Vulnerability-Lookup - Search a vulnerability

All the vulnerabilites related to suse - linux_enterprise_java

Vulnerability from fkie_nvd

Published

2012-06-07 22:55

Modified

2025-01-06 19:22

Severity ?

Summary

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Concurrency. NOTE: the previous information was obtained from the February 2012 Oracle CPU. Oracle has not commented on claims from a downstream vendor and third party researchers that this issue occurs because the AtomicReferenceArray class implementation does not ensure that the array is of the Object[] type, which allows attackers to cause a denial of service (JVM crash) or bypass Java sandbox restrictions. NOTE: this issue was originally mapped to CVE-2011-3571, but that identifier was already assigned to a different issue.

References

URL	Tags
secalert_us@oracle.com	http://blogs.technet.com/b/mmpc/archive/2012/03/20/an-interesting-case-of-jre-sandbox-breach-cve-2012-0507.aspx	Third Party Advisory
secalert_us@oracle.com	http://krebsonsecurity.com/2012/03/new-java-attack-rolled-into-exploit-packs/	Third Party Advisory
secalert_us@oracle.com	http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html	Issue Tracking, Third Party Advisory
secalert_us@oracle.com	http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00010.html	Mailing List, Third Party Advisory
secalert_us@oracle.com	http://marc.info/?l=bugtraq&m=133364885411663&w=2	Third Party Advisory
secalert_us@oracle.com	http://marc.info/?l=bugtraq&m=133364885411663&w=2	Third Party Advisory
secalert_us@oracle.com	http://marc.info/?l=bugtraq&m=133365109612558&w=2	Third Party Advisory
secalert_us@oracle.com	http://marc.info/?l=bugtraq&m=133365109612558&w=2	Third Party Advisory
secalert_us@oracle.com	http://marc.info/?l=bugtraq&m=133847939902305&w=2	Third Party Advisory
secalert_us@oracle.com	http://marc.info/?l=bugtraq&m=133847939902305&w=2	Third Party Advisory
secalert_us@oracle.com	http://marc.info/?l=bugtraq&m=134254866602253&w=2	Third Party Advisory
secalert_us@oracle.com	http://marc.info/?l=bugtraq&m=134254957702612&w=2	Third Party Advisory
secalert_us@oracle.com	http://marc.info/?l=bugtraq&m=134254957702612&w=2	Third Party Advisory
secalert_us@oracle.com	http://rhn.redhat.com/errata/RHSA-2012-0508.html	Third Party Advisory
secalert_us@oracle.com	http://rhn.redhat.com/errata/RHSA-2012-0514.html	Third Party Advisory
secalert_us@oracle.com	http://rhn.redhat.com/errata/RHSA-2013-1455.html	Third Party Advisory
secalert_us@oracle.com	http://secunia.com/advisories/48589	Not Applicable
secalert_us@oracle.com	http://secunia.com/advisories/48692	Not Applicable
secalert_us@oracle.com	http://secunia.com/advisories/48915	Not Applicable
secalert_us@oracle.com	http://secunia.com/advisories/48948	Not Applicable
secalert_us@oracle.com	http://secunia.com/advisories/48950	Not Applicable
secalert_us@oracle.com	http://weblog.ikvm.net/PermaLink.aspx?guid=cd48169a-9405-4f63-9087-798c4a1866d3	Exploit
secalert_us@oracle.com	http://www.debian.org/security/2012/dsa-2420	Mailing List, Third Party Advisory
secalert_us@oracle.com	http://www.oracle.com/technetwork/topics/security/javacpufeb2012-366318.html	Vendor Advisory
secalert_us@oracle.com	http://www.securityfocus.com/bid/52161	Exploit, Third Party Advisory, VDB Entry
secalert_us@oracle.com	https://bugzilla.redhat.com/show_bug.cgi?id=788994	Issue Tracking
af854a3a-2127-422b-91ae-364da2661108	http://blogs.technet.com/b/mmpc/archive/2012/03/20/an-interesting-case-of-jre-sandbox-breach-cve-2012-0507.aspx	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://krebsonsecurity.com/2012/03/new-java-attack-rolled-into-exploit-packs/	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html	Issue Tracking, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00010.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=133364885411663&w=2	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=133364885411663&w=2	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=133365109612558&w=2	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=133365109612558&w=2	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=133847939902305&w=2	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=133847939902305&w=2	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=134254866602253&w=2	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=134254957702612&w=2	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=134254957702612&w=2	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2012-0508.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2012-0514.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2013-1455.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/48589	Not Applicable
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/48692	Not Applicable
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/48915	Not Applicable
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/48948	Not Applicable
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/48950	Not Applicable
af854a3a-2127-422b-91ae-364da2661108	http://weblog.ikvm.net/PermaLink.aspx?guid=cd48169a-9405-4f63-9087-798c4a1866d3	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2012/dsa-2420	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.oracle.com/technetwork/topics/security/javacpufeb2012-366318.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/52161	Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=788994	Issue Tracking

Impacted products

Vendor	Product	Version
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
sun	jre	1.6.0
sun	jre	1.6.0
sun	jre	1.6.0
sun	jre	1.6.0
sun	jre	1.6.0
sun	jre	1.6.0
sun	jre	1.6.0
sun	jre	1.6.0
sun	jre	1.6.0
sun	jre	1.6.0
sun	jre	1.6.0
sun	jre	1.6.0
sun	jre	1.6.0
sun	jre	1.6.0
sun	jre	1.6.0
sun	jre	1.6.0
sun	jre	1.6.0
sun	jre	1.6.0
sun	jre	1.6.0
sun	jre	1.6.0
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.7.0
debian	debian_linux	6.0
debian	debian_linux	7.0
suse	linux_enterprise_desktop	10
suse	linux_enterprise_java	10
suse	linux_enterprise_java	11
suse	linux_enterprise_server	10
suse	linux_enterprise_server	11
suse	linux_enterprise_server	11
suse	linux_enterprise_server	11
suse	linux_enterprise_software_development_kit	11
suse	linux_enterprise_software_development_kit	11

