and manipulate certain data.

26) An unspecified error in the Deployment component of the client deployment can be exploited to disclose certain data.

27) An unspecified error in the Deployment component of the client deployment can be exploited to manipulate certain data.

28) An unspecified error in the JAX-WS component of the client deployment can be exploited to disclose certain data.

29) An unspecified error in the JAXP component of the client deployment can be exploited to disclose certain data.

30) An unspecified error in the JMX component of the client deployment can be exploited to disclose certain data.

31) An unspecified error in the JMX component of the client deployment can be exploited to disclose certain data.

32) An unspecified error in the Libraries component of the client deployment can be exploited to manipulate certain data.

33) An unspecified error in the Libraries component of the client deployment can be exploited to manipulate certain data.

34) An unspecified error in the Networking component of the client deployment can be exploited to manipulate certain data.

35) An unspecified error in the RMI component of the client deployment can be exploited to manipulate certain data.

36) An unspecified error in the JSSE component of the server deployment can be exploited via SSL/TLS to cause a DoS.

37) An unspecified error in the Deployment component of the client deployment can be exploited to disclose certain data.

38) An unspecified error in the JSSE component of the client deployment can be exploited via SSL/TLS to disclose and manipulate certain data.

The vulnerabilities are reported in the following products: * JDK and JRE 7 Update 11 and earlier. * JDK and JRE 6 Update 38 and earlier. * JDK and JRE 5.0 Update 38 and earlier. * SDK and JRE 1.4.2_40 and earlier.

SOLUTION: Apply updates.

Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

PROVIDED AND/OR DISCOVERED BY: One of the vulnerabilities is reported as a 0-day. It is currently unclear who reported the remaining vulnerabilities as the Oracle Jave SE Critical Patch Update for February 2013 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information.

ORIGINAL ADVISORY: http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html http://www.oracle.com/technetwork/topics/security/javacpufeb2013verbose-1841196.html

OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/

EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/


About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.


Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org


Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201302-0232",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "jre",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "sun",
        "version": "1.6.0"
      },
      {
        "model": "jdk",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "1.6.0"
      },
      {
        "model": "jdk",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "sun",
        "version": "1.6.0"
      },
      {
        "model": "jre",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "1.7.0"
      },
      {
        "model": "jre",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "1.6.0"
      },
      {
        "model": "jdk",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "oracle",
        "version": "1.7.0"
      },
      {
        "model": "jre 1.6.0 03",
        "scope": null,
        "trust": 0.9,
        "vendor": "sun",
        "version": null
      },
      {
        "model": "jre 17",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "sun",
        "version": "1.6"
      },
      {
        "model": "jre 1.7.0 8",
        "scope": null,
        "trust": 0.9,
        "vendor": "oracle",
        "version": null
      },
      {
        "model": "jre 1.6.0 30",
        "scope": null,
        "trust": 0.9,
        "vendor": "oracle",
        "version": null
      },
      {
        "model": "jre 1.6.0 18",
        "scope": null,
        "trust": 0.9,
        "vendor": "sun",
        "version": null
      },
      {
        "model": "jdk 1.6.0 35",
        "scope": null,
        "trust": 0.9,
        "vendor": "oracle",
        "version": null
      },
      {
        "model": "jre 1.6.0 22",
        "scope": null,
        "trust": 0.9,
        "vendor": "oracle",
        "version": null
      },
      {
        "model": "jdk 05",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "sun",
        "version": "1.6"
      },
      {
        "model": "jdk 1.6.0 28",
        "scope": null,
        "trust": 0.9,
        "vendor": "oracle",
        "version": null
      },
      {
        "model": "jdk 14",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "sun",
        "version": "1.6"
      },
      {
        "model": "jdk 1.6.0 21",
        "scope": null,
        "trust": 0.9,
        "vendor": "sun",
        "version": null
      },
      {
        "model": "jdk 1.6.0 20",
        "scope": null,
        "trust": 0.9,
        "vendor": "sun",
        "version": null
      },
      {
        "model": "jre 1.6.0 32",
        "scope": null,
        "trust": 0.9,
        "vendor": "oracle",
        "version": null
      },
      {
        "model": "jdk 1.6.0 38",
        "scope": null,
        "trust": 0.9,
        "vendor": "oracle",
        "version": null
      },
      {
        "model": "jre 1.6.0 25",
        "scope": null,
        "trust": 0.9,
        "vendor": "oracle",
        "version": null
      },
      {
        "model": "jdk 07",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "sun",
        "version": "1.6"
      },
      {
        "model": "jre 1.6.0 35",
        "scope": null,
        "trust": 0.9,
        "vendor": "oracle",
        "version": null
      },
      {
        "model": "jdk 1.6.0 18",
        "scope": null,
        "trust": 0.9,
        "vendor": "sun",
        "version": null
      },
      {
        "model": "jdk 1.6.0 27",
        "scope": null,
        "trust": 0.9,
        "vendor": "oracle",
        "version": null
      },
      {
        "model": "jdk 1.6.0 19",
        "scope": null,
        "trust": 0.9,
        "vendor": "sun",
        "version": null
      },
      {
        "model": "jre 1.7.0 10",
        "scope": null,
        "trust": 0.9,
        "vendor": "oracle",
        "version": null
      },
      {
        "model": "jdk 1.6.0 03",
        "scope": null,
        "trust": 0.9,
        "vendor": "sun",
        "version": null
      },
      {
        "model": "jdk 17",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "sun",
        "version": "1.6"
      },
      {
        "model": "jre 1.7.0 2",
        "scope": null,
        "trust": 0.9,
        "vendor": "oracle",
        "version": null
      },
      {
        "model": "jre 10",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "sun",
        "version": "1.6"
      },
      {
        "model": "jdk 1.7.0 8",
        "scope": null,
        "trust": 0.9,
        "vendor": "oracle",
        "version": null
      },
      {
        "model": "jdk 1.7.0 2",
        "scope": null,
        "trust": 0.9,
        "vendor": "oracle",
        "version": null
      },
      {
        "model": "jre 1.6.0 14",
        "scope": null,
        "trust": 0.9,
        "vendor": "sun",
        "version": null
      },
      {
        "model": "jdk 04",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "sun",
        "version": "1.6"
      },
      {
        "model": "jdk 1.7.0 10",
        "scope": null,
        "trust": 0.9,
        "vendor": "oracle",
        "version": null
      },
      {
        "model": "jre 04",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "sun",
        "version": "1.6"
      },
      {
        "model": "jdk 1.6.0 25",
        "scope": null,
        "trust": 0.9,
        "vendor": "oracle",
        "version": null
      },
      {
        "model": "jdk 1.6.0 37",
        "scope": null,
        "trust": 0.9,
        "vendor": "oracle",
        "version": null
      },
      {
        "model": "jre 1.6.0 27",
        "scope": null,
        "trust": 0.9,
        "vendor": "oracle",
        "version": null
      },
      {
        "model": "jre 1.7.0 11",
        "scope": null,
        "trust": 0.9,
        "vendor": "oracle",
        "version": null
      },
      {
        "model": "jdk 1.6.0 15",
        "scope": null,
        "trust": 0.9,
        "vendor": "sun",
        "version": null
      },
      {
        "model": "jdk 1.6.0 30",
        "scope": null,
        "trust": 0.9,
        "vendor": "oracle",
        "version": null
      },
      {
        "model": "jre 12",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "sun",
        "version": "1.6"
      },
      {
        "model": "jre 1.7.0 7",
        "scope": null,
        "trust": 0.9,
        "vendor": "oracle",
        "version": null
      },
      {
        "model": "jdk",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "sun",
        "version": "1.6"
      },
      {
        "model": "jre",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "sun",
        "version": "1.7"
      },
      {
        "model": "jre 1.6.0 02",
        "scope": null,
        "trust": 0.9,
        "vendor": "sun",
        "version": null
      },
      {
        "model": "jre",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "sun",
        "version": "1.6"
      },
      {
        "model": "jre 1.6.0 23",
        "scope": null,
        "trust": 0.9,
        "vendor": "oracle",
        "version": null
      },
      {
        "model": "jre 1.6.0 01",
        "scope": null,
        "trust": 0.9,
        "vendor": "sun",
        "version": null
      },
      {
        "model": "jdk 1.7.0 4",
        "scope": null,
        "trust": 0.9,
        "vendor": "oracle",
        "version": null
      },
      {
        "model": "jre 1.7.0 9",
        "scope": null,
        "trust": 0.9,
        "vendor": "oracle",
        "version": null
      },
      {
        "model": "jdk 06",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "sun",
        "version": "1.6"
      },
      {
        "model": "jre 1.6.0 19",
        "scope": null,
        "trust": 0.9,
        "vendor": "sun",
        "version": null
      },
      {
        "model": "jdk 1.7.0 9",
        "scope": null,
        "trust": 0.9,
        "vendor": "oracle",
        "version": null
      },
      {
        "model": "jre 1.6.0 38",
        "scope": null,
        "trust": 0.9,
        "vendor": "oracle",
        "version": null
      },
      {
        "model": "jre 1.6.0 15",
        "scope": null,
        "trust": 0.9,
        "vendor": "sun",
        "version": null
      },
      {
        "model": "jre 07",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "sun",
        "version": "1.6"
      },
      {
        "model": "jdk 1.7.0 11",
        "scope": null,
        "trust": 0.9,
        "vendor": "oracle",
        "version": null
      },
      {
        "model": "jre 1.6.0 28",
        "scope": null,
        "trust": 0.9,
        "vendor": "oracle",
        "version": null
      },
      {
        "model": "jdk 1.6.0 23",
        "scope": null,
        "trust": 0.9,
        "vendor": "oracle",
        "version": null
      },
      {
        "model": "jre 1.6.0 11",
        "scope": null,
        "trust": 0.9,
        "vendor": "sun",
        "version": null
      },
      {
        "model": "jre 13",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "sun",
        "version": "1.6"
      },
      {
        "model": "jdk 1.7.0 7",
        "scope": null,
        "trust": 0.9,
        "vendor": "oracle",
        "version": null
      },
      {
        "model": "jdk 1.6.0 32",
        "scope": null,
        "trust": 0.9,
        "vendor": "oracle",
        "version": null
      },
      {
        "model": "jdk 1.6.0 02",
        "scope": null,
        "trust": 0.9,
        "vendor": "sun",
        "version": null
      },
      {
        "model": "jre 05",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "sun",
        "version": "1.6"
      },
      {
        "model": "jre 1.7.0 4",
        "scope": null,
        "trust": 0.9,
        "vendor": "oracle",
        "version": null
      },
      {
        "model": "jdk 1.6.0 26",
        "scope": null,
        "trust": 0.9,
        "vendor": "oracle",
        "version": null
      },
      {
        "model": "jre 1.6.0 26",
        "scope": null,
        "trust": 0.9,
        "vendor": "oracle",
        "version": null
      },
      {
        "model": "jre 1.6.0 21",
        "scope": null,
        "trust": 0.9,
        "vendor": "sun",
        "version": null
      },
      {
        "model": "jre 1.6.0 24",
        "scope": null,
        "trust": 0.9,
        "vendor": "oracle",
        "version": null
      },
      {
        "model": "jre 06",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "sun",
        "version": "1.6"
      },
      {
        "model": "jdk 11",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "sun",
        "version": "1.6"
      },
      {
        "model": "jdk 10",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "sun",
        "version": "1.6"
      },
      {
        "model": "jdk",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "oracle",
        "version": "1.7"
      },
      {
        "model": "jdk 1.6.0 22",
        "scope": null,
        "trust": 0.9,
        "vendor": "oracle",
        "version": null
      },
      {
        "model": "jdk 1.6.0 24",
        "scope": null,
        "trust": 0.9,
        "vendor": "oracle",
        "version": null
      },
      {
        "model": "jdk 13",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "sun",
        "version": "1.6"
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "apple",
        "version": null
      },
      {
        "model": null,
        "scope": null,
        "trust": 0.8,
        "vendor": "oracle",
        "version": null
      },
      {
        "model": "jdk",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "oracle",
        "version": "6 update 38"
      },
      {
        "model": "jdk",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "oracle",
        "version": "7 update 11"
      },
      {
        "model": "jre",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "oracle",
        "version": "6 update 38"
      },
      {
        "model": "jre",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "oracle",
        "version": "7 update 11"
      },
      {
        "model": "jdk",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "sun microsystems",
        "version": "6 update 21"
      },
      {
        "model": "jre",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "sun microsystems",
        "version": "6 update 21"
      },
      {
        "model": "jdk 01-b06",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "sun",
        "version": "1.6"
      },
      {
        "model": "jre 1.6.0 2",
        "scope": null,
        "trust": 0.6,
        "vendor": "sun",
        "version": null
      },
      {
        "model": "jdk 1.6.0 01",
        "scope": null,
        "trust": 0.6,
        "vendor": "sun",
        "version": null
      },
      {
        "model": "jre 1.6.0 20",
        "scope": null,
        "trust": 0.6,
        "vendor": "sun",
        "version": null
      },
      {
        "model": "meeting exchange web conferencing server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "-6.0"
      },
      {
        "model": "aura session manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2.1"
      },
      {
        "model": "trio tview software",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "schneider electric",
        "version": "3.27.0"
      },
      {
        "model": "proactive contact",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "4.1.1"
      },
      {
        "model": "cms r15",
        "scope": null,
        "trust": 0.3,
        "vendor": "avaya",
        "version": null
      },
      {
        "model": "tivoli netcool/omnibus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7.3.1"
      },
      {
        "model": "lotus domino",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.5.3"
      },
      {
        "model": "voice portal sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "4.1"
      },
      {
        "model": "aura application enablement services",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.1"
      },
      {
        "model": "linux amd64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "11.10"
      },
      {
        "model": "jdk 01",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "sun",
        "version": "1.6"
      },
      {
        "model": "aura session manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.2.1"
      },
      {
        "model": "cms r16.3",
        "scope": null,
        "trust": 0.3,
        "vendor": "avaya",
        "version": null
      },
      {
        "model": "meeting exchange client registration server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "-6.0"
      },
      {
        "model": "voice portal sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "4.1"
      },
      {
        "model": "linux amd64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "10.04"
      },
      {
        "model": "trio tview software",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "schneider electric",
        "version": "3.29.0"
      },
      {
        "model": "aura session manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "1.1"
      },
      {
        "model": "call management system r16.1",
        "scope": null,
        "trust": 0.3,
        "vendor": "avaya",
        "version": null
      },
      {
        "model": "linux i386",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "10.04"
      },
      {
        "model": "aura system manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.1.3"
      },
      {
        "model": "tivoli netcool/omnibus fix pack",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7.3.16"
      },
      {
        "model": "lotus notes fix pack",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.5.35"
      },
      {
        "model": "aura system manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.2.3"
      },
      {
        "model": "lotus domino fix pack",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.5.35"
      },
      {
        "model": "lotus notes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.0.2.6"
      },
      {
        "model": "service manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "7.11"
      },
      {
        "model": "aura session manager sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2"
      },
      {
        "model": "aura communication manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.1"
      },
      {
        "model": "linux amd64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "12.10"
      },
      {
        "model": "linux sparc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "10.04"
      },
      {
        "model": "voice portal",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.1.2"
      },
      {
        "model": "lotus notes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.5.1.5"
      },
      {
        "model": "linux i386",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "12.10"
      },
      {
        "model": "aura application server sip core",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "53002.0"
      },
      {
        "model": "voice portal",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.0"
      },
      {
        "model": "call management system r16.2",
        "scope": null,
        "trust": 0.3,
        "vendor": "avaya",
        "version": null
      },
      {
        "model": "ip office application server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "8.0"
      },
      {
        "model": "aura sip enablement services",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.0"
      },
      {
        "model": "lotus domino",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.0.2.1"
      },
      {
        "model": "tivoli netcool/omnibus fix pack",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7.311"
      },
      {
        "model": "ir",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "4.0"
      },
      {
        "model": "aura application enablement services",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2.4"
      },
      {
        "model": "aura messaging",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.0"
      },
      {
        "model": "aura session manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.1.2"
      },
      {
        "model": "aura system manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2"
      },
      {
        "model": "aura session manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.0"
      },
      {
        "model": "aura system manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.1.1"
      },
      {
        "model": "rational host on-demand",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "11.0.7"
      },
      {
        "model": "aura session manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.3"
      },
      {
        "model": "freeflow print server 73.c0.41",
        "scope": null,
        "trust": 0.3,
        "vendor": "xerox",
        "version": null
      },
      {
        "model": "tivoli netcool/omnibus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7.2.1"
      },
      {
        "model": "proactive contact",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "4.2.2"
      },
      {