JSON

To clipboard

{
  "cisaActionDue": "2022-03-24",
  "cisaExploitAdd": "2022-03-03",
  "cisaRequiredAction": "Apply updates per vendor instructions.",
  "cisaVulnerabilityName": "Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "5F0AD0F9-E797-4E16-95F3-C1AFDA557D78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update1:*:*:*:*:*:*",
              "matchCriteriaId": "A7FC09E8-7F30-4FE4-912E-588AA250E2A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update10:*:*:*:*:*:*",
              "matchCriteriaId": "A586DE4E-8A46-41DE-9FDB-5FDB81DCC87B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update11:*:*:*:*:*:*",
              "matchCriteriaId": "9919D091-73D7-465A-80FF-F37D6CAF9F46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update12:*:*:*:*:*:*",
              "matchCriteriaId": "02565D6F-4CB2-4671-A4EF-3169BCFA6154",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update13:*:*:*:*:*:*",
              "matchCriteriaId": "452A3E51-9EAC-451D-BA04-A1E7B7D917EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update14:*:*:*:*:*:*",
              "matchCriteriaId": "3E8C6AAC-C90B-4220-A69B-2A886A35CF5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update15:*:*:*:*:*:*",
              "matchCriteriaId": "55231B6B-9298-4363-9B5A-14C2DA7B1F50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update16:*:*:*:*:*:*",
              "matchCriteriaId": "E42CF0F7-418C-4BB6-9B73-FA3B9171D092",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update17:*:*:*:*:*:*",
              "matchCriteriaId": "A5467E9D-07D8-4BEB-84D5-A3136C133519",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update18:*:*:*:*:*:*",
              "matchCriteriaId": "B83B2CE1-45D7-47AD-BC0A-6EC74D5F8F5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update19:*:*:*:*:*:*",
              "matchCriteriaId": "8A32F326-EA92-43CD-930E-E527B60CDD3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update2:*:*:*:*:*:*",
              "matchCriteriaId": "7EA5B9E9-654D-44F7-AE98-3D8B382804AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update20:*:*:*:*:*:*",
              "matchCriteriaId": "04344167-530E-4A4D-90EF-74C684943DF1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update21:*:*:*:*:*:*",
              "matchCriteriaId": "B0E0373B-201D-408F-9234-A7EFE8B4970D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update22:*:*:*:*:*:*",
              "matchCriteriaId": "15EAD76D-D5D0-4984-9D07-C1451D791083",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update23:*:*:*:*:*:*",
              "matchCriteriaId": "DE949EBF-2BC0-4355-8B28-B494023D45FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update24:*:*:*:*:*:*",
              "matchCriteriaId": "7E0A0A2D-62B9-4A00-84EF-90C15E47A632",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update25:*:*:*:*:*:*",
              "matchCriteriaId": "A070A282-CBD6-4041-B149-5E310BD12E7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update26:*:*:*:*:*:*",
              "matchCriteriaId": "3ECAE71B-C549-4EFB-A509-BFD599F5917A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update27:*:*:*:*:*:*",
              "matchCriteriaId": "044BADDD-A80B-4AE2-8595-5F8186314550",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update28:*:*:*:*:*:*",
              "matchCriteriaId": "B7FC11BE-8CF7-4D45-BB4A-3EFA1DDBB10D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update29:*:*:*:*:*:*",
              "matchCriteriaId": "1D75C40D-62AE-47F2-A6E0-53F3495260BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update3:*:*:*:*:*:*",
              "matchCriteriaId": "44051CFE-D15D-4416-A123-F3E49C67A9E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update31:*:*:*:*:*:*",
              "matchCriteriaId": "4C061911-FB19-45EB-8E88-7450224F4023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update33:*:*:*:*:*:*",
              "matchCriteriaId": "0E8009BC-F5A8-4D00-9F5F-8635475C6065",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update4:*:*:*:*:*:*",
              "matchCriteriaId": "F296ACF3-1373-429D-B991-8B5BA704A7EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update5:*:*:*:*:*:*",
              "matchCriteriaId": "B863420B-DE16-416A-9640-1A1340A9B855",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update6:*:*:*:*:*:*",
              "matchCriteriaId": "724C972F-74FE-4044-BBC4-7E0E61FC9002",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update7:*:*:*:*:*:*",
              "matchCriteriaId": "46F41C15-0EF4-4115-BFAA-EEAD56FAEEDB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update8:*:*:*:*:*:*",
              "matchCriteriaId": "EBE909DE-E55A-4BD3-A5BF-ADE407432193",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update9:*:*:*:*:*:*",
              "matchCriteriaId": "5DAC04D2-68FD-4793-A8E7-4690A543D7D4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update22:*:*:*:*:*:*",
              "matchCriteriaId": "EF13B96D-1F80-4672-8DA3-F86F6D3BF070",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update23:*:*:*:*:*:*",
              "matchCriteriaId": "D1A2D440-D966-41A6-955D-38B28DDE0FDB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update24:*:*:*:*:*:*",
              "matchCriteriaId": "B1C57774-AD93-4162-8E45-92B09139C808",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update25:*:*:*:*:*:*",
              "matchCriteriaId": "CD7C4194-D34A-418F-9B00-5C6012844AAE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update26:*:*:*:*:*:*",
              "matchCriteriaId": "DAF7D86B-1B4D-4E1F-9EF0-DA7E419D7E99",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update27:*:*:*:*:*:*",
              "matchCriteriaId": "F0B82FB1-0F0E-44F9-87AE-628517279E4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update29:*:*:*:*:*:*",
              "matchCriteriaId": "A0A67640-2F4A-488A-9D8F-3FE1F4DA8DEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update30:*:*:*:*:*:*",
              "matchCriteriaId": "0D60D98D-4363-44A0-AAB4-B61BA623EE21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.6.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "9AF0780E-830E-4971-8F79-8FCF5D2EBC20",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_1:*:*:*:*:*:*",
              "matchCriteriaId": "09027C19-D442-446F-B7A8-21DB6787CF43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_10:*:*:*:*:*:*",
              "matchCriteriaId": "0A0FEC28-0707-4F42-9740-78F3D2D551EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_11:*:*:*:*:*:*",
              "matchCriteriaId": "C3C5879A-A608-4230-9DC1-C27F0F48A13B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_12:*:*:*:*:*:*",
              "matchCriteriaId": "0C71089A-BDDE-41FC-9DF9-9AEF4C2374DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_13:*:*:*:*:*:*",
              "matchCriteriaId": "2DBB6B73-8D6B-41FF-BEE0-E0C7F5F1EB41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_14:*:*:*:*:*:*",
              "matchCriteriaId": "12A3B254-8580-45DB-BDE4-5B5A29CBFFB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_15:*:*:*:*:*:*",
              "matchCriteriaId": "1DB1DE6A-66AE-499B-AD92-9E6ACE474C6D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_16:*:*:*:*:*:*",
              "matchCriteriaId": "AADBB4F9-E43E-428B-9979-F47A15696C85",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_17:*:*:*:*:*:*",
              "matchCriteriaId": "49260B94-05DE-4B78-9068-6F5F6BFDD19E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_18:*:*:*:*:*:*",
              "matchCriteriaId": "C4FDE9EB-08FE-436E-A265-30E83B15DB23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_19:*:*:*:*:*:*",
              "matchCriteriaId": "BE409D5C-8F9F-4DE9-ACB7-0E0B813F6399",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_2:*:*:*:*:*:*",
              "matchCriteriaId": "7158D2C0-E9AC-4CD6-B777-EA7B7A181997",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_20:*:*:*:*:*:*",
              "matchCriteriaId": "B08C075B-9FC0-4381-A9E4-FFF0362BD308",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_21:*:*:*:*:*:*",
              "matchCriteriaId": "F587E635-3A15-4186-B6A1-F99BE0A56820",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_3:*:*:*:*:*:*",
              "matchCriteriaId": "90EC6C13-4B37-48E5-8199-A702A944D5A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_4:*:*:*:*:*:*",
              "matchCriteriaId": "2528152C-E20A-4D97-931C-A5EC3CEAA06D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_5:*:*:*:*:*:*",
              "matchCriteriaId": "A99DAB4C-272B-4C91-BC70-7729E1152590",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_6:*:*:*:*:*:*",
              "matchCriteriaId": "30DFC10A-A4D9-4F89-B17C-AB9260087D29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_7:*:*:*:*:*:*",
              "matchCriteriaId": "272A5C44-18EC-41A9-8233-E9D4D0734EA6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "DFAA351A-93CD-46A8-A480-CE2783CCD620",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*",
              "matchCriteriaId": "F4B153FD-E20B-4909-8B10-884E48F5B590",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*",
              "matchCriteriaId": "CB106FA9-26CE-48C5-AEA5-FD1A5454AEE2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "036E8A89-7A16-411F-9D31-676313BB7244",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:-:*:*:*",
              "matchCriteriaId": "4339DE06-19FB-4B8E-B6AE-3495F605AD05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_java:10:sp4:*:*:*:*:*:*",
              "matchCriteriaId": "3CF5C5B9-2CB9-4CD8-B94F-A674ED909CC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_java:11:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "6C92E342-B485-49E3-BC3A-4397D3CA8453",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:-:*:*:*",
              "matchCriteriaId": "D1D7B467-58DD-45F1-9F1F-632620DF072A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:-:*:*",
              "matchCriteriaId": "A44C3422-0D42-473E-ABB4-279D7494EE2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:vmware:*:*",
              "matchCriteriaId": "A6B7CDCA-6F39-4113-B5D3-3AA9D7F3D809",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:-:*:*",
              "matchCriteriaId": "88D6E858-FD8F-4C55-B7D5-CEEDA2BBA898",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "E8C91701-DF37-4F7B-AB9A-B1BFDB4991F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "5AA37837-3083-4DC7-94F4-54FD5D7CB53C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Concurrency.  NOTE: the previous information was obtained from the February 2012 Oracle CPU. Oracle has not commented on claims from a downstream vendor and third party researchers that this issue occurs because the AtomicReferenceArray class implementation does not ensure that the array is of the Object[] type, which allows attackers to cause a denial of service (JVM crash) or bypass Java sandbox restrictions.  NOTE: this issue was originally mapped to CVE-2011-3571, but that identifier was already assigned to a different issue."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad no especificada en el componente Java Runtime Environment (JRE), de Oracle Java SE v7 Update 2 y versiones anteriores, v6 Update 30 y anteriores, y v5.0 Update 33 y anteriores permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a trav\u00e9s de vectores desconocidos relacionados con la \"Concurrencia\". NOTA: La informaci\u00f3n anterior se obtuvo de la Oracle CPU de Febrero de 2012. Oracle no se ha pronunciado sobre las reclamaciones de un vendedor y de los investigadores de que este problema se produce porque la implementaci\u00f3n de la clase AtomicReferenceArray no garantiza que la matriz es de tipo Object[], lo que permite a atacantes provocar una denegaci\u00f3n de servicio (bloqueo de la m\u00e1quina virtual Java) o eludir restricciones del entorno limitado de Java. NOTA: Este problema fue asignado originalmente al CVE-2011-3571, pero ese identificador ya ha sido asignado a un tema diferente."
    }
  ],
  "id": "CVE-2012-0507",
  "lastModified": "2025-01-06T19:22:01.253",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2012-06-07T22:55:17.883",
  "references": [
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://blogs.technet.com/b/mmpc/archive/2012/03/20/an-interesting-case-of-jre-sandbox-breach-cve-2012-0507.aspx"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://krebsonsecurity.com/2012/03/new-java-attack-rolled-into-exploit-packs/"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Issue Tracking",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00010.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=133364885411663\u0026w=2"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=133364885411663\u0026w=2"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=133365109612558\u0026w=2"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=133365109612558\u0026w=2"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=133847939902305\u0026w=2"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=133847939902305\u0026w=2"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2012-0508.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2012-0514.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Not Applicable"
      ],
      "url": "http://secunia.com/advisories/48589"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Not Applicable"
      ],
      "url": "http://secunia.com/advisories/48692"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Not Applicable"
      ],
      "url": "http://secunia.com/advisories/48915"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Not Applicable"
      ],
      "url": "http://secunia.com/advisories/48948"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Not Applicable"
      ],
      "url": "http://secunia.com/advisories/48950"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Exploit"
      ],
      "url": "http://weblog.ikvm.net/PermaLink.aspx?guid=cd48169a-9405-4f63-9087-798c4a1866d3"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2012/dsa-2420"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/topics/security/javacpufeb2012-366318.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/52161"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=788994"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://blogs.technet.com/b/mmpc/archive/2012/03/20/an-interesting-case-of-jre-sandbox-breach-cve-2012-0507.aspx"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://krebsonsecurity.com/2012/03/new-java-attack-rolled-into-exploit-packs/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00010.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=133364885411663\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=133364885411663\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=133365109612558\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=133365109612558\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=133847939902305\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=133847939902305\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2012-0508.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2012-0514.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Not Applicable"
      ],
      "url": "http://secunia.com/advisories/48589"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Not Applicable"
      ],
      "url": "http://secunia.com/advisories/48692"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Not Applicable"
      ],
      "url": "http://secunia.com/advisories/48915"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Not Applicable"
      ],
      "url": "http://secunia.com/advisories/48948"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Not Applicable"
      ],
      "url": "http://secunia.com/advisories/48950"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://weblog.ikvm.net/PermaLink.aspx?guid=cd48169a-9405-4f63-9087-798c4a1866d3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2012/dsa-2420"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/topics/security/javacpufeb2012-366318.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/52161"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=788994"
    }
  ],
  "sourceIdentifier": "secalert_us@oracle.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2012-06-16 21:55

Modified

2024-11-21 01:37

Severity ?

Summary

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows local users to affect confidentiality via unknown vectors related to printing on Solaris or Linux.

References

URL	Tags
secalert_us@oracle.com	http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00020.html	Mailing List, Third Party Advisory
secalert_us@oracle.com	http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00028.html	Mailing List, Third Party Advisory
secalert_us@oracle.com	http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html	Mailing List, Third Party Advisory
secalert_us@oracle.com	http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00035.html	Mailing List, Third Party Advisory
secalert_us@oracle.com	http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-June/019076.html	Third Party Advisory
secalert_us@oracle.com	http://rhn.redhat.com/errata/RHSA-2012-0734.html	Third Party Advisory
secalert_us@oracle.com	http://rhn.redhat.com/errata/RHSA-2012-1243.html	Third Party Advisory
secalert_us@oracle.com	http://rhn.redhat.com/errata/RHSA-2013-1455.html	Third Party Advisory
secalert_us@oracle.com	http://rhn.redhat.com/errata/RHSA-2013-1456.html	Third Party Advisory
secalert_us@oracle.com	http://secunia.com/advisories/50659	Broken Link
secalert_us@oracle.com	http://secunia.com/advisories/51080	Broken Link
secalert_us@oracle.com	http://security.gentoo.org/glsa/glsa-201406-32.xml	Third Party Advisory
secalert_us@oracle.com	http://www.ibm.com/support/docview.wss?uid=swg21615246	Broken Link
secalert_us@oracle.com	http://www.mandriva.com/security/advisories?name=MDVSA-2012:095	Broken Link
secalert_us@oracle.com	http://www.mandriva.com/security/advisories?name=MDVSA-2013:150	Broken Link
secalert_us@oracle.com	http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html	Patch, Vendor Advisory
secalert_us@oracle.com	http://www.oracle.com/technetwork/topics/security/javacpujun2012-1515912.html	Patch, Vendor Advisory
secalert_us@oracle.com	http://www.securityfocus.com/bid/53952	Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00020.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00028.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00035.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-June/019076.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2012-0734.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2012-1243.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2013-1455.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2013-1456.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/50659	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/51080	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-201406-32.xml	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.ibm.com/support/docview.wss?uid=swg21615246	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDVSA-2012:095	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDVSA-2013:150	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.oracle.com/technetwork/topics/security/javacpujun2012-1515912.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/53952	Broken Link, Third Party Advisory, VDB Entry

Impacted products

Vendor	Product	Version
oracle	jre	*
oracle	jre	1.5.0
oracle	jre	1.5.0
oracle	jre	1.5.0
oracle	jre	1.5.0
oracle	jre	1.5.0
oracle	jre	1.5.0
oracle	jre	1.5.0
oracle	jre	1.5.0
oracle	jre	1.5.0
oracle	jre	1.5.0
oracle	jre	1.5.0
oracle	jre	1.5.0
oracle	jre	1.5.0
oracle	jre	1.5.0
oracle	jre	1.5.0
oracle	jre	1.5.0
oracle	jre	1.5.0
oracle	jre	1.5.0
oracle	jre	1.5.0
oracle	jre	1.5.0
oracle	jre	1.5.0
oracle	jre	1.5.0
oracle	jre	1.5.0
oracle	jre	1.5.0
oracle	jre	1.5.0
oracle	jre	1.5.0
oracle	jre	1.5.0
oracle	jre	1.5.0
oracle	jre	1.5.0
oracle	jre	1.5.0
oracle	jre	1.5.0
oracle	jre	1.5.0
oracle	jre	1.5.0
oracle	jre	1.5.0
oracle	jre	1.5.0
oracle	jre	1.5.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.7.0
linux	linux_kernel	-
sun	sunos	-
oracle	jdk	*
oracle	jdk	1.5.0
oracle	jdk	1.5.0
oracle	jdk	1.5.0
oracle	jdk	1.5.0
oracle	jdk	1.5.0
oracle	jdk	1.5.0
oracle	jdk	1.5.0
oracle	jdk	1.5.0
oracle	jdk	1.5.0
oracle	jdk	1.5.0
oracle	jdk	1.5.0
oracle	jdk	1.5.0
oracle	jdk	1.5.0
oracle	jdk	1.5.0
oracle	jdk	1.5.0
oracle	jdk	1.5.0
oracle	jdk	1.5.0
oracle	jdk	1.5.0
oracle	jdk	1.5.0
oracle	jdk	1.5.0
oracle	jdk	1.5.0
oracle	jdk	1.5.0
oracle	jdk	1.5.0
oracle	jdk	1.5.0
oracle	jdk	1.5.0
oracle	jdk	1.5.0
oracle	jdk	1.5.0
oracle	jdk	1.5.0
oracle	jdk	1.5.0
oracle	jdk	1.5.0
oracle	jdk	1.5.0
oracle	jdk	1.5.0
oracle	jdk	1.5.0
oracle	jdk	1.5.0
oracle	jdk	1.5.0
oracle	jdk	1.5.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.7.0
oracle	jdk	1.7.0
oracle	jdk	1.7.0
oracle	jdk	1.7.0
oracle	jdk	1.7.0
linux	linux_kernel	-
sun	sunos	-
redhat	icedtea6	*
redhat	icedtea6	*
redhat	satellite_with_embedded_oracle	5.5
redhat	enterprise_linux_desktop	5.0
redhat	enterprise_linux_desktop	6.0
redhat	enterprise_linux_eus	6.2
redhat	enterprise_linux_for_ibm_z_systems	5.0
redhat	enterprise_linux_for_power_big_endian	5.0
redhat	enterprise_linux_for_scientific_computing	6.0
redhat	enterprise_linux_server	5.0
redhat	enterprise_linux_server	6.0
redhat	enterprise_linux_server_aus	6.2
redhat	enterprise_linux_server_from_rhui	6.0
redhat	enterprise_linux_workstation	5.0
redhat	enterprise_linux_workstation	6.0
suse	linux_enterprise_desktop	10
suse	linux_enterprise_java	10
suse	linux_enterprise_java	11
suse	linux_enterprise_server	10
suse	linux_enterprise_server	11
suse	linux_enterprise_server	11
suse	linux_enterprise_software_development_kit	11