        "model": "enterprise linux desktop supplementary",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "6"
      },
      {
        "model": "aura messaging",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.2"
      },
      {
        "model": "message networking",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2.3"
      },
      {
        "model": "enterprise linux supplementary server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "5"
      },
      {
        "model": "lotus domino",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.5.0.1"
      },
      {
        "model": "voice portal sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.0"
      },
      {
        "model": "voice portal",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.1"
      },
      {
        "model": "aura sip enablement services",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.1"
      },
      {
        "model": "lotus notes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.0.2.2"
      },
      {
        "model": "voice portal sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.0"
      },
      {
        "model": "interactive service manager web tier",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mercury",
        "version": "9.30"
      },
      {
        "model": "lotus domino",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.0.2.4"
      },
      {
        "model": "lotus domino",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "9.0"
      },
      {
        "model": "aura messaging",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.0.1"
      },
      {
        "model": "service manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "9.31"
      },
      {
        "model": "lotus domino",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.0.2.3"
      },
      {
        "model": "aura session manager sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.1"
      },
      {
        "model": "aura sip enablement services",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2"
      },
      {
        "model": "iq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2"
      },
      {
        "model": "aura session manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.0.1"
      },
      {
        "model": "aura presence services",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.1"
      },
      {
        "model": "lotus domino",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.5.2"
      },
      {
        "model": "aura presence services",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.1.2"
      },
      {
        "model": "aura system manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.1.5"
      },
      {
        "model": "lotus notes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.0"
      },
      {
        "model": "lotus notes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.5.1"
      },
      {
        "model": "aura application enablement services",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.1.2"
      },
      {
        "model": "conferencing standard edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.0.1"
      },
      {
        "model": "cms r17",
        "scope": null,
        "trust": 0.3,
        "vendor": "avaya",
        "version": null
      },
      {
        "model": "voice portal sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.1"
      },
      {
        "model": "voice portal sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.1"
      },
      {
        "model": "call management system r",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "15"
      },
      {
        "model": "interactive service manager web tier",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mercury",
        "version": "7.11"
      },
      {
        "model": "linux arm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "10.04"
      },
      {
        "model": "lotus domino",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.0.2"
      },
      {
        "model": "linux lts amd64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "12.04"
      },
      {
        "model": "aura sip enablement services",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2.1"
      },
      {
        "model": "aura application enablement services",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.2"
      },
      {
        "model": "lotus domino",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.5.1.1"
      },
      {
        "model": "aura system manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.1"
      },
      {
        "model": "proactive contact",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "4.0"
      },
      {
        "model": "aura system manager sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.1"
      },
      {
        "model": "aura communication manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2"
      },
      {
        "model": "aura session manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.1.3"
      },
      {
        "model": "aura session manager sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2"
      },
      {
        "model": "ip office server edition",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "8.1"
      },
      {
        "model": "tivoli netcool/omnibus fix pack",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7.2.113"
      },
      {
        "model": "proactive contact",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "4.2"
      },
      {
        "model": "call management system r16.3",
        "scope": null,
        "trust": 0.3,
        "vendor": "avaya",
        "version": null
      },
      {
        "model": "freeflow print server 73.c5.11",
        "scope": null,
        "trust": 0.3,
        "vendor": "xerox",
        "version": null
      },
      {
        "model": "voice portal sp3",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.1"
      },
      {
        "model": "enterprise linux server supplementary",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "6"
      },
      {
        "model": "lotus notes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.5.2.3"
      },
      {
        "model": "iq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.1.1"
      },
      {
        "model": "aura application enablement services",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2.3"
      },
      {
        "model": "lotus notes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.0.2.3"
      },
      {
        "model": "meeting exchange streaming server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "-6.0"
      },
      {
        "model": "proactive contact",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "4.1"
      },
      {
        "model": "call management system r",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "16"
      },
      {
        "model": "iq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "4.0"
      },
      {
        "model": "lotus notes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.5.2"
      },
      {
        "model": "lotus notes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.0.2.5"
      },
      {
        "model": "communication server 1000m",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.0"
      },
      {
        "model": "lotus notes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.5.3"
      },
      {
        "model": "enterprise linux workstation supplementary",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "6"
      },
      {
        "model": "servicecenter web tier",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "6.2.8"
      },
      {
        "model": "aura session manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.2"
      },
      {
        "model": "message networking",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2.2"
      },
      {
        "model": "iq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "4.2"
      },
      {
        "model": "tivoli netcool/omnibus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7.3"
      },
      {
        "model": "communication server 1000m signaling server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.0"
      },
      {
        "model": "lotus domino",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.5"
      },
      {
        "model": "aura messaging",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.1.1"
      },
      {
        "model": "meeting exchange recording server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "-6.0"
      },
      {
        "model": "communication server 1000e",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.0"
      },
      {
        "model": "message networking",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2.1"
      },
      {
        "model": "lotus notes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.5.2.2"
      },
      {
        "model": "lotus notes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.5.2.1"
      },
      {
        "model": "interactive service manager web tier",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mercury",
        "version": "9.31"
      },
      {
        "model": "aura session manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.1.1"
      },
      {
        "model": "iq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "4.1"
      },
      {
        "model": "aura experience portal",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.0.2"
      },
      {
        "model": "lotus notes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.0.2"
      },
      {
        "model": "aura sip enablement services",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "3.1.1"
      },
      {
        "model": "linux lts i386",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "12.04"
      },
      {
        "model": "proactive contact",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "4.2.1"
      },
      {
        "model": "aura sip enablement services",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "3.1"
      },
      {
        "model": "aura experience portal sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.0"
      },
      {
        "model": "mac os server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.8"
      },
      {
        "model": "aura presence services sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.1"
      },
      {
        "model": "aura presence services sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.1"
      },
      {
        "model": "aura system manager sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.0"
      },
      {
        "model": "tivoli netcool/omnibus fix pack",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7.41"
      },
      {
        "model": "aura system manager sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.1"
      },
      {
        "model": "lotus notes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.0.2.1"
      },
      {
        "model": "communication server 1000m signaling server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "7.0"
      },
      {
        "model": "aura experience portal",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.0"
      },
      {
        "model": "lotus domino",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.5.4"
      },
      {
        "model": "communication server 1000e",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "7.0"
      },
      {
        "model": "aura session manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.2.2"
      },
      {
        "model": "aura session manager sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.0"
      },
      {
        "model": "aura session manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.1.5"
      },
      {
        "model": "lotus notes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.5.1.4"
      },
      {
        "model": "lotus domino",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.0.2.2"
      },
      {
        "model": "proactive contact",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "4.1.2"
      },
      {
        "model": "linux i386",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "11.10"
      },
      {
        "model": "aura session manager sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.1"
      },
      {
        "model": "lotus domino",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.0.1"
      },
      {
        "model": "aura presence services",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.1.1"
      },
      {
        "model": "proactive contact",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.0"
      },
      {
        "model": "ip office application server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "8.1"
      },
      {
        "model": "messaging application server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2.1"
      },
      {
        "model": "aura application enablement services",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2"
      },
      {
        "model": "lotus notes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.5.1.2"
      },
      {
        "model": "aura conferencing sp1 standard",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.0"
      },
      {
        "model": "lotus notes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.5.1.3"
      },
      {
        "model": "aura system manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.1.2"
      },
      {
        "model": "aura application enablement services",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.1.1"
      },
      {
        "model": "lotus notes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.5.0.1"
      },
      {
        "model": "aura session manager sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.2"
      },
      {
        "model": "mac os",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apple",
        "version": "x10.6.8"
      },
      {
        "model": "aura system manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.0"
      },
      {
        "model": "lotus notes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.5"
      },
      {
        "model": "aura application server sip core",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "53003.0"
      },
      {
        "model": "lotus notes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.0.2.4"
      },
      {
        "model": "lotus notes",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "9.0"
      },
      {
        "model": "lotus domino",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.0"
      },
      {
        "model": "voice portal",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.1.1"
      },
      {
        "model": "aura experience portal",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.0.1"
      },
      {
        "model": "lotus domino",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "8.5.1"
      },
      {
        "model": "aura experience portal sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.0"
      },
      {
        "model": "message networking",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2.5"
      },
      {
        "model": "communication server 1000e signaling server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.0"
      },
      {
        "model": "aura system manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.3"
      },
      {
        "model": "aura messaging",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.1"
      },
      {
        "model": "cms r16",
        "scope": null,
        "trust": 0.3,
        "vendor": "avaya",
        "version": null
      },
      {
        "model": "aura system manager sp3",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.2"
      },
      {
        "model": "voice portal",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "4.0"
      },
      {
        "model": "aura sip enablement services",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "4.0"
      },
      {
        "model": "aura session manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.1"
      },
      {
        "model": "aura application enablement services",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2.2"
      },
      {
        "model": "jdk 1.6.0 01-b06",
        "scope": null,
        "trust": 0.3,
        "vendor": "sun",
        "version": null
      },
      {
        "model": "aura conferencing",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "7.0"
      },
      {
        "model": "aura system manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.2"
      },
      {
        "model": "conferencing standard edition",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "7.0"
      },
      {
        "model": "meeting exchange webportal",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "-6.0"
      },
      {
        "model": "aura application enablement services",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2.1"
      },
      {
        "model": "proactive contact",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.1"
      },
      {
        "model": "enterprise linux hpc node supplementary",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "6"
      },
      {
        "model": "enterprise linux desktop supplementary client",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "5"
      },
      {
        "model": "linux",
        "scope": null,
        "trust": 0.3,
        "vendor": "gentoo",
        "version": null
      },
      {
        "model": "linux powerpc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ubuntu",
        "version": "10.04"
      },
      {
        "model": "message networking",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2.4"
      },
      {
        "model": "aura session manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.2"
      },
      {
        "model": "communication server 1000e signaling server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "7.5"
      },
      {
        "model": "aura communication manager utility services",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.1.0.9.8"
      },
      {
        "model": "voice portal",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.1.3"
      },
      {
        "model": "voice portal",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "4.1"
      },
      {
        "model": "rational host on-demand",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "11.0"
      },
      {
        "model": "service manager p2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "hp",
        "version": "9.31.2004"
      },
      {
        "model": "iq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5"
      },
      {
        "model": "aura sip enablement services",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "3.0"
      },
      {
        "model": "communication server 1000m",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "7.5"
      },
      {
        "model": "communication server 1000e signaling server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "7.0"
      },
      {
        "model": "proactive contact",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "4.0.1"