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4728C6F-BE60-4805-8D45-FB61DD307CF1",
              "versionEndIncluding": "1.4.2_37",
              "versionStartIncluding": "1.4.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.5.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "D8730889-A618-4CF9-888C-BF95802DD00F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.5.0:update1:*:*:*:*:*:*",
              "matchCriteriaId": "94F2C368-5881-40AB-8B08-BF959E724950",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.5.0:update10:*:*:*:*:*:*",
              "matchCriteriaId": "2D33EDF0-548B-457F-908B-C3795945FC37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.5.0:update11:*:*:*:*:*:*",
              "matchCriteriaId": "7B1BA97C-51C0-4EA2-B514-84503E1B42CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.5.0:update12:*:*:*:*:*:*",
              "matchCriteriaId": "30F69268-F35B-411F-90C6-11A5EFF00DE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.5.0:update13:*:*:*:*:*:*",
              "matchCriteriaId": "E137594B-9FFE-4081-933F-F825E3A3F362",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.5.0:update14:*:*:*:*:*:*",
              "matchCriteriaId": "5DCC0622-5D7E-4D2D-84ED-FD985B2B0C58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.5.0:update15:*:*:*:*:*:*",
              "matchCriteriaId": "26AF05CC-DF6C-40EE-88A6-71C85EE7C4F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.5.0:update16:*:*:*:*:*:*",
              "matchCriteriaId": "79674E2C-B6E8-40DE-821D-291FD312C3A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.5.0:update17:*:*:*:*:*:*",
              "matchCriteriaId": "83E72AE8-C2EB-4C4A-80D0-7C5AA0BD2C48",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.5.0:update18:*:*:*:*:*:*",
              "matchCriteriaId": "FC107766-8EF4-4A63-AC1F-DBFAD33E349D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.5.0:update19:*:*:*:*:*:*",
              "matchCriteriaId": "BAA97E64-FFAA-4C4E-B3B1-72D9B968161E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.5.0:update2:*:*:*:*:*:*",
              "matchCriteriaId": "5CEBD756-DAA9-4613-9ECA-943EB162BAF8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.5.0:update20:*:*:*:*:*:*",
              "matchCriteriaId": "508CB5E0-5A93-4890-B822-10F29631B280",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.5.0:update21:*:*:*:*:*:*",
              "matchCriteriaId": "A7C6D544-04A1-4B09-8AC9-DEBEAAB1E903",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.5.0:update22:*:*:*:*:*:*",
              "matchCriteriaId": "08F6C2F3-2DB1-4B71-82D7-11233ADD1376",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.5.0:update23:*:*:*:*:*:*",
              "matchCriteriaId": "708418EA-CFB6-4AFC-9327-E974F99E7323",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.5.0:update24:*:*:*:*:*:*",
              "matchCriteriaId": "159846BB-6BC2-4A6F-B9B7-5D95D70B966F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.5.0:update25:*:*:*:*:*:*",
              "matchCriteriaId": "ABD71288-227D-4FA6-9E07-FFA9EBAF3452",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.5.0:update26:*:*:*:*:*:*",
              "matchCriteriaId": "5B02C330-01CB-41FB-A503-A6A9BB24FDA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.5.0:update27:*:*:*:*:*:*",
              "matchCriteriaId": "CF46C0A1-67A1-421A-961A-5C19E20D075F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.5.0:update28:*:*:*:*:*:*",
              "matchCriteriaId": "CF3B6C14-A29B-4B55-82A9-51A2CC108063",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.5.0:update29:*:*:*:*:*:*",
              "matchCriteriaId": "3E77C2EE-EB7D-40D8-BF74-F6CEB8DCE610",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.5.0:update3:*:*:*:*:*:*",
              "matchCriteriaId": "5798AD7E-81A9-456B-8109-46F5CF910C63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.5.0:update30:*:*:*:*:*:*",
              "matchCriteriaId": "3FE9142C-E34A-4390-B9DF-4689A45E67BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.5.0:update31:*:*:*:*:*:*",
              "matchCriteriaId": "54D82C69-8F1E-4666-B0F3-25540F840170",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.5.0:update32:*:*:*:*:*:*",
              "matchCriteriaId": "27EE5902-38E6-4977-A66A-FE2CCE27EAAD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.5.0:update33:*:*:*:*:*:*",
              "matchCriteriaId": "97905F32-901A-4AE0-8E16-7CA44BC5988C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.5.0:update34:*:*:*:*:*:*",
              "matchCriteriaId": "7109AD44-F277-41A6-B765-EE053B4F32C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.5.0:update35:*:*:*:*:*:*",
              "matchCriteriaId": "1AC184EB-A85D-47A0-8C21-FD05B0C46079",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.5.0:update4:*:*:*:*:*:*",
              "matchCriteriaId": "88114C4E-0267-47C2-A7FC-D38BEFC3AF5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.5.0:update5:*:*:*:*:*:*",
              "matchCriteriaId": "055CA491-F4F1-4110-824F-23ED1494543F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.5.0:update6:*:*:*:*:*:*",
              "matchCriteriaId": "5687B90D-55D3-4115-8266-4B935108C237",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.5.0:update7:*:*:*:*:*:*",
              "matchCriteriaId": "6CA9E211-120C-4CAE-8A25-709D015124F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.5.0:update8:*:*:*:*:*:*",
              "matchCriteriaId": "FEE709FD-88F8-484D-9D13-216D79F5DDC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.5.0:update9:*:*:*:*:*:*",
              "matchCriteriaId": "15D32F92-E8CF-4EA8-AA31-5F406AAB455B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "EB864346-1429-46B5-A91E-A1126C486421",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update1:*:*:*:*:*:*",
              "matchCriteriaId": "F199B346-B95E-4DCA-B750-148A36D559BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update10:*:*:*:*:*:*",
              "matchCriteriaId": "D16229B8-1642-4C10-8650-A9CEA9D4C98C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update11:*:*:*:*:*:*",
              "matchCriteriaId": "1714BDEF-6B0E-42BB-9510-3F9B52E170BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update12:*:*:*:*:*:*",
              "matchCriteriaId": "830A3A51-F17A-4C61-8F5C-6A4582A64DA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update13:*:*:*:*:*:*",
              "matchCriteriaId": "9DE0E496-719D-4CEF-837F-B060A898099F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update14:*:*:*:*:*:*",
              "matchCriteriaId": "3B02F361-0C64-4CB8-8DAD-A63F1A9CC025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update15:*:*:*:*:*:*",
              "matchCriteriaId": "FD4CC3E2-7BEA-4D8C-811C-C5012327A9AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update16:*:*:*:*:*:*",
              "matchCriteriaId": "9F63A8AC-893D-4D75-B467-85E70B62541D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update17:*:*:*:*:*:*",
              "matchCriteriaId": "D7823AE6-CB18-47DE-8A4F-1F98394B7237",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update18:*:*:*:*:*:*",
              "matchCriteriaId": "381EFA43-DB73-48EA-A4B1-F451EF60D845",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update19:*:*:*:*:*:*",
              "matchCriteriaId": "77C54E00-0197-4C87-9BFF-01A099AC3006",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update2:*:*:*:*:*:*",
              "matchCriteriaId": "64AD6007-EB92-4D0E-A0CB-8FFDDB61AA6D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update20:*:*:*:*:*:*",
              "matchCriteriaId": "7415177F-A2FE-47AB-8D92-194A4F6D75C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update21:*:*:*:*:*:*",
              "matchCriteriaId": "52FA600C-08B6-4143-9C72-DB31E489DE3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update22:*:*:*:*:*:*",
              "matchCriteriaId": "EF13B96D-1F80-4672-8DA3-F86F6D3BF070",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update23:*:*:*:*:*:*",
              "matchCriteriaId": "D1A2D440-D966-41A6-955D-38B28DDE0FDB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update24:*:*:*:*:*:*",
              "matchCriteriaId": "B1C57774-AD93-4162-8E45-92B09139C808",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update25:*:*:*:*:*:*",
              "matchCriteriaId": "CD7C4194-D34A-418F-9B00-5C6012844AAE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update26:*:*:*:*:*:*",
              "matchCriteriaId": "DAF7D86B-1B4D-4E1F-9EF0-DA7E419D7E99",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update27:*:*:*:*:*:*",
              "matchCriteriaId": "F0B82FB1-0F0E-44F9-87AE-628517279E4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update29:*:*:*:*:*:*",
              "matchCriteriaId": "A0A67640-2F4A-488A-9D8F-3FE1F4DA8DEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update3:*:*:*:*:*:*",
              "matchCriteriaId": "2752B83A-6DD2-4829-9E4F-42CDDCBC38C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update30:*:*:*:*:*:*",
              "matchCriteriaId": "0D60D98D-4363-44A0-AAB4-B61BA623EE21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update31:*:*:*:*:*:*",
              "matchCriteriaId": "23CDA4F0-C32B-4B08-A377-7D4426C2F569",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update32:*:*:*:*:*:*",
              "matchCriteriaId": "8E76476E-4120-46A9-90A8-A95FE89636CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update4:*:*:*:*:*:*",
              "matchCriteriaId": "964CCFD6-316A-48C6-9A6B-7CFD1A1FB027",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update5:*:*:*:*:*:*",
              "matchCriteriaId": "DC8771D7-9531-4A1D-B2DE-FAA7A7549801",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update6:*:*:*:*:*:*",
              "matchCriteriaId": "6C59C275-5964-4E5D-BE80-BA4EA34BEA62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update7:*:*:*:*:*:*",
              "matchCriteriaId": "47C1922B-37E8-4009-97C7-B243F6F96704",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update8:*:*:*:*:*:*",
              "matchCriteriaId": "68957C57-EC74-4896-B97D-E936DC6AD31C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update9:*:*:*:*:*:*",
              "matchCriteriaId": "6B3A8681-3EAC-4D02-811A-5FCCCC7B5635",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "DFAA351A-93CD-46A8-A480-CE2783CCD620",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*",
              "matchCriteriaId": "F4B153FD-E20B-4909-8B10-884E48F5B590",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*",
              "matchCriteriaId": "CB106FA9-26CE-48C5-AEA5-FD1A5454AEE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*",
              "matchCriteriaId": "5831D70B-3854-4CB8-B88D-40F1743DAEE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*",
              "matchCriteriaId": "EEB101C9-CA38-4421-BC0C-C1AD47AA2CC9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:sun:sunos:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "369207B4-96FA-4324-9445-98FAE8ECF5DB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:oracle:jdk:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "791A11F4-2F3A-4D83-B450-2BC7209DEE80",
              "versionEndIncluding": "1.4.2_37",
              "versionStartIncluding": "1.4.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.5.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "711BCDB5-83BC-4DBA-8097-2CD33617FD19",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B5F20B3E-781F-4DC1-B939-B0EAFC515F71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update10:*:*:*:*:*:*",
              "matchCriteriaId": "BEB37E93-38EB-4AEE-A3DD-D2097C0D6852",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update11:*:*:*:*:*:*",
              "matchCriteriaId": "59DED85A-153E-40B1-9ABA-D405204E464E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update12:*:*:*:*:*:*",
              "matchCriteriaId": "168E67FC-32BC-4DAE-B49C-840FD721D7AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update13:*:*:*:*:*:*",
              "matchCriteriaId": "83A2B4A2-ED27-4C12-871B-C0F78C3478FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update14:*:*:*:*:*:*",
              "matchCriteriaId": "9E8A5D2D-B620-449B-B599-51F5C9FC658C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update15:*:*:*:*:*:*",
              "matchCriteriaId": "9A39B469-5041-4715-B6AC-36D8777677EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update16:*:*:*:*:*:*",
              "matchCriteriaId": "F49DBD1F-D3F5-400B-AE2E-BC87B05A5051",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update17:*:*:*:*:*:*",
              "matchCriteriaId": "8E605982-97A2-4E5E-847E-2BB8AD77910C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update18:*:*:*:*:*:*",
              "matchCriteriaId": "848299EC-DE52-4511-BF53-C83022935964",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update19:*:*:*:*:*:*",
              "matchCriteriaId": "CD5BD598-ADBC-42EE-BF81-049D89CCA426",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update2:*:*:*:*:*:*",
              "matchCriteriaId": "64AC19E5-A20C-4D51-B465-ABCDBADF550A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update20:*:*:*:*:*:*",
              "matchCriteriaId": "4855E669-C465-4167-89CE-EA693C70A051",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update21:*:*:*:*:*:*",
              "matchCriteriaId": "9D970942-F8B4-445B-8167-955C489DA85B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update22:*:*:*:*:*:*",
              "matchCriteriaId": "9EE4A1F0-FDAD-4BC7-8541-0CA928E51731",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update23:*:*:*:*:*:*",
              "matchCriteriaId": "542B79DC-8BC8-4E93-ADC0-50BAF5FFB3D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update24:*:*:*:*:*:*",
              "matchCriteriaId": "5E537391-BC5D-4923-9122-27624371BF22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update25:*:*:*:*:*:*",
              "matchCriteriaId": "2D8E305C-BB6A-4705-ADED-73B3159A338C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update26:*:*:*:*:*:*",
              "matchCriteriaId": "CC65A3CD-F682-4788-B42C-77BBBDBAEB34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update27:*:*:*:*:*:*",
              "matchCriteriaId": "E67D9262-1F65-44D0-B6E6-68D405CEA5C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update28:*:*:*:*:*:*",
              "matchCriteriaId": "774509D5-9C66-446B-9050-F8CE6C6EDB70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update29:*:*:*:*:*:*",
              "matchCriteriaId": "1A85BCBA-61AF-455A-A5E0-312E4D1308C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update3:*:*:*:*:*:*",
              "matchCriteriaId": "A2CCCA1A-F0A1-4511-AF84-326DF406C0DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update30:*:*:*:*:*:*",
              "matchCriteriaId": "DD21F014-7CFF-490E-9D39-048703915552",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update31:*:*:*:*:*:*",
              "matchCriteriaId": "C00F4FBC-E6A3-40DC-AEA9-26F34F90A86D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update32:*:*:*:*:*:*",
              "matchCriteriaId": "EBF147E8-5BB0-4472-8213-18D8BFE1E2CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update33:*:*:*:*:*:*",
              "matchCriteriaId": "7FAF6EAE-8974-488F-87A3-86AF9D4455B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update34:*:*:*:*:*:*",
              "matchCriteriaId": "B19E5AB2-FB4A-4D42-9A43-6A1C4829B4E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update35:*:*:*:*:*:*",
              "matchCriteriaId": "40119D8A-8D51-4AD7-AC83-A735CF86F9D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update4:*:*:*:*:*:*",
              "matchCriteriaId": "81B0BEF9-25FD-48F7-83BC-BEA31BC3A1BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update5:*:*:*:*:*:*",
              "matchCriteriaId": "4E6D8590-0A99-43E0-9256-9572112F9C8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update6:*:*:*:*:*:*",
              "matchCriteriaId": "5F2A0870-A4D3-481B-8A37-A4DC282B0DE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update7:*:*:*:*:*:*",
              "matchCriteriaId": "20171515-B5A5-44D2-B7F7-21EDDE39989E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update8:*:*:*:*:*:*",
              "matchCriteriaId": "F734AF76-4CEE-4F9D-AD6A-6BECF1F977CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update9:*:*:*:*:*:*",
              "matchCriteriaId": "985B45F6-C285-4061-A656-A4C1A1FE59D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "4A420DA5-1346-446B-8D23-E1E6DDBE527E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B8CA8719-7ABE-4279-B49E-C414794A4FE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update10:*:*:*:*:*:*",
              "matchCriteriaId": "DC92B7EC-849F-4255-9D55-43681B8DADC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update11:*:*:*:*:*:*",
              "matchCriteriaId": "2ABC1045-7D3D-4A14-B994-7E60A4BB4C9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update12:*:*:*:*:*:*",
              "matchCriteriaId": "1F3C1E65-929A-4468-8584-F086E6E59839",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update13:*:*:*:*:*:*",
              "matchCriteriaId": "42C95C1D-0C2E-4733-AB1B-65650D88995D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update14:*:*:*:*:*:*",
              "matchCriteriaId": "47A9F499-D1E3-41BD-AC18-E8D3D3231C12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update15:*:*:*:*:*:*",
              "matchCriteriaId": "D45B0D7E-BA0F-4AAA-A7BA-2ADA4CC90D94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update16:*:*:*:*:*:*",
              "matchCriteriaId": "D58A3E4F-2409-440A-891E-0B84D79AB480",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update17:*:*:*:*:*:*",
              "matchCriteriaId": "3FC2226B-CFEF-48A4-83EA-1F59F4AF7528",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update18:*:*:*:*:*:*",
              "matchCriteriaId": "F29DC78F-4D02-47B4-A955-32080B22356C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update19:*:*:*:*:*:*",
              "matchCriteriaId": "81A4204E-6F50-45FB-A343-7A30C0CD6D3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D6E07069-D6EE-4D44-94A6-CDCA4A50E6F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update20:*:*:*:*:*:*",
              "matchCriteriaId": "4B151882-47C0-400E-BBAB-A949E6140C86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update21:*:*:*:*:*:*",
              "matchCriteriaId": "6DB4F19E-DFC4-42F4-87B9-32FB1C496649",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update22:*:*:*:*:*:*",
              "matchCriteriaId": "301E96A3-AD2F-48F3-9166-571BD6F9FAE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update23:*:*:*:*:*:*",
              "matchCriteriaId": "6C9215D9-DB64-4CEE-85E6-E247035EFB09",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update24:*:*:*:*:*:*",
              "matchCriteriaId": "352509FE-54D9-4A59-98B7-96E5E98BC2CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update25:*:*:*:*:*:*",
              "matchCriteriaId": "C3EC13D3-4CE7-459C-A7D7-7D38C1284720",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update26:*:*:*:*:*:*",
              "matchCriteriaId": "8CDCD1B4-C5F3-4188-B05F-23922F7DE517",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update27:*:*:*:*:*:*",
              "matchCriteriaId": "1824DA2D-26D5-4595-8376-8E41AB8C5E52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update29:*:*:*:*:*:*",
              "matchCriteriaId": "B72F78B7-10D1-49CF-AC4D-3B10921CB633",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update3:*:*:*:*:*:*",
              "matchCriteriaId": "344FA3EA-9E25-493C-976A-211D1404B251",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update30:*:*:*:*:*:*",
              "matchCriteriaId": "60D05860-9424-4727-B583-74A35BC9BDFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update31:*:*:*:*:*:*",
              "matchCriteriaId": "F85DB431-FEA4-42E7-AC29-6B66174DCD9E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update32:*:*:*:*:*:*",
              "matchCriteriaId": "FB7E911C-C780-440A-ABFF-CCE09061BB4F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update4:*:*:*:*:*:*",
              "matchCriteriaId": "D081A380-5AA4-4451-94A9-7B65810106E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update5:*:*:*:*:*:*",
              "matchCriteriaId": "112E7575-A3A0-4A94-AD39-7B2325B150B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update6:*:*:*:*:*:*",
              "matchCriteriaId": "708E8CEF-82EE-4D4B-ABF9-87AA4878F517",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update7:*:*:*:*:*:*",
              "matchCriteriaId": "D5D9D9A7-8819-44A4-80AC-52D6B63A0C9B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update8:*:*:*:*:*:*",
              "matchCriteriaId": "FEB2C8A3-E0DC-46A3-BD82-8E45DA55ED0E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update9:*:*:*:*:*:*",
              "matchCriteriaId": "64B5B16D-061A-438D-A8CF-9E63D6C748D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "ACABC935-5DD6-4F85-992E-70AD517EF41D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*",
              "matchCriteriaId": "6152036D-6421-4AE4-9223-766FE07B5A44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D375CECB-405C-4E18-A7E8-9C5A2F97BD69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*",
              "matchCriteriaId": "52EEEA5A-E77C-43CF-A063-9D5C64EA1870",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*",
              "matchCriteriaId": "003746F6-DEF0-4D0F-AD97-9E335868E301",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:sun:sunos:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "369207B4-96FA-4324-9445-98FAE8ECF5DB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:redhat:icedtea6:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ABD07623-B997-479C-B8C8-DEF899104BD5",
              "versionEndExcluding": "1.10.8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:icedtea6:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6C469B3-C1E7-4E5D-AD16-2CA8981CB589",
              "versionEndExcluding": "1.11.3",
              "versionStartIncluding": "1.11.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:satellite_with_embedded_oracle:5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "46E05B39-84D0-4208-A299-2B6B999FA482",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0554C89-3716-49F3-BFAE-E008D5E4E29C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF0F7F83-8723-4FFC-BC7C-90C12F1F41E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B94E436-BECD-4AA9-82A3-C9CC48C875F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "634C23AC-AC9C-43F4-BED8-1C720816D5E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AD6D0378-F0F4-4AAA-80AF-8287C790EC96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_from_rhui:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AE981D4-0CA1-46FA-8E91-E1A4D5B31383",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:-:*:*:*",
              "matchCriteriaId": "4339DE06-19FB-4B8E-B6AE-3495F605AD05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_java:10:sp4:*:*:*:*:*:*",
              "matchCriteriaId": "3CF5C5B9-2CB9-4CD8-B94F-A674ED909CC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_java:11:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "252CF7A7-3FEB-4503-AEE8-B67139C5B0D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:-:*:*:*",
              "matchCriteriaId": "D1D7B467-58DD-45F1-9F1F-632620DF072A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:-:*:*",
              "matchCriteriaId": "88D6E858-FD8F-4C55-B7D5-CEEDA2BBA898",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:vmware:*:*",
              "matchCriteriaId": "DB4D6749-81A1-41D7-BF4F-1C45A7F49A22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "5AA37837-3083-4DC7-94F4-54FD5D7CB53C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows local users to affect confidentiality via unknown vectors related to printing on Solaris or Linux."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en el Java Runtime Environment (JRE), componente de Oracle Java SE 7 Update 4 y anteriores, 6 Update 32 y anteriores, 5 actualizaci\u00f3n 35 y anteriores, y v1.4.2_37 y anteriores permite a usuarios locales afectar la confidencialidad a trav\u00e9s de vectores desconocidos relacionados con el la impresi\u00f3n en Solaris o Linux."
    }
  ],
  "evaluatorImpact": "Per: http://www.oracle.com/technetwork/topics/security/javacpujun2012-1515912.html\n\n\u0027Applies to printing on the Solaris and Linux platforms. This vulnerability cannot be exploited through untrusted Java Web Start applications or untrusted Java applets. It also cannot be exploited by supplying data to APIs in the specified Component without using untrusted Java Web Start applications or untrusted Java applets, such as through a web service.\u0027",
  "id": "CVE-2012-1717",
  "lastModified": "2024-11-21T01:37:31.870",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 2.1,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2012-06-16T21:55:03.250",
  "references": [
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00020.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00028.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00035.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-June/019076.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2012-0734.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1243.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/50659"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/51080"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=swg21615246"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:095"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/topics/security/javacpujun2012-1515912.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/53952"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00020.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00028.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00035.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-June/019076.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2012-0734.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1243.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/50659"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/51080"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=swg21615246"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:095"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/topics/security/javacpujun2012-1515912.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/53952"
    }
  ],
  "sourceIdentifier": "secalert_us@oracle.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2011-10-19 21:55