      },
      {
        "model": "tivoli netcool/omnibus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "ibm",
        "version": "7.4"
      },
      {
        "model": "iq",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "5.1"
      },
      {
        "model": "aura conferencing standard",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "6.0"
      },
      {
        "model": "communication server 1000m signaling server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "7.5"
      },
      {
        "model": "aura application server sip core",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "53002.1"
      },
      {
        "model": "communication server 1000e",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "7.5"
      },
      {
        "model": "service manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "hp",
        "version": "9.30"
      },
      {
        "model": "communication server 1000m",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "avaya",
        "version": "7.0"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#858729"
      },
      {
        "db": "BID",
        "id": "57722"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001398"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0430"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:oracle:jdk",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:oracle:jre",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:sun:jdk",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:sun:jre",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001398"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Oracle",
    "sources": [
      {
        "db": "BID",
        "id": "57722"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2013-0430",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.9,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 3.4,
            "id": "CVE-2013-0430",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2013-0430",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2013-0430",
            "trust": 0.8,
            "value": "Medium"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001398"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0430"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to the installation process of the client. Java 7 Update 11, Java 6 Update 38, and earlier versions of Java contain vulnerabilities that can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. (DoS) An attack may be carried out. Oracle Java SE is prone to a remote security vulnerability in Java Runtime Environment. \nThis issue affects the \u0027Install\u0027 sub-component. \nThis vulnerability affects the following supported versions:\n7 Update 11 and prior,  6 Update 38 and prior\nNote: This issue was previously discussed in  BID 57670 (Oracle Java Runtime Environment Multiple Security  Vulnerabilities) but has been given its own record to better document  it. ============================================================================\nUbuntu Security Notice USN-1724-1\nFebruary 14, 2013\n\nopenjdk-6, openjdk-7 vulnerabilities\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 12.10\n- Ubuntu 12.04 LTS\n- Ubuntu 11.10\n- Ubuntu 10.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in OpenJDK. \n\nSoftware Description:\n- openjdk-7: Open Source Java implementation\n- openjdk-6: Open Source Java implementation\n\nDetails:\n\nSeveral vulnerabilities were discovered in the OpenJDK JRE related to\ninformation disclosure and data integrity. An attacker could exploit these\nto cause a denial of service. (CVE-2012-1541, CVE-2012-3342, CVE-2013-0351,\nCVE-2013-0419, CVE-2013-0423, CVE-2013-0446, CVE-2012-3213, CVE-2013-0425,\nCVE-2013-0426, CVE-2013-0428, CVE-2013-0429, CVE-2013-0430, CVE-2013-0441,\nCVE-2013-0442, CVE-2013-0445, CVE-2013-0450, CVE-2013-1475, CVE-2013-1476,\nCVE-2013-1478, CVE-2013-1480)\n\nVulnerabilities were discovered in the OpenJDK JRE related to information\ndisclosure. (CVE-2013-0409, CVE-2013-0434, CVE-2013-0438)\n\nSeveral data integrity vulnerabilities were discovered in the OpenJDK JRE. \n(CVE-2013-0424, CVE-2013-0427, CVE-2013-0433, CVE-2013-1473)\n\nSeveral vulnerabilities were discovered in the OpenJDK JRE related to\ninformation disclosure and data integrity. (CVE-2013-0432, CVE-2013-0435,\nCVE-2013-0443)\n\nA vulnerability was discovered in the OpenJDK JRE related to availability. \nAn attacker could exploit this to cause a denial of service. \n(CVE-2013-0440)\n\nA vulnerability was discovered in the OpenJDK JRE related to information\ndisclosure and data integrity. An attacker could exploit this to cause a\ndenial of service. (CVE-2013-0444)\n\nA data integrity vulnerability was discovered in the OpenJDK JRE. (CVE-2013-0448)\n\nAn information disclosure vulnerability was discovered in the OpenJDK JRE. (CVE-2013-0449)\n\nA vulnerability was discovered in the OpenJDK JRE related to information\ndisclosure and data integrity. An attacker could exploit this to cause a\ndenial of service. (CVE-2013-1481)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 12.10:\n  icedtea-7-jre-jamvm             7u13-2.3.6-0ubuntu0.12.10.1\n  openjdk-7-jre                   7u13-2.3.6-0ubuntu0.12.10.1\n  openjdk-7-jre-headless          7u13-2.3.6-0ubuntu0.12.10.1\n  openjdk-7-jre-lib               7u13-2.3.6-0ubuntu0.12.10.1\n  openjdk-7-jre-zero              7u13-2.3.6-0ubuntu0.12.10.1\n\nUbuntu 12.04 LTS:\n  icedtea-6-jre-cacao             6b27-1.12.1-2ubuntu0.12.04.2\n  icedtea-6-jre-jamvm             6b27-1.12.1-2ubuntu0.12.04.2\n  openjdk-6-jre                   6b27-1.12.1-2ubuntu0.12.04.2\n  openjdk-6-jre-headless          6b27-1.12.1-2ubuntu0.12.04.2\n  openjdk-6-jre-lib               6b27-1.12.1-2ubuntu0.12.04.2\n  openjdk-6-jre-zero              6b27-1.12.1-2ubuntu0.12.04.2\n\nUbuntu 11.10:\n  icedtea-6-jre-cacao             6b27-1.12.1-2ubuntu0.11.10.2\n  icedtea-6-jre-jamvm             6b27-1.12.1-2ubuntu0.11.10.2\n  openjdk-6-jre                   6b27-1.12.1-2ubuntu0.11.10.2\n  openjdk-6-jre-headless          6b27-1.12.1-2ubuntu0.11.10.2\n  openjdk-6-jre-lib               6b27-1.12.1-2ubuntu0.11.10.2\n  openjdk-6-jre-zero              6b27-1.12.1-2ubuntu0.11.10.2\n\nUbuntu 10.04 LTS:\n  icedtea-6-jre-cacao             6b27-1.12.1-2ubuntu0.10.04.2\n  openjdk-6-jre                   6b27-1.12.1-2ubuntu0.10.04.2\n  openjdk-6-jre-headless          6b27-1.12.1-2ubuntu0.10.04.2\n  openjdk-6-jre-lib               6b27-1.12.1-2ubuntu0.10.04.2\n  openjdk-6-jre-zero              6b27-1.12.1-2ubuntu0.10.04.2\n\nThis update uses a new upstream release which includes additional bug\nfixes. After a standard system update you need to restart any Java\napplications or applets to make all the necessary changes. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory                           GLSA 201401-30\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n                                            http://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: High\n    Title: Oracle JRE/JDK: Multiple vulnerabilities\n     Date: January 27, 2014\n     Bugs: #404071, #421073, #433094, #438706, #451206, #455174,\n           #458444, #460360, #466212, #473830, #473980, #488210, #498148\n       ID: 201401-30\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in the Oracle JRE/JDK,\nallowing attackers to cause unspecified impact. \n\nAffected packages\n=================\n\n    -------------------------------------------------------------------\n     Package              /     Vulnerable     /            Unaffected\n    -------------------------------------------------------------------\n  1  dev-java/sun-jdk           \u003c= 1.6.0.45                Vulnerable!\n  2  dev-java/oracle-jdk-bin     \u003c 1.7.0.51              \u003e= 1.7.0.51 *\n  3  dev-java/sun-jre-bin       \u003c= 1.6.0.45                Vulnerable!\n  4  dev-java/oracle-jre-bin     \u003c 1.7.0.51              \u003e= 1.7.0.51 *\n  5  app-emulation/emul-linux-x86-java\n                                 \u003c 1.7.0.51              \u003e= 1.7.0.51 *\n    -------------------------------------------------------------------\n     NOTE: Certain packages are still vulnerable. Users should migrate\n           to another package if one is available or wait for the\n           existing packages to be marked stable by their\n           architecture maintainers. \n    -------------------------------------------------------------------\n     NOTE: Packages marked with asterisks require manual intervention!\n    -------------------------------------------------------------------\n     5 affected packages\n\nDescription\n===========\n\nMultiple vulnerabilities have been reported in the Oracle Java\nimplementation. Please review the CVE identifiers referenced below for\ndetails. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Oracle JDK 1.7 users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot -v \"\u003e=dev-java/oracle-jdk-bin-1.7.0.51\"\n\nAll Oracle JRE 1.7 users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot -v \"\u003e=dev-java/oracle-jre-bin-1.7.0.51\"\n\nAll users of the precompiled 32-bit Oracle JRE should upgrade to the\nlatest version:\n\n  # emerge --sync\n  # emerge -a -1 -v \"\u003e=app-emulation/emul-linux-x86-java-1.7.0.51\"\n\nAll Sun Microsystems JDK/JRE 1.6 users are suggested to upgrade to one\nof the newer Oracle packages like dev-java/oracle-jdk-bin or\ndev-java/oracle-jre-bin or choose another alternative we provide; eg. \nthe IBM JDK/JRE or the open source IcedTea. \n\nReferences\n==========\n\n[   1 ] CVE-2011-3563\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3563\n[   2 ] CVE-2011-5035\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5035\n[   3 ] CVE-2012-0497\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0497\n[   4 ] CVE-2012-0498\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0498\n[   5 ] CVE-2012-0499\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0499\n[   6 ] CVE-2012-0500\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0500\n[   7 ] CVE-2012-0501\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0501\n[   8 ] CVE-2012-0502\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0502\n[   9 ] CVE-2012-0503\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0503\n[  10 ] CVE-2012-0504\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0504\n[  11 ] CVE-2012-0505\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0505\n[  12 ] CVE-2012-0506\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0506\n[  13 ] CVE-2012-0507\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0507\n[  14 ] CVE-2012-0547\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0547\n[  15 ] CVE-2012-1531\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1531\n[  16 ] CVE-2012-1532\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1532\n[  17 ] CVE-2012-1533\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1533\n[  18 ] CVE-2012-1541\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1541\n[  19 ] CVE-2012-1682\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1682\n[  20 ] CVE-2012-1711\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1711\n[  21 ] CVE-2012-1713\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1713\n[  22 ] CVE-2012-1716\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1716\n[  23 ] CVE-2012-1717\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1717\n[  24 ] CVE-2012-1718\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1718\n[  25 ] CVE-2012-1719\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1719\n[  26 ] CVE-2012-1721\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1721\n[  27 ] CVE-2012-1722\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1722\n[  28 ] CVE-2012-1723\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1723\n[  29 ] CVE-2012-1724\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1724\n[  30 ] CVE-2012-1725\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1725\n[  31 ] CVE-2012-1726\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1726\n[  32 ] CVE-2012-3136\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3136\n[  33 ] CVE-2012-3143\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3143\n[  34 ] CVE-2012-3159\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3159\n[  35 ] CVE-2012-3174\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3174\n[  36 ] CVE-2012-3213\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3213\n[  37 ] CVE-2012-3216\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3216\n[  38 ] CVE-2012-3342\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3342\n[  39 ] CVE-2012-4416\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4416\n[  40 ] CVE-2012-4681\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4681\n[  41 ] CVE-2012-5067\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5067\n[  42 ] CVE-2012-5068\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5068\n[  43 ] CVE-2012-5069\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5069\n[  44 ] CVE-2012-5070\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5070\n[  45 ] CVE-2012-5071\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5071\n[  46 ] CVE-2012-5072\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5072\n[  47 ] CVE-2012-5073\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5073\n[  48 ] CVE-2012-5074\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5074\n[  49 ] CVE-2012-5075\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5075\n[  50 ] CVE-2012-5076\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5076\n[  51 ] CVE-2012-5077\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5077\n[  52 ] CVE-2012-5079\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5079\n[  53 ] CVE-2012-5081\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5081\n[  54 ] CVE-2012-5083\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5083\n[  55 ] CVE-2012-5084\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5084\n[  56 ] CVE-2012-5085\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5085\n[  57 ] CVE-2012-5086\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5086\n[  58 ] CVE-2012-5087\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5087\n[  59 ] CVE-2012-5088\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5088\n[  60 ] CVE-2012-5089\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5089\n[  61 ] CVE-2013-0169\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0169\n[  62 ] CVE-2013-0351\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0351\n[  63 ] CVE-2013-0401\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0401\n[  64 ] CVE-2013-0402\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0402\n[  65 ] CVE-2013-0409\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0409\n[  66 ] CVE-2013-0419\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0419\n[  67 ] CVE-2013-0422\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0422\n[  68 ] CVE-2013-0423\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0423\n[  69 ] CVE-2013-0430\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0430\n[  70 ] CVE-2013-0437\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0437\n[  71 ] CVE-2013-0438\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0438\n[  72 ] CVE-2013-0445\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0445\n[  73 ] CVE-2013-0446\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0446\n[  74 ] CVE-2013-0448\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0448\n[  75 ] CVE-2013-0449\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0449\n[  76 ] CVE-2013-0809\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0809\n[  77 ] CVE-2013-1473\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1473\n[  78 ] CVE-2013-1479\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1479\n[  79 ] CVE-2013-1481\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1481\n[  80 ] CVE-2013-1484\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1484\n[  81 ] CVE-2013-1485\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1485\n[  82 ] CVE-2013-1486\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1486\n[  83 ] CVE-2013-1487\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1487\n[  84 ] CVE-2013-1488\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1488\n[  85 ] CVE-2013-1491\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1491\n[  86 ] CVE-2013-1493\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1493\n[  87 ] CVE-2013-1500\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1500\n[  88 ] CVE-2013-1518\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1518\n[  89 ] CVE-2013-1537\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1537\n[  90 ] CVE-2013-1540\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1540\n[  91 ] CVE-2013-1557\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1557\n[  92 ] CVE-2013-1558\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1558\n[  93 ] CVE-2013-1561\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1561\n[  94 ] CVE-2013-1563\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1563\n[  95 ] CVE-2013-1564\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1564\n[  96 ] CVE-2013-1569\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1569\n[  97 ] CVE-2013-1571\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1571\n[  98 ] CVE-2013-2383\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2383\n[  99 ] CVE-2013-2384\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2384\n[ 100 ] CVE-2013-2394\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2394\n[ 101 ] CVE-2013-2400\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2400\n[ 102 ] CVE-2013-2407\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2407\n[ 103 ] CVE-2013-2412\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2412\n[ 104 ] CVE-2013-2414\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2414\n[ 105 ] CVE-2013-2415\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2415\n[ 106 ] CVE-2013-2416\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2416\n[ 107 ] CVE-2013-2417\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2417\n[ 108 ] CVE-2013-2418\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2418\n[ 109 ] CVE-2013-2419\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2419\n[ 110 ] CVE-2013-2420\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2420\n[ 111 ] CVE-2013-2421\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2421\n[ 112 ] CVE-2013-2422\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2422\n[ 113 ] CVE-2013-2423\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2423\n[ 114 ] CVE-2013-2424\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2424\n[ 115 ] CVE-2013-2425\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2425\n[ 116 ] CVE-2013-2426\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2426\n[ 117 ] CVE-2013-2427\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2427\n[ 118 ] CVE-2013-2428\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2428\n[ 119 ] CVE-2013-2429\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2429\n[ 120 ] CVE-2013-2430\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2430\n[ 121 ] CVE-2013-2431\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2431\n[ 122 ] CVE-2013-2432\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2432\n[ 123 ] CVE-2013-2433\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2433\n[ 124 ] CVE-2013-2434\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2434\n[ 125 ] CVE-2013-2435\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2435\n[ 126 ] CVE-2013-2436\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2436\n[ 127 ] CVE-2013-2437\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2437\n[ 128 ] CVE-2013-2438\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2438\n[ 129 ] CVE-2013-2439\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2439\n[ 130 ] CVE-2013-2440\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2440\n[ 131 ] CVE-2013-2442\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2442\n[ 132 ] CVE-2013-2443\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2443\n[ 133 ] CVE-2013-2444\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2444\n[ 134 ] CVE-2013-2445\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2445\n[ 135 ] CVE-2013-2446\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2446\n[ 136 ] CVE-2013-2447\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2447\n[ 137 ] CVE-2013-2448\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2448\n[ 138 ] CVE-2013-2449\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2449\n[ 139 ] CVE-2013-2450\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2450\n[ 140 ] CVE-2013-2451\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2451\n[ 141 ] CVE-2013-2452\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2452\n[ 142 ] CVE-2013-2453\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2453\n[ 143 ] CVE-2013-2454\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2454\n[ 144 ] CVE-2013-2455\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2455\n[ 145 ] CVE-2013-2456\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2456\n[ 146 ] CVE-2013-2457\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2457\n[ 147 ] CVE-2013-2458\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2458\n[ 148 ] CVE-2013-2459\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2459\n[ 149 ] CVE-2013-2460\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2460\n[ 150 ] CVE-2013-2461\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2461\n[ 151 ] CVE-2013-2462\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2462\n[ 152 ] CVE-2013-2463\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2463\n[ 153 ] CVE-2013-2464\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2464\n[ 154 ] CVE-2013-2465\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2465\n[ 155 ] CVE-2013-2466\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2466\n[ 156 ] CVE-2013-2467\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2467\n[ 157 ] CVE-2013-2468\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2468\n[ 158 ] CVE-2013-2469\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2469\n[ 159 ] CVE-2013-2470\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2470\n[ 160 ] CVE-2013-2471\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2471\n[ 161 ] CVE-2013-2472\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2472\n[ 162 ] CVE-2013-2473\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2473\n[ 163 ] CVE-2013-3743\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3743\n[ 164 ] CVE-2013-3744\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3744\n[ 165 ] CVE-2013-3829\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3829\n[ 166 ] CVE-2013-5772\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5772\n[ 167 ] CVE-2013-5774\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5774\n[ 168 ] CVE-2013-5775\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5775\n[ 169 ] CVE-2013-5776\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5776\n[ 170 ] CVE-2013-5777\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5777\n[ 171 ] CVE-2013-5778\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5778\n[ 172 ] CVE-2013-5780\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5780\n[ 173 ] CVE-2013-5782\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5782\n[ 174 ] CVE-2013-5783\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5783\n[ 175 ] CVE-2013-5784\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5784\n[ 176 ] CVE-2013-5787\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5787\n[ 177 ] CVE-2013-5788\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5788\n[ 178 ] CVE-2013-5789\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5789\n[ 179 ] CVE-2013-5790\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5790\n[ 180 ] CVE-2013-5797\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5797\n[ 181 ] CVE-2013-5800\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5800\n[ 182 ] CVE-2013-5801\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5801\n[ 183 ] CVE-2013-5802\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5802\n[ 184 ] CVE-2013-5803\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5803\n[ 185 ] CVE-2013-5804\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5804\n[ 186 ] CVE-2013-5805\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5805\n[ 187 ] CVE-2013-5806\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5806\n[ 188 ] CVE-2013-5809\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5809\n[ 189 ] CVE-2013-5810\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5810\n[ 190 ] CVE-2013-5812\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5812\n[ 191 ] CVE-2013-5814\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5814\n[ 192 ] CVE-2013-5817\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5817\n[ 193 ] CVE-2013-5818\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5818\n[ 194 ] CVE-2013-5819\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5819\n[ 195 ] CVE-2013-5820\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5820\n[ 196 ] CVE-2013-5823\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5823\n[ 197 ] CVE-2013-5824\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5824\n[ 198 ] CVE-2013-5825\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5825\n[ 199 ] CVE-2013-5829\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5829\n[ 200 ] CVE-2013-5830\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5830\n[ 201 ] CVE-2013-5831\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5831\n[ 202 ] CVE-2013-5832\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5832\n[ 203 ] CVE-2013-5838\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5838\n[ 204 ] CVE-2013-5840\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5840\n[ 205 ] CVE-2013-5842\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5842\n[ 206 ] CVE-2013-5843\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5843\n[ 207 ] CVE-2013-5844\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5844\n[ 208 ] CVE-2013-5846\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5846\n[ 209 ] CVE-2013-5848\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5848\n[ 210 ] CVE-2013-5849\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5849\n[ 211 ] CVE-2013-5850\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5850\n[ 212 ] CVE-2013-5851\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5851\n[ 213 ] CVE-2013-5852\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5852\n[ 214 ] CVE-2013-5854\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5854\n[ 215 ] CVE-2013-5870\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5870\n[ 216 ] CVE-2013-5878\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5878\n[ 217 ] CVE-2013-5887\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5887\n[ 218 ] CVE-2013-5888\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5888\n[ 219 ] CVE-2013-5889\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5889\n[ 220 ] CVE-2013-5893\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5893\n[ 221 ] CVE-2013-5895\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5895\n[ 222 ] CVE-2013-5896\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5896\n[ 223 ] CVE-2013-5898\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5898\n[ 224 ] CVE-2013-5899\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5899\n[ 225 ] CVE-2013-5902\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5902\n[ 226 ] CVE-2013-5904\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5904\n[ 227 ] CVE-2013-5905\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5905\n[ 228 ] CVE-2013-5906\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5906\n[ 229 ] CVE-2013-5907\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5907\n[ 230 ] CVE-2013-5910\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5910\n[ 231 ] CVE-2014-0368\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0368\n[ 232 ] CVE-2014-0373\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0373\n[ 233 ] CVE-2014-0375\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0375\n[ 234 ] CVE-2014-0376\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0376\n[ 235 ] CVE-2014-0382\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0382\n[ 236 ] CVE-2014-0385\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0385\n[ 237 ] CVE-2014-0387\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0387\n[ 238 ] CVE-2014-0403\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0403\n[ 239 ] CVE-2014-0408\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0408\n[ 240 ] CVE-2014-0410\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0410\n[ 241 ] CVE-2014-0411\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0411\n[ 242 ] CVE-2014-0415\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0415\n[ 243 ] CVE-2014-0416\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0416\n[ 244 ] CVE-2014-0417\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0417\n[ 245 ] CVE-2014-0418\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0418\n[ 246 ] CVE-2014-0422\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0422\n[ 247 ] CVE-2014-0423\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0423\n[ 248 ] CVE-2014-0424\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0424\n[ 249 ] CVE-2014-0428\n        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0428\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n http://security.gentoo.org/glsa/glsa-201401-30.xml\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2014 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. \n\nRelease Date: 2013-04-29\nLast Updated: 2013-04-29\n\nPotential Security Impact: Java Runtime Environment (JRE) security update\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nSeveral potential security vulnerabilities have been identified with HP\nService Manager for Windows, Linux, HP-UX, Solaris and AIX. \n\nReferences: CVE-2013-1487, CVE-2013-1486,\nCVE-2013-1484,CVE-2013-1485,CVE-2013-0169, CVE-2013-0437, CVE-2013-1478,\nCVE-2013-0442, CVE-2013-0445, CVE-2013-1480, CVE-2013-0441, CVE-2013-1475,\nCVE-2013-1476, CVE-2012-1541, CVE-2013-0446, CVE-2012-3342, CVE-2013-0450,\nCVE-2013-1479, CVE-2013-0425, CVE-2013-0426, CVE-2013-0428, CVE-2012-3213,\nCVE-2013-1481, CVE-2013-0436, CVE-2013-0439, CVE-2013-0447, CVE-2013-1472,\nCVE-2012-4301, CVE-2013-1477, CVE-2013-1482, CVE-2013-1483, CVE-2013-1474,\nCVE-2012-4305, CVE-2013-0444, CVE-2013-0429, CVE-2013-0419, CVE-2013-0423,\nCVE-2012-1543, CVE-2013-0351, CVE-2013-0430, CVE-2013-0432, CVE-2013-0449,\nCVE-2013-1473, CVE-2013-0435, CVE-2013-0434, CVE-2013-0409, CVE-2013-0431,\nCVE-2013-0427, CVE-2013-0448, CVE-2013-0433, CVE-2013-0424, CVE-2013-0440,\nCVE-2013-0438, CVE-2013-0443, CVE-2013-1489\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP Service Manager for Windows, Linux, HP-UX, Solaris and AIX v 9.30, v9.31\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n  Reference              Base Vector             Base Score\nCVE-2012-1541    (AV:N/AC:L/Au:N/C:C/I:C/A:C)       10.0\nCVE-2012-1543    (AV:N/AC:H/Au:N/C:C/I:C/A:C)        7.6\nCVE-2012-3213    (AV:N/AC:L/Au:N/C:C/I:C/A:C)       10.0\nCVE-2012-3342    (AV:N/AC:L/Au:N/C:C/I:C/A:C)       10.0\nCVE-2012-4301    (AV:N/AC:L/Au:N/C:C/I:C/A:C)       10.0\nCVE-2012-4305    (AV:N/AC:M/Au:N/C:C/I:C/A:C)        9.3\nCVE-2013-0169    (AV:N/AC:H/Au:N/C:P/I:N/A:N)        2.6\nCVE-2013-0351    (AV:N/AC:L/Au:N/C:P/I:P/A:P)        7.5\nCVE-2013-0409    (AV:N/AC:L/Au:N/C:P/I:N/A:N)        5.0\nCVE-2013-0419    (AV:N/AC:H/Au:N/C:C/I:C/A:C)        7.6\nCVE-2013-0423    (AV:N/AC:H/Au:N/C:C/I:C/A:C)        7.6\nCVE-2013-0424    (AV:N/AC:L/Au:N/C:N/I:P/A:N)        5.0\nCVE-2013-0425    (AV:N/AC:L/Au:N/C:C/I:C/A:C)       10.0\nCVE-2013-0426    (AV:N/AC:L/Au:N/C:C/I:C/A:C)       10.0\nCVE-2013-0427    (AV:N/AC:L/Au:N/C:N/I:P/A:N)        5.0\nCVE-2013-0428    (AV:N/AC:L/Au:N/C:C/I:C/A:C)       10.0\nCVE-2013-0429    (AV:N/AC:H/Au:N/C:C/I:C/A:C)        7.6\nCVE-2013-0430    (AV:L/AC:M/Au:N/C:C/I:C/A:C)        6.9\nCVE-2013-0431    (AV:N/AC:L/Au:N/C:N/I:P/A:N)        5.0\nCVE-2013-0432    (AV:N/AC:L/Au:N/C:P/I:P/A:N)        6.4\nCVE-2013-0433    (AV:N/AC:L/Au:N/C:N/I:P/A:N)        5.0\nCVE-2013-0434    (AV:N/AC:L/Au:N/C:P/I:N/A:N)        5.0\nCVE-2013-0435    (AV:N/AC:L/Au:N/C:P/I:N/A:N)        5.0\nCVE-2013-0436    (AV:N/AC:L/Au:N/C:C/I:C/A:C)       10.0\nCVE-2013-0437    (AV:N/AC:L/Au:N/C:C/I:C/A:C)       10.0\nCVE-2013-0438    (AV:N/AC:M/Au:N/C:P/I:N/A:N)        4.3\nCVE-2013-0439    (AV:N/AC:L/Au:N/C:C/I:C/A:C)       10.0\nCVE-2013-0440    (AV:N/AC:L/Au:N/C:N/I:N/A:P)        5.0\nCVE-2013-0441    (AV:N/AC:L/Au:N/C:C/I:C/A:C)       10.0\nCVE-2013-0442    (AV:N/AC:L/Au:N/C:C/I:C/A:C)       10.0\nCVE-2013-0443    (AV:N/AC:H/Au:N/C:P/I:P/A:N)        4.0\nCVE-2013-0444    (AV:N/AC:H/Au:N/C:C/I:C/A:C)        7.6\nCVE-2013-0445    (AV:N/AC:L/Au:N/C:C/I:C/A:C)       10.0\nCVE-2013-0446    (AV:N/AC:L/Au:N/C:C/I:C/A:C)       10.0\nCVE-2013-0447    (AV:N/AC:L/Au:N/C:C/I:C/A:C)       10.0\nCVE-2013-0448    (AV:N/AC:L/Au:N/C:N/I:P/A:N)        5.0\nCVE-2013-0449    (AV:N/AC:L/Au:N/C:P/I:N/A:N)        5.0\nCVE-2013-0450    (AV:N/AC:L/Au:N/C:C/I:C/A:C)       10.0\nCVE-2013-1472    (AV:N/AC:L/Au:N/C:C/I:C/A:C)       10.0\nCVE-2013-1473    (AV:N/AC:L/Au:N/C:N/I:P/A:N)        5.0\nCVE-2013-1474    (AV:N/AC:M/Au:N/C:C/I:C/A:C)        9.3\nCVE-2013-1475    (AV:N/AC:L/Au:N/C:C/I:C/A:C)       10.0\nCVE-2013-1476    (AV:N/AC:L/Au:N/C:C/I:C/A:C)       10.0\nCVE-2013-1477    (AV:N/AC:L/Au:N/C:C/I:C/A:C)       10.0\nCVE-2013-1478    (AV:N/AC:L/Au:N/C:C/I:C/A:C)       10.0\nCVE-2013-1479    (AV:N/AC:L/Au:N/C:C/I:C/A:C)       10.0\nCVE-2013-1480    (AV:N/AC:L/Au:N/C:C/I:C/A:C)       10.0\nCVE-2013-1481    (AV:N/AC:L/Au:N/C:C/I:C/A:C)       10.0\nCVE-2013-1482    (AV:N/AC:L/Au:N/C:C/I:C/A:C)       10.0\nCVE-2013-1483    (AV:N/AC:L/Au:N/C:C/I:C/A:C)       10.0\nCVE-2013-1484    (AV:N/AC:L/Au:N/C:C/I:C/A:C)       10.0\nCVE-2013-1485    (AV:N/AC:L/Au:N/C:N/I:P/A:N)        5.0\nCVE-2013-1486    (AV:N/AC:L/Au:N/C:C/I:C/A:C)       10.0\nCVE-2013-1487    (AV:N/AC:L/Au:N/C:C/I:C/A:C)       10.0\nCVE-2013-1489    (AV:N/AC:L/Au:N/C:C/I:C/A:C)       10.0\n===========================================================\n             Information on CVSS is documented\n            in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has provided an update for Service Manager that updates the JRE to the\nlatest version, thus eliminating known JRE7-related security vulnerabilities. \nDownload and install the updates from The HP Software Support Online (SSO). \n\nSM 9.31P2 Server Windows Server 9.31.2004 p2\n http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00423\n\nHP Itanium Server 9.31.2004 p2\n http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00420\n\nLinux Server 9.31.2004 p2\n http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00421\n\nSolaris Server 9.31.2004 p2\n http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00422\n\nAIX Server 9.31.2004 p2\n http://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00419\n\nSM 9.31P2 Web Tier\nWeb Tier 9.31.2004 p2\nhttp://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00424\n\nSM 9.31P2 Windows Client\nWindows Client 9.31.2004 p2\nhttp://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00425\n\nSM 9.31P2 Knowledge Management\nSM 9.31P2 Knowledge Management\nhttp://support.openview.hp.com/selfsolve/document/FID/DOCUMENTUM_HPSM_00426\n\nHISTORY\nVersion:1 (rev.1) - 29 April 2013 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel.  For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin List: A list of HP Security Bulletins, updated\nperiodically, is contained in HP Security Notice HPSN-2011-001:\nhttps://h20566.www2.hp.com/portal/site/hpsc/public/kb/\ndocDisplay?docId=emr_na-c02964430\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttp://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2013 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits;damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n                   Red Hat Security Advisory\n\nSynopsis:          Critical: java-1.6.0-sun security update\nAdvisory ID:       RHSA-2013:0236-01\nProduct:           Red Hat Enterprise Linux Extras\nAdvisory URL:      https://rhn.redhat.com/errata/RHSA-2013-0236.html\nIssue date:        2013-02-04\nCVE Names:         CVE-2012-1541 CVE-2012-3213 CVE-2012-3342 \n                   CVE-2013-0351 CVE-2013-0409 CVE-2013-0419 \n                   CVE-2013-0423 CVE-2013-0424 CVE-2013-0425 \n                   CVE-2013-0426 CVE-2013-0427 CVE-2013-0428 \n                   CVE-2013-0429 CVE-2013-0430 CVE-2013-0432 \n                   CVE-2013-0433 CVE-2013-0434 CVE-2013-0435 \n                   CVE-2013-0438 CVE-2013-0440 CVE-2013-0441 \n                   CVE-2013-0442 CVE-2013-0443 CVE-2013-0445 \n                   CVE-2013-0446 CVE-2013-0450 CVE-2013-1473 \n                   CVE-2013-1475 CVE-2013-1476 CVE-2013-1478 \n                   CVE-2013-1480 CVE-2013-1481 \n=====================================================================\n\n1. Summary:\n\nUpdated java-1.6.0-sun packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. \n(CVE-2012-1541, CVE-2012-3213, CVE-2012-3342, CVE-2013-0351, CVE-2013-0409,\nCVE-2013-0419, CVE-2013-0423, CVE-2013-0424, CVE-2013-0425, CVE-2013-0426,\nCVE-2013-0427, CVE-2013-0428, CVE-2013-0429, CVE-2013-0430, CVE-2013-0432,\nCVE-2013-0433, CVE-2013-0434, CVE-2013-0435, CVE-2013-0438, CVE-2013-0440,\nCVE-2013-0441, CVE-2013-0442, CVE-2013-0443, CVE-2013-0445, CVE-2013-0446,\nCVE-2013-0450, CVE-2013-1473, CVE-2013-1475, CVE-2013-1476, CVE-2013-1478,\nCVE-2013-1480, CVE-2013-1481)\n\nAll users of java-1.6.0-sun are advised to upgrade to these updated\npackages, which provide Oracle Java 6 Update 39. All running instances of\nOracle Java must be restarted for the update to take effect. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n859140 - CVE-2013-0440 OpenJDK: CPU consumption DoS via repeated SSL ClientHello packets (JSSE, 7192393)\n860652 - CVE-2013-1475 OpenJDK: IIOP type reuse sandbox bypass (CORBA, 8000540, SE-2012-01 Issue 50)\n906813 - CVE-2013-0424 OpenJDK: RMI CGIHandler XSS issue (RMI, 6563318)\n906892 - CVE-2013-0435 OpenJDK: com.sun.xml.internal.* not restricted packages (JAX-WS, 7201068)\n906894 - CVE-2013-1478 OpenJDK: image parser insufficient raster parameter checks (2D, 8001972)\n906899 - CVE-2013-0442 OpenJDK: insufficient privilege checking issue (AWT, 7192977)\n906900 - CVE-2013-0445 OpenJDK: insufficient privilege checking issue (AWT, 8001057)\n906904 - CVE-2013-1480 OpenJDK: image parser insufficient raster parameter checks (AWT, 8002325)\n906911 - CVE-2013-0450 OpenJDK: RequiredModelMBean missing access control context checks (JMX, 8000537)\n906914 - CVE-2012-1541 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment)\n906916 - CVE-2013-0446 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment)\n906917 - CVE-2012-3342 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment)\n906918 - CVE-2013-0419 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment)\n906921 - CVE-2013-0423 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment)\n906923 - CVE-2013-0351 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment)\n906930 - CVE-2013-0430 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Install)\n906933 - CVE-2013-1473 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment)\n906935 - CVE-2013-0438 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment)\n907207 - CVE-2013-0428 OpenJDK: reflection API incorrect checks for proxy classes (Libraries, 7197546, SE-2012-01 Issue 29)\n907219 - CVE-2013-0432 OpenJDK: insufficient clipboard access premission checks (AWT, 7186952)\n907223 - CVE-2012-3213 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Scripting)\n907224 - CVE-2013-1481 Oracle JDK: unspecified vulnerability fixed in 6u39 (Sound)\n907226 - CVE-2013-0409 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (JMX)\n907340 - CVE-2013-0443 OpenJDK: insufficient Diffie-Hellman public key checks (JSSE, 7192392)\n907344 - CVE-2013-0425 OpenJDK: logging insufficient access control checks (Libraries, 6664509)\n907346 - CVE-2013-0426 OpenJDK: logging insufficient access control checks (Libraries, 6664528)\n907453 - CVE-2013-0434 OpenJDK: loadPropertyFile missing restrictions (JAXP, 8001235)\n907455 - CVE-2013-0427 OpenJDK: invalid threads subject to interrupts (Libraries, 6776941)\n907456 - CVE-2013-0433 OpenJDK: InetSocketAddress serialization issue (Networking, 7201071)\n907457 - CVE-2013-1476 OpenJDK: missing ValueHandlerImpl class constructor access restriction (CORBA, 8000631)\n907458 - CVE-2013-0441 OpenJDK: missing serialization restriction (CORBA, 7201066)\n907460 - CVE-2013-0429 OpenJDK: PresentationManager incorrectly shared (CORBA, 7141694)\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\njava-1.6.0-sun-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-demo-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-devel-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-jdbc-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-plugin-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-src-1.6.0.39-1jpp.4.el5_9.i586.rpm\n\nx86_64:\njava-1.6.0-sun-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-1.6.0.39-1jpp.4.el5_9.x86_64.rpm\njava-1.6.0-sun-demo-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-demo-1.6.0.39-1jpp.4.el5_9.x86_64.rpm\njava-1.6.0-sun-devel-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-devel-1.6.0.39-1jpp.4.el5_9.x86_64.rpm\njava-1.6.0-sun-jdbc-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-jdbc-1.6.0.39-1jpp.4.el5_9.x86_64.rpm\njava-1.6.0-sun-plugin-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-plugin-1.6.0.39-1jpp.4.el5_9.x86_64.rpm\njava-1.6.0-sun-src-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-src-1.6.0.39-1jpp.4.el5_9.x86_64.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\njava-1.6.0-sun-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-demo-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-devel-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-jdbc-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-plugin-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-src-1.6.0.39-1jpp.4.el5_9.i586.rpm\n\nx86_64:\njava-1.6.0-sun-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-1.6.0.39-1jpp.4.el5_9.x86_64.rpm\njava-1.6.0-sun-demo-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-demo-1.6.0.39-1jpp.4.el5_9.x86_64.rpm\njava-1.6.0-sun-devel-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-devel-1.6.0.39-1jpp.4.el5_9.x86_64.rpm\njava-1.6.0-sun-jdbc-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-jdbc-1.6.0.39-1jpp.4.el5_9.x86_64.rpm\njava-1.6.0-sun-plugin-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-plugin-1.6.0.39-1jpp.4.el5_9.x86_64.rpm\njava-1.6.0-sun-src-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-src-1.6.0.39-1jpp.4.el5_9.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\njava-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-demo-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-jdbc-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-plugin-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-src-1.6.0.39-1jpp.1.el6_3.i686.rpm\n\nx86_64:\njava-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\njava-1.6.0-sun-demo-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\njava-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\njava-1.6.0-sun-jdbc-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\njava-1.6.0-sun-plugin-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\njava-1.6.0-sun-src-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Supplementary (v. 6):\n\nx86_64:\njava-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\njava-1.6.0-sun-demo-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\njava-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\njava-1.6.0-sun-src-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\njava-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-demo-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-jdbc-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-plugin-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-src-1.6.0.39-1jpp.1.el6_3.i686.rpm\n\nx86_64:\njava-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\njava-1.6.0-sun-demo-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\njava-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\njava-1.6.0-sun-jdbc-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\njava-1.6.0-sun-plugin-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\njava-1.6.0-sun-src-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\njava-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-demo-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-jdbc-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-plugin-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-src-1.6.0.39-1jpp.1.el6_3.i686.rpm\n\nx86_64:\njava-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\njava-1.6.0-sun-demo-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\njava-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\njava-1.6.0-sun-jdbc-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\njava-1.6.0-sun-plugin-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\njava-1.6.0-sun-src-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2012-1541.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-3213.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-3342.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0351.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0409.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0419.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0423.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0424.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0425.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0426.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0427.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0428.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0429.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0430.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0432.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0433.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0434.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0435.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0438.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0440.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0441.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0442.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0443.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0445.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0446.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0450.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1473.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1475.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1476.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1478.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1480.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1481.html\nhttps://access.redhat.com/security/updates/classification/#critical\nhttp://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e.  More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2013 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFREE7WXlSAg2UNWIIRAuWTAJ4g2iIk0XnUEpbIXz6nDgDjaHxz7ACbBcjy\ngqkoqFew2BZDYA/n817qYO8=\n=m5pJ\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nOracle Java Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA52064\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/52064/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52064\n\nRELEASE DATE:\n2013-02-02\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/52064/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/52064/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52064\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Oracle Java, which can\nbe exploited by malicious local users to gain escalated privileges and\nby malicious people to disclose certain sensitive information,\nmanipulate certain data, cause a DoS (Denial of Service), and\ncompromise a vulnerable system. \n\n1) An unspecified error in the 2D component of the client and server\ndeployment can be exploited to potentially execute arbitrary code. \n\n2) An unspecified error in the 2D component of the client and server\ndeployment can be exploited to potentially execute arbitrary code. \n\n3) An unspecified error in the AWT component of the client deployment\ncan be exploited to potentially execute arbitrary code. \n\n4) An unspecified error in the AWT component of the client deployment\ncan be exploited to potentially execute arbitrary code. \n\n5) An unspecified error in the AWT component of the client and server\ndeployment can be exploited to potentially execute arbitrary code. \n\n6) An unspecified error in the CORBA component of the client\ndeployment can be exploited to potentially execute arbitrary code. \n\n7) An unspecified error in the CORBA component of the client\ndeployment can be exploited to potentially execute arbitrary code. \n\n8) An unspecified error in the CORBA component of the client\ndeployment can be exploited to potentially execute arbitrary code. \n\n9) An unspecified error in the Deployment component of the client\ndeployment can be exploited to potentially execute arbitrary code. \n\n10) An unspecified error in the Deployment component of the client\ndeployment can be exploited to potentially execute arbitrary code. \n\n11) An unspecified error in the Deployment component of the client\ndeployment can be exploited to potentially execute arbitrary code. \n\n12) An unspecified error in the JMX component of the client\ndeployment can be exploited to potentially execute arbitrary code. \n\n13) An unspecified error in the JavaFX component of the client\ndeployment can be exploited to potentially execute arbitrary code. \n\n14) An unspecified error in the Libraries component of the client\ndeployment can be exploited to potentially execute arbitrary code. \n\n15) An unspecified error in the Libraries component of the client\ndeployment can be exploited to potentially execute arbitrary code. \n\n16) An unspecified error in the Libraries component of the client\ndeployment can be exploited to potentially execute arbitrary code. \n\n17) An unspecified error in the Scripting component of the client\ndeployment can be exploited to potentially execute arbitrary code. \n\n18) An unspecified error in the Sound component of the client\ndeployment can be exploited to potentially execute arbitrary code. \n\n19) An unspecified error in the Beans component of the client\ndeployment can be exploited to potentially execute arbitrary code. \n\n20) An unspecified error in the CORBA component of the client\ndeployment can be exploited to potentially execute arbitrary code. \n\n21) An unspecified error in the Deployment component of the client\ndeployment can be exploited to potentially execute arbitrary code. \n\n22) An unspecified error in the Deployment component of the client\ndeployment can be exploited to potentially execute arbitrary code. \n\n23) An unspecified error in the Deployment component of the client\ndeployment can be exploited to disclose and manipulate certain data\nand cause a DoS. \n\n24) An unspecified error in the Install component of the client\ndeployment can be exploited by a local user to gain escalated\nprivileges. \n\n25) An unspecified error in the AWT component of the client\ndeployment can be exploited to disclose and manipulate certain data. \n\n26) An unspecified error in the Deployment component of the client\ndeployment can be exploited to disclose certain data. \n\n27) An unspecified error in the Deployment component of the client\ndeployment can be exploited to manipulate certain data. \n\n28) An unspecified error in the JAX-WS component of the client\ndeployment can be exploited to disclose certain data. \n\n29) An unspecified error in the JAXP component of the client\ndeployment can be exploited to disclose certain data. \n\n30) An unspecified error in the JMX component of the client\ndeployment can be exploited to disclose certain data. \n\n31) An unspecified error in the JMX component of the client\ndeployment can be exploited to disclose certain data. \n\n32) An unspecified error in the Libraries component of the client\ndeployment can be exploited to manipulate certain data. \n\n33) An unspecified error in the Libraries component of the client\ndeployment can be exploited to manipulate certain data. \n\n34) An unspecified error in the Networking component of the client\ndeployment can be exploited to manipulate certain data. \n\n35) An unspecified error in the RMI component of the client\ndeployment can be exploited to manipulate certain data. \n\n36) An unspecified error in the JSSE component of the server\ndeployment can be exploited via SSL/TLS to cause a DoS. \n\n37) An unspecified error in the Deployment component of the client\ndeployment can be exploited to disclose certain data. \n\n38) An unspecified error in the JSSE component of the client\ndeployment can be exploited via SSL/TLS to disclose and manipulate\ncertain data. \n\nThe vulnerabilities are reported in the following products:\n* JDK and JRE 7 Update 11 and earlier. \n* JDK and JRE 6 Update 38 and earlier. \n* JDK and JRE 5.0 Update 38 and earlier. \n* SDK and JRE 1.4.2_40 and earlier. \n\nSOLUTION:\nApply updates. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\nOne of the vulnerabilities is reported as a 0-day. It is currently\nunclear who reported the remaining vulnerabilities as the Oracle Jave\nSE Critical Patch Update for February 2013 only provides a bundled\nlist of credits. This section will be updated when/if the original\nreporter provides more information. \n\nORIGINAL ADVISORY:\nhttp://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html\nhttp://www.oracle.com/technetwork/topics/security/javacpufeb2013verbose-1841196.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-0430"
      },
      {
        "db": "CERT/CC",
        "id": "VU#858729"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001398"
      },
      {
        "db": "BID",
        "id": "57722"
      },
      {
        "db": "PACKETSTORM",
        "id": "123874"
      },
      {
        "db": "PACKETSTORM",
        "id": "120334"
      },
      {
        "db": "PACKETSTORM",
        "id": "124943"
      },
      {
        "db": "PACKETSTORM",
        "id": "121464"
      },
      {
        "db": "PACKETSTORM",
        "id": "120030"
      },
      {
        "db": "PACKETSTORM",
        "id": "124431"
      },
      {
        "db": "PACKETSTORM",
        "id": "120009"
      },
      {
        "db": "PACKETSTORM",
        "id": "120031"
      }
    ],
    "trust": 3.33
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "CERT/CC",
        "id": "VU#858729",
        "trust": 2.9
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0430",
        "trust": 2.8
      },
      {
        "db": "USCERT",
        "id": "TA13-032A",
        "trust": 1.8
      },
      {
        "db": "BID",
        "id": "57722",
        "trust": 1.3
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001398",
        "trust": 0.8
      },
      {
        "db": "ICS CERT",
        "id": "ICSA-17-213-02",
        "trust": 0.3
      },
      {
        "db": "PACKETSTORM",
        "id": "123874",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "120334",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "124943",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "121464",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "120030",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "124431",
        "trust": 0.1
      },
      {
        "db": "SECUNIA",
        "id": "52064",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "120009",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "120031",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#858729"
      },
      {
        "db": "BID",
        "id": "57722"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001398"
      },
      {
        "db": "PACKETSTORM",
        "id": "123874"
      },
      {
        "db": "PACKETSTORM",
        "id": "120334"
      },
      {
        "db": "PACKETSTORM",
        "id": "124943"
      },
      {
        "db": "PACKETSTORM",
        "id": "121464"
      },
      {
        "db": "PACKETSTORM",
        "id": "120030"
      },
      {
        "db": "PACKETSTORM",
        "id": "124431"
      },
      {
        "db": "PACKETSTORM",
        "id": "120009"
      },
      {
        "db": "PACKETSTORM",
        "id": "120031"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0430"
      }
    ]
  },
  "id": "VAR-201302-0232",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 1.0
  },
  "last_update_date": "2024-11-28T21:37:14.867000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "HPSBMU02874 SSRT101184",
        "trust": 0.8,
        "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en\u0026cc=us\u0026objectID=c03748879"
      },
      {
        "title": "Oracle Java SE Critical Patch Update Advisory - February 2013",
        "trust": 0.8,
        "url": "http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html"
      },
      {
        "title": "Text Form of Oracle Java SE Critical Patch Update - February 2013 Risk Matrices",
        "trust": 0.8,
        "url": "http://www.oracle.com/technetwork/topics/security/javacpufeb2013verbose-1841196.html"
      },
      {
        "title": "RHSA-2013:0236",
        "trust": 0.8,
        "url": "http://rhn.redhat.com/errata/RHSA-2013-0236.html"
      },
      {
        "title": "RHSA-2013:0237",
        "trust": 0.8,
        "url": "http://rhn.redhat.com/errata/RHSA-2013-0237.html"
      },
      {
        "title": "February 2013 Critical Patch Update for Java SE Released",
        "trust": 0.8,
        "url": "https://blogs.oracle.com/security/entry/february_2013_critical_patch_update"
      },
      {
        "title": "Oracle Corporation Java\u30d7\u30e9\u30b0\u30a4\u30f3\u306e\u8106\u5f31\u6027\u306b\u95a2\u3059\u308b\u304a\u77e5\u3089\u305b",
        "trust": 0.8,
        "url": "http://www.fmworld.net/biz/common/oracle/20130204.html"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001398"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-noinfo",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2013-0430"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.4,
        "url": "http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html"
      },
      {
        "trust": 2.1,
        "url": "http://www.kb.cert.org/vuls/id/858729"
      },
      {
        "trust": 1.8,
        "url": "http://www.us-cert.gov/cas/techalerts/ta13-032a.html"
      },
      {
        "trust": 1.1,
        "url": "http://rhn.redhat.com/errata/rhsa-2013-0236.html"
      },
      {
        "trust": 1.1,
        "url": "http://rhn.redhat.com/errata/rhsa-2013-0237.html"
      },
      {
        "trust": 1.0,
        "url": "http://marc.info/?l=bugtraq\u0026m=136733161405818\u0026w=2"
      },
      {
        "trust": 1.0,
        "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a16600"
      },
      {
        "trust": 1.0,
        "url": "http://www.securityfocus.com/bid/57722"
      },
      {
        "trust": 0.9,
        "url": "http://www.oracle.com/technetwork/topics/security/javacpufeb2013verbose-1841196.html"
      },
      {
        "trust": 0.8,
        "url": "http://taosecurity.blogspot.com/2012/11/do-devs-care-about-java-insecurity.html?showcomment=1353874245992#c4794680666510382012"
      },
      {
        "trust": 0.8,
        "url": "http://codeascraft.etsy.com/2013/03/18/java-not-even-once/"
      },
      {
        "trust": 0.8,
        "url": "http://blogs.technet.com/b/srd/archive/2013/05/29/java-when-you-cannot-let-go.aspx"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-0430"
      },
      {
        "trust": 0.8,
        "url": "http://www.ipa.go.jp/security/ciadr/vul/20130204-jre.html"
      },
      {
        "trust": 0.8,
        "url": "https://www.jpcert.or.jp/at/2013/at130007.txt"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/cert/jvnta13-032a"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-0430"
      },
      {
        "trust": 0.7,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1541"
      },
      {
        "trust": 0.6,
        "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21650822"
      },
      {
        "trust": 0.6,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0429"
      },
      {
        "trust": 0.6,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3342"
      },
      {
        "trust": 0.6,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0428"
      },
      {
        "trust": 0.6,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0351"
      },
      {
        "trust": 0.6,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0430"
      },
      {
        "trust": 0.6,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0409"
      },
      {
        "trust": 0.6,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0419"
      },
      {
        "trust": 0.6,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3213"
      },
      {
        "trust": 0.6,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0426"
      },
      {
        "trust": 0.6,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0440"
      },
      {
        "trust": 0.6,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0423"
      },
      {
        "trust": 0.6,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0425"
      },
      {
        "trust": 0.5,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0433"
      },
      {
        "trust": 0.5,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0435"
      },
      {
        "trust": 0.5,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0438"
      },
      {
        "trust": 0.5,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0434"
      },
      {
        "trust": 0.5,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0432"
      },
      {
        "trust": 0.5,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0427"
      },
      {
        "trust": 0.5,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0424"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0437"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0431"
      },
      {
        "trust": 0.3,
        "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21650623"
      },
      {
        "trust": 0.3,
        "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c03748879"
      },
      {
        "trust": 0.3,
        "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644918"
      },
      {
        "trust": 0.3,
        "url": "http://www.oracle.com/technetwork/java/index.html"
      },
      {
        "trust": 0.3,
        "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24033920"
      },
      {
        "trust": 0.3,
        "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24033922"
      },
      {
        "trust": 0.3,
        "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24031555"
      },
      {
        "trust": 0.3,
        "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24034621"
      },
      {
        "trust": 0.3,
        "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-213-02"
      },
      {
        "trust": 0.3,
        "url": "http://prod.lists.apple.com/archives/security-announce/2013/feb/msg00000.html"
      },
      {
        "trust": 0.3,
        "url": "https://downloads.avaya.com/css/p8/documents/100171276"
      },
      {
        "trust": 0.3,
        "url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c03748879"
      },
      {
        "trust": 0.3,
        "url": "https://downloads.avaya.com/css/p8/documents/100169783"
      },
      {
        "trust": 0.3,
        "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21628927"
      },
      {
        "trust": 0.3,
        "url": "http://www.xerox.com/download/security/security-bulletin/1683f-4d960e4b16bb2/cert_xrx13-004_v1.01.pdf"
      },
      {
        "trust": 0.3,
        "url": "http://support.openview.hp.com/selfsolve/document/fid/documentum_hpsm_00424"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0169"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0436"
      },
      {
        "trust": 0.3,
        "url": "http://support.openview.hp.com/selfsolve/document/fid/documentum_hpsm_00422"
      },
      {
        "trust": 0.3,
        "url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
      },
      {
        "trust": 0.3,
        "url": "http://support.openview.hp.com/selfsolve/document/fid/documentum_hpsm_00426"
      },
      {
        "trust": 0.3,
        "url": "http://support.openview.hp.com/selfsolve/document/fid/documentum_hpsm_00420"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-4301"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1543"
      },
      {
        "trust": 0.3,
        "url": "http://support.openview.hp.com/selfsolve/document/fid/documentum_hpsm_00421"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-4305"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0439"
      },
      {
        "trust": 0.3,
        "url": "http://support.openview.hp.com/selfsolve/document/fid/documentum_hpsm_00425"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0442"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0446"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0441"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0443"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0445"
      },
      {
        "trust": 0.2,
        "url": "http://support.openview.hp.com/selfsolve/document/lid/hpsm_00486"
      },
      {
        "trust": 0.2,
        "url": "http://support.openview.hp.com/selfsolve/document/lid/hpsm_00488"
      },
      {
        "trust": 0.2,
        "url": "http://support.openview.hp.com/selfsolve/document/lid/hpsm_00489"
      },
      {
        "trust": 0.2,
        "url": "http://support.openview.hp.com/selfsolve/document/lid/hpsm_00484"
      },
      {
        "trust": 0.2,
        "url": "http://support.openview.hp.com/selfsolve/document/lid/hpsm_00482"
      },
      {
        "trust": 0.2,
        "url": "http://support.openview.hp.com/selfsolve/document/lid/hpsm_00483"
      },
      {
        "trust": 0.2,
        "url": "http://support.openview.hp.com/selfsolve/document/fid/documentum_hpsm_00423"
      },
      {
        "trust": 0.2,
        "url": "http://support.openview.hp.com/selfsolve/document/fid/documentum_hpsm_00419"
      },
      {
        "trust": 0.2,
        "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/"
      },
      {
        "trust": 0.2,
        "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
      },
      {
        "trust": 0.2,
        "url": "http://support.openview.hp.com/selfsolve/document/lid/hpsm_00487"
      },
      {
        "trust": 0.2,
        "url": "http://support.openview.hp.com/selfsolve/document/lid/hpsm_00485"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0450"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1475"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0444"
      },
      {
        "trust": 0.2,
        "url": "https://www.redhat.com/security/data/cve/cve-2013-0430.html"
      },
      {
        "trust": 0.2,
        "url": "https://www.redhat.com/security/data/cve/cve-2013-0440.html"
      },
      {
        "trust": 0.2,
        "url": "https://www.redhat.com/security/data/cve/cve-2012-3213.html"
      },
      {
        "trust": 0.2,
        "url": "https://www.redhat.com/security/data/cve/cve-2013-0427.html"
      },
      {
        "trust": 0.2,
        "url": "https://www.redhat.com/security/data/cve/cve-2013-1476.html"
      },
      {
        "trust": 0.2,
        "url": "https://www.redhat.com/security/data/cve/cve-2013-0433.html"
      },
      {
        "trust": 0.2,
        "url": "https://www.redhat.com/security/data/cve/cve-2013-1475.html"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/updates/classification/#critical"
      },
      {
        "trust": 0.2,
        "url": "https://www.redhat.com/security/data/cve/cve-2013-0445.html"
      },
      {
        "trust": 0.2,
        "url": "https://www.redhat.com/security/data/cve/cve-2013-0432.html"
      },
      {
        "trust": 0.2,
        "url": "https://www.redhat.com/security/data/cve/cve-2013-0446.html"
      },
      {
        "trust": 0.2,
        "url": "https://www.redhat.com/security/data/cve/cve-2013-0428.html"
      },
      {
        "trust": 0.2,
        "url": "https://www.redhat.com/security/data/cve/cve-2013-1480.html"
      },
      {
        "trust": 0.2,
        "url": "https://www.redhat.com/security/data/cve/cve-2012-3342.html"
      },
      {
        "trust": 0.2,
        "url": "https://www.redhat.com/security/data/cve/cve-2013-0425.html"
      },
      {
        "trust": 0.2,
        "url": "https://www.redhat.com/security/data/cve/cve-2013-0442.html"
      },
      {
        "trust": 0.2,
        "url": "https://www.redhat.com/security/data/cve/cve-2013-0429.html"
      },
      {
        "trust": 0.2,
        "url": "https://www.redhat.com/security/data/cve/cve-2013-0450.html"
      },
      {
        "trust": 0.2,
        "url": "https://www.redhat.com/security/data/cve/cve-2013-0419.html"
      },
      {
        "trust": 0.2,
        "url": "https://www.redhat.com/security/data/cve/cve-2013-0424.html"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/team/contact/"
      },
      {
        "trust": 0.2,
        "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
      },
      {
        "trust": 0.2,
        "url": "https://www.redhat.com/security/data/cve/cve-2013-0409.html"
      },
      {
        "trust": 0.2,
        "url": "https://www.redhat.com/security/data/cve/cve-2012-1541.html"
      },
      {
        "trust": 0.2,
        "url": "https://www.redhat.com/security/data/cve/cve-2013-1473.html"
      },
      {
        "trust": 0.2,
        "url": "https://www.redhat.com/security/data/cve/cve-2013-0423.html"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/knowledge/articles/11258"
      },
      {
        "trust": 0.2,
        "url": "https://www.redhat.com/security/data/cve/cve-2013-0443.html"
      },
      {
        "trust": 0.2,
        "url": "https://www.redhat.com/security/data/cve/cve-2013-0438.html"
      },
      {
        "trust": 0.2,
        "url": "https://www.redhat.com/security/data/cve/cve-2013-0435.html"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/team/key/#package"
      },
      {
        "trust": 0.2,
        "url": "https://www.redhat.com/security/data/cve/cve-2013-0434.html"
      },
      {
        "trust": 0.2,
        "url": "https://www.redhat.com/security/data/cve/cve-2013-1478.html"
      },
      {
        "trust": 0.2,
        "url": "http://bugzilla.redhat.com/):"
      },
      {
        "trust": 0.2,
        "url": "https://www.redhat.com/security/data/cve/cve-2013-0351.html"
      },
      {
        "trust": 0.2,
        "url": "https://www.redhat.com/security/data/cve/cve-2013-0441.html"
      },
      {
        "trust": 0.2,
        "url": "https://www.redhat.com/security/data/cve/cve-2013-0426.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1481"
      },
      {
        "trust": 0.1,
        "url": "http://www.ubuntu.com/usn/usn-1724-1"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/openjdk-6/6b27-1.12.1-2ubuntu0.12.04.2"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0448"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/openjdk-6/6b27-1.12.1-2ubuntu0.10.04.2"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/openjdk-6/6b27-1.12.1-2ubuntu0.11.10.2"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/openjdk-7/7u13-2.3.6-0ubuntu0.12.10.1"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1480"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0449"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1478"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1476"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0507"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5870"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0503"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0419"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2469"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2443"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1717"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1716"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0505"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1518"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2419"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1558"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3829"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5818"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1541"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5829"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5804"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1485"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5889"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0449"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2440"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5806"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5087"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2422"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1540"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0385"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2427"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2437"
      },
      {
        "trust": 0.1,
        "url": "http://creativecommons.org/licenses/by-sa/2.5"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0445"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0500"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5075"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2468"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3743"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0422"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0501"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2426"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5893"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3159"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3174"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5084"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5888"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1711"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0437"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2461"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0373"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0351"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1563"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5789"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5820"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0504"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1682"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2470"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0547"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5899"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2451"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5801"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5823"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0423"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2459"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5832"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5848"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0428"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2460"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1713"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0415"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5784"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1719"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1533"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2400"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1564"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3143"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5830"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0448"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5800"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0438"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5810"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5905"