Modified

2025-01-06 19:22

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7 and 6 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Scripting.

References

URL	Tags
secalert_us@oracle.com	http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html	Mailing List, Third Party Advisory
secalert_us@oracle.com	http://marc.info/?l=bugtraq&m=132750579901589&w=2	Mailing List
secalert_us@oracle.com	http://marc.info/?l=bugtraq&m=132750579901589&w=2	Mailing List
secalert_us@oracle.com	http://marc.info/?l=bugtraq&m=134254866602253&w=2	Mailing List
secalert_us@oracle.com	http://marc.info/?l=bugtraq&m=134254957702612&w=2	Mailing List
secalert_us@oracle.com	http://marc.info/?l=bugtraq&m=134254957702612&w=2	Mailing List
secalert_us@oracle.com	http://rhn.redhat.com/errata/RHSA-2013-1455.html	Third Party Advisory
secalert_us@oracle.com	http://secunia.com/advisories/48308	Broken Link
secalert_us@oracle.com	http://security.gentoo.org/glsa/glsa-201406-32.xml	Third Party Advisory
secalert_us@oracle.com	http://www.ibm.com/developerworks/java/jdk/alerts/	Product
secalert_us@oracle.com	http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html	Patch, Vendor Advisory
secalert_us@oracle.com	http://www.redhat.com/support/errata/RHSA-2011-1384.html	Broken Link
secalert_us@oracle.com	http://www.securityfocus.com/bid/50218	Broken Link, Third Party Advisory, VDB Entry
secalert_us@oracle.com	http://www.securitytracker.com/id?1026215	Broken Link, Third Party Advisory, VDB Entry
secalert_us@oracle.com	http://www.ubuntu.com/usn/USN-1263-1	Third Party Advisory
secalert_us@oracle.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/70849	Third Party Advisory, VDB Entry
secalert_us@oracle.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13947	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=132750579901589&w=2	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=132750579901589&w=2	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=134254866602253&w=2	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=134254957702612&w=2	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=134254957702612&w=2	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2013-1455.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/48308	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-201406-32.xml	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.ibm.com/developerworks/java/jdk/alerts/	Product
af854a3a-2127-422b-91ae-364da2661108	http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2011-1384.html	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/50218	Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1026215	Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-1263-1	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/70849	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13947	Broken Link

Impacted products

Vendor	Product	Version
oracle	jdk	*
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.6.0
oracle	jdk	1.7.0
oracle	jdk	1.7.0
oracle	jdk	1.7.0
oracle	jdk	1.7.0
oracle	jdk	1.7.0
oracle	jdk	1.7.0
oracle	jdk	1.7.0
oracle	jdk	1.7.0
oracle	jdk	1.7.0
oracle	jdk	1.7.0
oracle	jdk	1.7.0
oracle	jdk	1.7.0
oracle	jdk	1.7.0
oracle	jdk	1.7.0
oracle	jdk	1.7.0
oracle	jdk	1.7.0
oracle	jdk	1.7.0
oracle	jdk	1.7.0
oracle	jdk	1.7.0
oracle	jre	*
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.7.0
canonical	ubuntu_linux	10.04
canonical	ubuntu_linux	10.10
canonical	ubuntu_linux	11.04
canonical	ubuntu_linux	11.10
redhat	satellite_with_embedded_oracle	5.4
suse	linux_enterprise_java	10
suse	linux_enterprise_server	10

JSON

To clipboard

{
  "cisaActionDue": "2022-03-24",
  "cisaExploitAdd": "2022-03-03",
  "cisaRequiredAction": "Apply updates per vendor instructions.",
  "cisaVulnerabilityName": "Oracle Java SE Runtime Environment (JRE) Arbitrary Code Execution Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:oracle:jdk:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD1AF818-452D-46FE-BD02-05E2E94DDE30",
              "versionEndExcluding": "1.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "4A420DA5-1346-446B-8D23-E1E6DDBE527E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update1:*:*:*:*:*:*",
              "matchCriteriaId": "B8CA8719-7ABE-4279-B49E-C414794A4FE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update10:*:*:*:*:*:*",
              "matchCriteriaId": "DC92B7EC-849F-4255-9D55-43681B8DADC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update11:*:*:*:*:*:*",
              "matchCriteriaId": "2ABC1045-7D3D-4A14-B994-7E60A4BB4C9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update12:*:*:*:*:*:*",
              "matchCriteriaId": "1F3C1E65-929A-4468-8584-F086E6E59839",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update13:*:*:*:*:*:*",
              "matchCriteriaId": "42C95C1D-0C2E-4733-AB1B-65650D88995D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update14:*:*:*:*:*:*",
              "matchCriteriaId": "47A9F499-D1E3-41BD-AC18-E8D3D3231C12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update15:*:*:*:*:*:*",
              "matchCriteriaId": "D45B0D7E-BA0F-4AAA-A7BA-2ADA4CC90D94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update16:*:*:*:*:*:*",
              "matchCriteriaId": "D58A3E4F-2409-440A-891E-0B84D79AB480",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update17:*:*:*:*:*:*",
              "matchCriteriaId": "3FC2226B-CFEF-48A4-83EA-1F59F4AF7528",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update18:*:*:*:*:*:*",
              "matchCriteriaId": "F29DC78F-4D02-47B4-A955-32080B22356C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update19:*:*:*:*:*:*",
              "matchCriteriaId": "81A4204E-6F50-45FB-A343-7A30C0CD6D3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D6E07069-D6EE-4D44-94A6-CDCA4A50E6F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update20:*:*:*:*:*:*",
              "matchCriteriaId": "4B151882-47C0-400E-BBAB-A949E6140C86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update21:*:*:*:*:*:*",
              "matchCriteriaId": "6DB4F19E-DFC4-42F4-87B9-32FB1C496649",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update22:*:*:*:*:*:*",
              "matchCriteriaId": "301E96A3-AD2F-48F3-9166-571BD6F9FAE3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update23:*:*:*:*:*:*",
              "matchCriteriaId": "6C9215D9-DB64-4CEE-85E6-E247035EFB09",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update24:*:*:*:*:*:*",
              "matchCriteriaId": "352509FE-54D9-4A59-98B7-96E5E98BC2CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update25:*:*:*:*:*:*",
              "matchCriteriaId": "C3EC13D3-4CE7-459C-A7D7-7D38C1284720",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update26:*:*:*:*:*:*",
              "matchCriteriaId": "8CDCD1B4-C5F3-4188-B05F-23922F7DE517",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "ACABC935-5DD6-4F85-992E-70AD517EF41D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*",
              "matchCriteriaId": "6152036D-6421-4AE4-9223-766FE07B5A44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update10:*:*:*:*:*:*",
              "matchCriteriaId": "FE8B0935-6637-413D-B896-28E0ED7F2CEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update11:*:*:*:*:*:*",
              "matchCriteriaId": "30B480BC-0886-4B19-B0A5-57B531077F40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update13:*:*:*:*:*:*",
              "matchCriteriaId": "7FA1990D-BBC2-429C-872C-6150459516B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update15:*:*:*:*:*:*",
              "matchCriteriaId": "8DC2887E-610B-42FE-9A96-1E2F01BF17A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update17:*:*:*:*:*:*",
              "matchCriteriaId": "130849CD-A581-4FE6-B2AA-99134F16FE65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D375CECB-405C-4E18-A7E8-9C5A2F97BD69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update21:*:*:*:*:*:*",
              "matchCriteriaId": "50AF5AE9-5314-4CE7-95A7-CE6D1B036D23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update25:*:*:*:*:*:*",
              "matchCriteriaId": "1B10B19C-FA60-4CD5-AA61-A9791F6CECA8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*",
              "matchCriteriaId": "52EEEA5A-E77C-43CF-A063-9D5C64EA1870",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*",
              "matchCriteriaId": "003746F6-DEF0-4D0F-AD97-9E335868E301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update5:*:*:*:*:*:*",
              "matchCriteriaId": "CF830E0E-0169-4B6A-81FF-2E9FCD7D913B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update6:*:*:*:*:*:*",
              "matchCriteriaId": "6BAE3670-0938-480A-8472-DFF0B3A0D0BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update7:*:*:*:*:*:*",
              "matchCriteriaId": "0EC967FF-26A6-4498-BC09-EC23B2B75CBA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update7_b32:*:*:*:*:*:*",
              "matchCriteriaId": "270DE3F5-C51F-4E62-B532-7773BCF8CC7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update9:*:*:*:*:*:*",
              "matchCriteriaId": "02781457-4E40-46A9-A5F7-945232A8C2B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update9_b31:*:*:*:*:*:*",
              "matchCriteriaId": "5ED1BA76-BCA4-483F-B238-39FA792984BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update9_b32:*:*:*:*:*:*",
              "matchCriteriaId": "D450D249-DD3B-435F-B006-C44A215A3DC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD9FCDEB-2854-42FF-8BF4-A50890B3F08F",
              "versionEndExcluding": "1.6.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "EB864346-1429-46B5-A91E-A1126C486421",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update1:*:*:*:*:*:*",
              "matchCriteriaId": "F199B346-B95E-4DCA-B750-148A36D559BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update11:*:*:*:*:*:*",
              "matchCriteriaId": "1714BDEF-6B0E-42BB-9510-3F9B52E170BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update12:*:*:*:*:*:*",
              "matchCriteriaId": "830A3A51-F17A-4C61-8F5C-6A4582A64DA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update13:*:*:*:*:*:*",
              "matchCriteriaId": "9DE0E496-719D-4CEF-837F-B060A898099F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update14:*:*:*:*:*:*",
              "matchCriteriaId": "3B02F361-0C64-4CB8-8DAD-A63F1A9CC025",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update15:*:*:*:*:*:*",
              "matchCriteriaId": "FD4CC3E2-7BEA-4D8C-811C-C5012327A9AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update16:*:*:*:*:*:*",
              "matchCriteriaId": "9F63A8AC-893D-4D75-B467-85E70B62541D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update17:*:*:*:*:*:*",
              "matchCriteriaId": "D7823AE6-CB18-47DE-8A4F-1F98394B7237",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update18:*:*:*:*:*:*",
              "matchCriteriaId": "381EFA43-DB73-48EA-A4B1-F451EF60D845",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update19:*:*:*:*:*:*",
              "matchCriteriaId": "77C54E00-0197-4C87-9BFF-01A099AC3006",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update2:*:*:*:*:*:*",
              "matchCriteriaId": "64AD6007-EB92-4D0E-A0CB-8FFDDB61AA6D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update20:*:*:*:*:*:*",
              "matchCriteriaId": "7415177F-A2FE-47AB-8D92-194A4F6D75C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update21:*:*:*:*:*:*",
              "matchCriteriaId": "52FA600C-08B6-4143-9C72-DB31E489DE3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update22:*:*:*:*:*:*",
              "matchCriteriaId": "EF13B96D-1F80-4672-8DA3-F86F6D3BF070",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update23:*:*:*:*:*:*",
              "matchCriteriaId": "D1A2D440-D966-41A6-955D-38B28DDE0FDB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update24:*:*:*:*:*:*",
              "matchCriteriaId": "B1C57774-AD93-4162-8E45-92B09139C808",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update25:*:*:*:*:*:*",
              "matchCriteriaId": "CD7C4194-D34A-418F-9B00-5C6012844AAE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update26:*:*:*:*:*:*",
              "matchCriteriaId": "DAF7D86B-1B4D-4E1F-9EF0-DA7E419D7E99",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update3:*:*:*:*:*:*",
              "matchCriteriaId": "2752B83A-6DD2-4829-9E4F-42CDDCBC38C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update4:*:*:*:*:*:*",
              "matchCriteriaId": "964CCFD6-316A-48C6-9A6B-7CFD1A1FB027",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update5:*:*:*:*:*:*",
              "matchCriteriaId": "DC8771D7-9531-4A1D-B2DE-FAA7A7549801",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update6:*:*:*:*:*:*",
              "matchCriteriaId": "6C59C275-5964-4E5D-BE80-BA4EA34BEA62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update7:*:*:*:*:*:*",
              "matchCriteriaId": "47C1922B-37E8-4009-97C7-B243F6F96704",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update8:*:*:*:*:*:*",
              "matchCriteriaId": "68957C57-EC74-4896-B97D-E936DC6AD31C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update9:*:*:*:*:*:*",
              "matchCriteriaId": "6B3A8681-3EAC-4D02-811A-5FCCCC7B5635",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "DFAA351A-93CD-46A8-A480-CE2783CCD620",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*",
              "matchCriteriaId": "F4B153FD-E20B-4909-8B10-884E48F5B590",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update10:*:*:*:*:*:*",
              "matchCriteriaId": "F21933FB-A27C-4AF3-9811-2DE28484A5A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update10_b31:*:*:*:*:*:*",
              "matchCriteriaId": "61B7A9E2-14BE-40E3-AF51-1BA6FC612170",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update11:*:*:*:*:*:*",
              "matchCriteriaId": "B2B20041-EB5D-4FA4-AC7D-C35E7878BCFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update13:*:*:*:*:*:*",
              "matchCriteriaId": "F3C3C9C7-73AE-4B1D-AA85-C7F5330A4DE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update15:*:*:*:*:*:*",
              "matchCriteriaId": "1D8BB8D7-D5EC-42D6-BEAA-CB03D1D6513E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update17:*:*:*:*:*:*",
              "matchCriteriaId": "37B5B98B-0E41-4397-8AB0-C18C6F10AED1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update17_b31:*:*:*:*:*:*",
              "matchCriteriaId": "B0228195-41B4-4145-B8A4-7B974456ABA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update17_b32:*:*:*:*:*:*",
              "matchCriteriaId": "44F8FB6D-3602-4263-9814-CCB64B8D1926",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*",
              "matchCriteriaId": "CB106FA9-26CE-48C5-AEA5-FD1A5454AEE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update21:*:*:*:*:*:*",
              "matchCriteriaId": "4FF6C211-AD55-40FE-9130-77164E586F62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update21_b31:*:*:*:*:*:*",
              "matchCriteriaId": "2D3257E5-17DB-4E02-9A8E-DD0E4D4339DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update25:*:*:*:*:*:*",
              "matchCriteriaId": "F40DB141-E5B3-4EC2-9E2F-2E27414FCCB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update25_b33:*:*:*:*:*:*",
              "matchCriteriaId": "3391456D-86B0-457B-83BB-4C74DA0ED634",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update25_b34:*:*:*:*:*:*",
              "matchCriteriaId": "AA88EAC0-FD2D-4B38-8944-D4B6C3BD6FE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update25_b35:*:*:*:*:*:*",
              "matchCriteriaId": "C12DF03E-6E61-41DF-A283-D16AB356B6A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*",
              "matchCriteriaId": "5831D70B-3854-4CB8-B88D-40F1743DAEE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*",
              "matchCriteriaId": "EEB101C9-CA38-4421-BC0C-C1AD47AA2CC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*",
              "matchCriteriaId": "BA302DF3-ABBB-4262-B206-4C0F7B5B1E91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*",
              "matchCriteriaId": "F9A8EBCB-5E6A-42F0-8D07-F3A3D1C850F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update7:*:*:*:*:*:*",
              "matchCriteriaId": "0CD8A54E-185B-4D34-82EF-C0C05739EC12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update7_b32:*:*:*:*:*:*",
              "matchCriteriaId": "CD27AF64-5AA9-40F0-9308-2B4196FE7653",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update9:*:*:*:*:*:*",
              "matchCriteriaId": "4FFC7F0D-1F32-4235-8359-277CE41382DF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
              "matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "87614B58-24AB-49FB-9C84-E8DDBA16353B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF49D26F-142E-468B-87C1-BABEA445255C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4174F4F-149E-41A6-BBCC-D01114C05F38",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:redhat:satellite_with_embedded_oracle:5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2A12684-8CB8-49A6-8E06-1E1AE5B43E87",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_java:10:sp4:*:*:*:*:*:*",
              "matchCriteriaId": "3CF5C5B9-2CB9-4CD8-B94F-A674ED909CC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:-:*:*:*",
              "matchCriteriaId": "D1D7B467-58DD-45F1-9F1F-632620DF072A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7 and 6 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Scripting."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en el componente de Java Runtime Environment en Oracle Java SE JDK y JRE v7 y v6 Update 27 y anteriores permite a aplicaciones remotas Java Web Start y applets Java no confiables afectar a la confidencialidad, integridad y disponibilidad a trav\u00e9s de vectores desconocidos relacionados con secuencias de comandos."
    }
  ],
  "id": "CVE-2011-3544",
  "lastModified": "2025-01-06T19:22:15.533",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2011-10-19T21:55:01.097",
  "references": [
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/48308"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Product"
      ],
      "url": "http://www.ibm.com/developerworks/java/jdk/alerts/"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2011-1384.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/50218"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id?1026215"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-1263-1"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70849"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Broken Link"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13947"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://secunia.com/advisories/48308"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Product"
      ],
      "url": "http://www.ibm.com/developerworks/java/jdk/alerts/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.redhat.com/support/errata/RHSA-2011-1384.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/50218"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id?1026215"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-1263-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70849"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13947"
    }
  ],
  "sourceIdentifier": "secalert_us@oracle.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2013-07-23 11:03