      },
      {
        "trust": 0.1,
        "url": "http://security.gentoo.org/glsa/glsa-201401-30.xml"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5904"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2456"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5803"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5831"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5086"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2452"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2383"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2447"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2423"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5778"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0422"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2445"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2450"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5780"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5073"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1493"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2446"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3744"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5854"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2394"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5069"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-5035"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0498"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1500"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5852"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5777"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0547"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5850"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0499"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2384"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0499"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1557"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0409"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1532"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2428"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2453"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0401"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5085"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2407"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2421"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4681"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2462"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0423"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2429"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5083"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0375"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2439"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5068"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2416"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3136"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0376"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5824"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3342"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5776"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5071"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1531"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0417"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0504"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1723"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0497"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5819"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0507"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1722"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5774"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5782"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5895"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2466"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1725"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5790"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5805"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0403"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5802"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0446"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1719"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5849"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-5035"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2448"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2418"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2458"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5788"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0416"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5825"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0506"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1484"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0424"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2430"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1473"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2415"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5887"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0418"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3216"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1718"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5772"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0410"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0368"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1717"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2425"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5074"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0500"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2454"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2444"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5072"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2436"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1722"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4416"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1537"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5902"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2432"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0387"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0502"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1716"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1533"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2449"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0503"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2457"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2438"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1721"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0382"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0169"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5812"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3563"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0809"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5077"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3213"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5846"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1718"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0497"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1723"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1726"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1571"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5775"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5787"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5081"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5898"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5840"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1531"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5851"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2465"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1481"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2431"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3563"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2433"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2473"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5844"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5906"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5783"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1711"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2463"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1532"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1561"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2412"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2435"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1491"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5809"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5910"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2420"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1487"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1713"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5907"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0501"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2417"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2471"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5896"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5843"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5067"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1682"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0498"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2414"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2424"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5076"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2467"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5842"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5079"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0411"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1721"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1569"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1724"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5797"
      },
      {
        "trust": 0.1,
        "url": "http://security.gentoo.org/"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5070"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1479"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1486"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2434"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2442"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1488"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2464"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2472"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0502"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5878"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0505"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5817"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5814"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0408"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0402"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2012-0506"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5838"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0430"
      },
      {
        "trust": 0.1,
        "url": "https://bugs.gentoo.org."
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2455"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5088"
      },
      {
        "trust": 0.1,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5089"
      },
      {
        "trust": 0.1,
        "url": "http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
      },
      {
        "trust": 0.1,
        "url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/"
      },
      {
        "trust": 0.1,
        "url": "https://www.redhat.com/security/data/cve/cve-2013-1481.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1473"
      },
      {
        "trust": 0.1,
        "url": "http://support.openview.hp.com/selfsolve/document/fid/documentum_hpsm_0041"
      },
      {
        "trust": 0.1,
        "url": "http://support.openview.hp.com/selfsolve/document/lid/hpsc_00282"
      },
      {
        "trust": 0.1,
        "url": "http://support.openview.hp.com/selfsolve/document/lid/hpsc_00280"
      },
      {
        "trust": 0.1,
        "url": "http://support.openview.hp.com/selfsolve/document/lid/hpsc_00284"
      },
      {
        "trust": 0.1,
        "url": "http://support.openview.hp.com/selfsolve/document/lid/hpsc_00283"
      },
      {
        "trust": 0.1,
        "url": "http://support.openview.hp.com/selfsolve/document/lid/hpsc_00286"
      },
      {
        "trust": 0.1,
        "url": "http://support.openview.hp.com/selfsolve/document/lid/hpsc_00281"
      },
      {
        "trust": 0.1,
        "url": "http://support.openview.hp.com/selfsolve/document/lid/hpsc_00285"
      },
      {
        "trust": 0.1,
        "url": "http://support.openview.hp.com/selfsolve/document/lid/hpsc_00279"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/52064/#comments"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/vulnerability_intelligence/"
      },
      {
        "trust": 0.1,
        "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52064"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/52064/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/vulnerability_scanning/personal/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/blog/325/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/about_secunia_advisories/"
      },
      {
        "trust": 0.1,
        "url": "https://www.redhat.com/security/data/cve/cve-2013-1489.html"
      },
      {
        "trust": 0.1,
        "url": "https://www.redhat.com/security/data/cve/cve-2013-0431.html"
      },
      {
        "trust": 0.1,
        "url": "https://www.redhat.com/security/data/cve/cve-2013-0448.html"
      },
      {
        "trust": 0.1,
        "url": "https://www.redhat.com/security/data/cve/cve-2013-0437.html"
      },
      {
        "trust": 0.1,
        "url": "https://www.redhat.com/security/data/cve/cve-2013-0444.html"
      },
      {
        "trust": 0.1,
        "url": "https://www.redhat.com/security/data/cve/cve-2013-1479.html"
      },
      {
        "trust": 0.1,
        "url": "https://www.redhat.com/security/data/cve/cve-2013-0449.html"
      }
    ],
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#858729"
      },
      {
        "db": "BID",
        "id": "57722"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001398"
      },
      {
        "db": "PACKETSTORM",
        "id": "123874"
      },
      {
        "db": "PACKETSTORM",
        "id": "120334"
      },
      {
        "db": "PACKETSTORM",
        "id": "124943"
      },
      {
        "db": "PACKETSTORM",
        "id": "121464"
      },
      {
        "db": "PACKETSTORM",
        "id": "120030"
      },
      {
        "db": "PACKETSTORM",
        "id": "124431"
      },
      {
        "db": "PACKETSTORM",
        "id": "120009"
      },
      {
        "db": "PACKETSTORM",
        "id": "120031"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0430"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CERT/CC",
        "id": "VU#858729"
      },
      {
        "db": "BID",
        "id": "57722"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2013-001398"
      },
      {
        "db": "PACKETSTORM",
        "id": "123874"
      },
      {
        "db": "PACKETSTORM",
        "id": "120334"
      },
      {
        "db": "PACKETSTORM",
        "id": "124943"
      },
      {
        "db": "PACKETSTORM",
        "id": "121464"
      },
      {
        "db": "PACKETSTORM",
        "id": "120030"
      },
      {
        "db": "PACKETSTORM",
        "id": "124431"
      },
      {
        "db": "PACKETSTORM",
        "id": "120009"
      },
      {
        "db": "PACKETSTORM",
        "id": "120031"
      },
      {
        "db": "NVD",
        "id": "CVE-2013-0430"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-02-01T00:00:00",
        "db": "CERT/CC",
        "id": "VU#858729"
      },
      {
        "date": "2013-02-01T00:00:00",
        "db": "BID",
        "id": "57722"
      },
      {
        "date": "2013-02-05T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-001398"
      },
      {
        "date": "2013-11-01T13:37:00",
        "db": "PACKETSTORM",
        "id": "123874"
      },
      {
        "date": "2013-02-15T05:00:41",
        "db": "PACKETSTORM",
        "id": "120334"
      },
      {
        "date": "2014-01-27T18:30:13",
        "db": "PACKETSTORM",
        "id": "124943"
      },
      {
        "date": "2013-04-30T21:07:53",
        "db": "PACKETSTORM",
        "id": "121464"
      },
      {
        "date": "2013-02-05T01:09:08",
        "db": "PACKETSTORM",
        "id": "120030"
      },
      {
        "date": "2013-12-14T11:11:00",
        "db": "PACKETSTORM",
        "id": "124431"
      },
      {
        "date": "2013-02-04T10:48:27",
        "db": "PACKETSTORM",
        "id": "120009"
      },
      {
        "date": "2013-02-05T01:09:24",
        "db": "PACKETSTORM",
        "id": "120031"
      },
      {
        "date": "2013-02-02T00:55:01.803000",
        "db": "NVD",
        "id": "CVE-2013-0430"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2013-06-14T00:00:00",
        "db": "CERT/CC",
        "id": "VU#858729"
      },
      {
        "date": "2017-08-03T12:09:00",
        "db": "BID",
        "id": "57722"
      },
      {
        "date": "2013-06-14T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2013-001398"
      },
      {
        "date": "2024-11-21T01:47:31.980000",
        "db": "NVD",
        "id": "CVE-2013-0430"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "network",
    "sources": [
      {
        "db": "BID",
        "id": "57722"
      }
    ],
    "trust": 0.3
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Oracle Java contains multiple vulnerabilities",
    "sources": [
      {
        "db": "CERT/CC",
        "id": "VU#858729"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Unknown",
    "sources": [
      {
        "db": "BID",
        "id": "57722"
      }
    ],
    "trust": 0.3
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.