Modified

2024-11-21 01:54

Severity ?

Summary

XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment (JRE) in IBM Java 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 as well as Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, Java SE Embedded 7u40 and earlier, and possibly other products allows remote attackers to cause a denial of service via vectors related to XML attribute names.

References

URL	Tags
psirt@us.ibm.com	http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html	Broken Link, Mailing List
psirt@us.ibm.com	http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html	Third Party Advisory
psirt@us.ibm.com	http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html	Third Party Advisory
psirt@us.ibm.com	http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html	Third Party Advisory
psirt@us.ibm.com	http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html	Third Party Advisory
psirt@us.ibm.com	http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html	Third Party Advisory
psirt@us.ibm.com	http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html	Third Party Advisory
psirt@us.ibm.com	http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html	Third Party Advisory
psirt@us.ibm.com	http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html	Third Party Advisory
psirt@us.ibm.com	http://marc.info/?l=bugtraq&m=138674031212883&w=2	Issue Tracking, Mailing List, Third Party Advisory
psirt@us.ibm.com	http://marc.info/?l=bugtraq&m=138674073720143&w=2	Issue Tracking, Mailing List, Third Party Advisory
psirt@us.ibm.com	http://rhn.redhat.com/errata/RHSA-2013-1059.html	Broken Link
psirt@us.ibm.com	http://rhn.redhat.com/errata/RHSA-2013-1060.html	Broken Link
psirt@us.ibm.com	http://rhn.redhat.com/errata/RHSA-2013-1081.html	Broken Link
psirt@us.ibm.com	http://rhn.redhat.com/errata/RHSA-2013-1440.html	Broken Link
psirt@us.ibm.com	http://rhn.redhat.com/errata/RHSA-2013-1447.html	Broken Link
psirt@us.ibm.com	http://rhn.redhat.com/errata/RHSA-2013-1451.html	Broken Link
psirt@us.ibm.com	http://rhn.redhat.com/errata/RHSA-2013-1505.html	Broken Link
psirt@us.ibm.com	http://rhn.redhat.com/errata/RHSA-2014-1818.html	Broken Link
psirt@us.ibm.com	http://rhn.redhat.com/errata/RHSA-2014-1821.html	Broken Link
psirt@us.ibm.com	http://rhn.redhat.com/errata/RHSA-2014-1822.html	Broken Link
psirt@us.ibm.com	http://rhn.redhat.com/errata/RHSA-2014-1823.html	Broken Link
psirt@us.ibm.com	http://rhn.redhat.com/errata/RHSA-2015-0675.html	Broken Link
psirt@us.ibm.com	http://rhn.redhat.com/errata/RHSA-2015-0720.html	Broken Link
psirt@us.ibm.com	http://rhn.redhat.com/errata/RHSA-2015-0765.html	Broken Link
psirt@us.ibm.com	http://rhn.redhat.com/errata/RHSA-2015-0773.html	Broken Link
psirt@us.ibm.com	http://secunia.com/advisories/56257	Third Party Advisory
psirt@us.ibm.com	http://security.gentoo.org/glsa/glsa-201406-32.xml	Third Party Advisory
psirt@us.ibm.com	http://support.apple.com/kb/HT5982	Third Party Advisory
psirt@us.ibm.com	http://svn.apache.org/viewvc/xerces/java/trunk/src/org/apache/xerces/impl/XMLScanner.java?r1=965250&r2=1499506&view=patch	Patch, Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg1IC98015	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21644197	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21653371	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21657539	Vendor Advisory
psirt@us.ibm.com	http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html	Third Party Advisory
psirt@us.ibm.com	http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_filenet_content_manager_and_ibm_content_foundation_xml_4j_denial_of_service_attack_cve_2013_4002	Vendor Advisory
psirt@us.ibm.com	http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013	Vendor Advisory
psirt@us.ibm.com	http://www.ibm.com/support/docview.wss?uid=swg21648172	Broken Link
psirt@us.ibm.com	http://www.securityfocus.com/bid/61310	Third Party Advisory, VDB Entry
psirt@us.ibm.com	http://www.ubuntu.com/usn/USN-2033-1	Third Party Advisory
psirt@us.ibm.com	http://www.ubuntu.com/usn/USN-2089-1	Third Party Advisory
psirt@us.ibm.com	https://access.redhat.com/errata/RHSA-2014:0414	Third Party Advisory
psirt@us.ibm.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/85260	VDB Entry, Vendor Advisory
psirt@us.ibm.com	https://issues.apache.org/jira/browse/XERCESJ-1679	Issue Tracking, Vendor Advisory
psirt@us.ibm.com	https://lists.apache.org/thread.html/49dc6702104a86ecbb40292dcd329ce9ae4c32b74733199ecab14a73%40%3Cj-users.xerces.apache.org%3E
psirt@us.ibm.com	https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E
psirt@us.ibm.com	https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5%40%3Csolr-user.lucene.apache.org%3E
psirt@us.ibm.com	https://www.oracle.com/security-alerts/cpuapr2022.html
psirt@us.ibm.com	https://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html	Broken Link, Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=138674031212883&w=2	Issue Tracking, Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=138674073720143&w=2	Issue Tracking, Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2013-1059.html	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2013-1060.html	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2013-1081.html	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2013-1440.html	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2013-1447.html	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2013-1451.html	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2013-1505.html	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2014-1818.html	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2014-1821.html	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2014-1822.html	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2014-1823.html	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2015-0675.html	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2015-0720.html	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2015-0765.html	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2015-0773.html	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/56257	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-201406-32.xml	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://support.apple.com/kb/HT5982	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://svn.apache.org/viewvc/xerces/java/trunk/src/org/apache/xerces/impl/XMLScanner.java?r1=965250&r2=1499506&view=patch	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg1IC98015	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21644197	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21653371	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21657539	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_filenet_content_manager_and_ibm_content_foundation_xml_4j_denial_of_service_attack_cve_2013_4002	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.ibm.com/support/docview.wss?uid=swg21648172	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/61310	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-2033-1	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-2089-1	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2014:0414	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/85260	VDB Entry, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://issues.apache.org/jira/browse/XERCESJ-1679	Issue Tracking, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/49dc6702104a86ecbb40292dcd329ce9ae4c32b74733199ecab14a73%40%3Cj-users.xerces.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5%40%3Csolr-user.lucene.apache.org%3E
af854a3a-2127-422b-91ae-364da2661108	https://www.oracle.com/security-alerts/cpuapr2022.html
af854a3a-2127-422b-91ae-364da2661108	https://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html	Third Party Advisory

Impacted products

Vendor	Product	Version
ibm	java	5.0.0.0
ibm	java	5.0.11.0
ibm	java	5.0.11.1
ibm	java	5.0.11.2
ibm	java	5.0.12.0
ibm	java	5.0.12.1
ibm	java	5.0.12.2
ibm	java	5.0.12.3
ibm	java	5.0.12.4
ibm	java	5.0.12.5
ibm	java	5.0.13.0
ibm	java	5.0.14.0
ibm	java	5.0.15.0
ibm	java	5.0.16.0
ibm	java	5.0.16.1
ibm	java	5.0.16.2
ibm	java	6.0.0.0
ibm	java	6.0.1.0
ibm	java	6.0.2.0
ibm	java	6.0.3.0
ibm	java	6.0.4.0
ibm	java	6.0.5.0
ibm	java	6.0.6.0
ibm	java	6.0.7.0
ibm	java	6.0.8.0
ibm	java	6.0.8.1
ibm	java	6.0.9.0
ibm	java	6.0.9.1
ibm	java	6.0.9.2
ibm	java	6.0.10.0
ibm	java	6.0.10.1
ibm	java	6.0.11.0
ibm	java	6.0.12.0
ibm	java	6.0.13.0
ibm	java	6.0.13.1
ibm	java	6.0.13.2
ibm	java	7.0.0.0
ibm	java	7.0.1.0
ibm	java	7.0.2.0
ibm	java	7.0.3.0
ibm	java	7.0.4.0
ibm	java	7.0.4.1
ibm	java	7.0.4.2
oracle	jdk	1.5.0
oracle	jdk	1.6.0
oracle	jdk	1.7.0
oracle	jre	1.5.0
oracle	jre	1.6.0
oracle	jre	1.7.0
oracle	jrockit	*
oracle	jrockit	*
ibm	sterling_b2b_integrator	5.2.4
ibm	host_on-demand	11.0
ibm	host_on-demand	11.0.1
ibm	host_on-demand	11.0.2
ibm	host_on-demand	11.0.3
ibm	host_on-demand	11.0.4
ibm	host_on-demand	11.0.5
ibm	host_on-demand	11.0.5.1
ibm	host_on-demand	11.0.6
ibm	host_on-demand	11.0.6.1
ibm	host_on-demand	11.0.7
ibm	host_on-demand	11.0.8
microsoft	windows	-
ibm	tivoli_application_dependency_discovery_manager	7.2.2
ibm	aix	-
linux	linux_kernel	-
microsoft	windows	-
oracle	solaris	-
ibm	sterling_b2b_integrator	5.1
ibm	sterling_b2b_integrator	5.2
ibm	sterling_file_gateway	2.1
ibm	sterling_file_gateway	2.2
hp	hp-ux	-
ibm	aix	-
ibm	i	-
linux	linux_kernel	-
microsoft	windows	-
oracle	solaris	-
opensuse	opensuse	12.2
opensuse	opensuse	12.3
suse	linux_enterprise_desktop	10
suse	linux_enterprise_desktop	11
suse	linux_enterprise_java	10
suse	linux_enterprise_java	11
suse	linux_enterprise_java	11
suse	linux_enterprise_sdk	11
suse	linux_enterprise_sdk	11
suse	linux_enterprise_server	9
suse	linux_enterprise_server	10
suse	linux_enterprise_server	10
suse	linux_enterprise_server	11
suse	linux_enterprise_server	11
suse	linux_enterprise_server	11
suse	linux_enterprise_server	11
canonical	ubuntu_linux	10.04
canonical	ubuntu_linux	12.04
canonical	ubuntu_linux	12.10
canonical	ubuntu_linux	13.04
canonical	ubuntu_linux	13.10
apache	xerces2_java	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:java:5.0.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "03D3F84F-3F6E-4DF1-B162-152293D951EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:5.0.11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A18121C3-F3F1-4EC7-A64E-3F6A0C9788C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:5.0.11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BAD59912-7325-4AE1-ACCF-D4F804AF3947",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:5.0.11.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "62783157-E3B6-4A23-8D2F-1FBD0762E9A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:5.0.12.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "14CC0D53-8AB8-4D44-82BB-0E6A974C36AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:5.0.12.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91A3129F-17A6-4F32-BD5D-34E4A1D1A840",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:5.0.12.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2845FF4-2620-4B8D-96CF-CC26B3DEA3C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:5.0.12.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC7CD279-54B6-4F6B-AE14-299FB319C690",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:5.0.12.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EA269CA-4676-4008-89EF-20FAB89886A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:5.0.12.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D22105B6-1378-4E1C-B28A-FCAE00A2D5CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:5.0.13.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "601762D3-1188-4945-931D-EB8DAC2847A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:5.0.14.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA4A30A6-498C-46B8-8EFC-45EB13354EAF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:5.0.15.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "414CC00A-C797-4C34-8709-75DC061DCDE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:5.0.16.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4401B967-0550-44F1-8753-9632120D2A44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:5.0.16.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4961693D-F56C-46CD-B721-6A15E2837C17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:5.0.16.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA4FBB66-CF6A-42D2-B122-1861F4139E75",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:java:6.0.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "14AD4A87-382A-41F0-96D8-0F0A9B738773",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:6.0.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "33701DDF-6882-41D3-A11B-A1F4585A77A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:6.0.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "25C58BBA-06AC-40CD-A906-FD1B3B0AAB69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:6.0.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76C5B430-EE11-4674-B4B0-895D66E3B32F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:6.0.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1837D84-6B4F-40D8-9A3F-71C328F659BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:6.0.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D20A369B-2168-4883-A84C-BB48A71AFB33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:6.0.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3628AAB4-E524-46E5-AAF4-1980256F13CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:6.0.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "30DC9FE3-CDE9-4F83-989B-4E431BA18B56",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:6.0.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C17B1C6B-04CE-49FB-B9BD-98ECD626B26F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:6.0.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "81F529EB-2BCA-4E3E-93E4-2A9880CDA367",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:6.0.9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DEAC3D6-F9F8-4F82-9BF1-FF0EC07A3274",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:6.0.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7694638C-CDAC-44DF-B9F9-F7237CD98017",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:6.0.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "23903A3C-1760-4836-BAE6-BDD32CBB4CBD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:6.0.10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2477E033-D26B-4D71-839B-5FE4B0927559",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:6.0.10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1CAB7BF-265E-411D-A584-E78DE171F065",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:6.0.11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E45F670-232F-4CE5-8926-6463E5619506",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:6.0.12.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B70E6E3-15B3-4D48-AE49-B9184A58EECE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:6.0.13.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5BCE3FD-B89B-4141-8103-9DB941AD60D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:6.0.13.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8EADFB3B-738F-4919-B165-9ECEED46EA6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:6.0.13.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B23A5431-E599-4848-AB83-B299898F5EF0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:java:7.0.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A8BF650-B8F5-467E-8DBF-81788B55F345",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:7.0.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1752A831-916F-4A7D-8AAE-1CEFACC51F91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:7.0.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C9744C4-76BE-428B-AFF2-5BCE00A58322",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:7.0.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "48B1DE45-90F9-416B-9087-8AEF5B0A3C46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:7.0.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EF6A045-0DF6-463B-A0DB-6C31D8C2984C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:7.0.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A731493C-9B46-4105-9902-B15BA0E0FB11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:7.0.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "49454369-A494-4EAA-88D5-181570DEBB4A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update51:*:*:*:*:*:*",
              "matchCriteriaId": "04C71221-E477-4DF8-B10A-3AC64511E4EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update60:*:*:*:*:*:*",
              "matchCriteriaId": "FF7DE0E6-F329-417B-8035-B4EBF9C97483",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update40:*:*:*:*:*:*",
              "matchCriteriaId": "220536FA-695D-4DE8-9813-494E3D061B78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.5.0:update51:*:*:*:*:*:*",
              "matchCriteriaId": "ACB55CC5-0EC7-44B2-B5A9-A5B1EE584791",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update60:*:*:*:*:*:*",
              "matchCriteriaId": "4F6B5E73-6751-475A-B9BF-3414D3476208",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update40:*:*:*:*:*:*",
              "matchCriteriaId": "7CB654DC-1D3D-4475-8815-335AC573F54C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jrockit:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF26274E-5364-4FC1-9603-A78C365596DB",
              "versionEndIncluding": "r27.7.6",
              "versionStartIncluding": "r27.7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jrockit:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "583E7A18-48C5-4AEE-A9C1-239D678E275A",
              "versionEndIncluding": "r28.2.8",
              "versionStartIncluding": "r28.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:sterling_b2b_integrator:5.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CF65201D-8980-450A-A542-3B5473A6F374",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:host_on-demand:11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E51D5AEF-B3D4-4782-9988-BC1DB3F3F296",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:host_on-demand:11.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E179FC2F-C700-4998-9D7A-3B945874CAC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:host_on-demand:11.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2341D5E7-15CD-4C8F-ABE8-AA915BFA2804",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:host_on-demand:11.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "474DC3BA-27F2-452A-85AD-BCC476EDD35B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:host_on-demand:11.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "997CA07C-EBB7-4D7F-AF23-A161817BF4A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:host_on-demand:11.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "5BFE87FC-7B77-4840-8185-1707CB37323B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:host_on-demand:11.0.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C77DD8B3-A227-4350-8699-FEC822119393",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:host_on-demand:11.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FA56704-18EB-4F3B-A36F-BCEF67B07C0F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:host_on-demand:11.0.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "420CC5FF-0300-4FA7-AB53-78C1A0B83C11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:host_on-demand:11.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B7132A0E-C2A1-403E-9516-A6911563D7B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:host_on-demand:11.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "F32CA797-ED68-426E-9370-E16C90075E01",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB2F6EF3-721A-43AB-AAFD-BE3EEDB0AA61",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E492C463-D76E-49B7-A4D4-3B499E422D89",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:oracle:solaris:-:*:*:*:*:*:-:*",
              "matchCriteriaId": "F5027746-8216-452D-83C5-2F8E9546F2A5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:sterling_b2b_integrator:5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "40363692-5283-4D0C-BAE1-C049C02A0294",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:sterling_b2b_integrator:5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F805BA3A-178D-416E-9DED-4258F71A17C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:sterling_file_gateway:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A40AC14-AC2B-4A0D-A9CC-3A00B48D8975",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:sterling_file_gateway:2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1554D69E-D68E-46CA-B1F7-C24CAABF58E8",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:hp:hp-ux:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F480AA32-841A-4E68-9343-B2E7548B0A0C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "E492C463-D76E-49B7-A4D4-3B499E422D89",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:ibm:i:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "C684FC45-C9BA-4EF0-BD06-BB289450DD21",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:oracle:solaris:-:*:*:*:*:*:-:*",
              "matchCriteriaId": "F5027746-8216-452D-83C5-2F8E9546F2A5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D806A17E-B8F9-466D-807D-3F1E77603DC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFBF430B-0832-44B0-AA0E-BA9E467F7668",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:-:*:*:*",
              "matchCriteriaId": "4339DE06-19FB-4B8E-B6AE-3495F605AD05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "3ED68ADD-BBDA-4485-BC76-58F011D72311",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_java:10:sp4:*:*:*:*:*:*",
              "matchCriteriaId": "3CF5C5B9-2CB9-4CD8-B94F-A674ED909CC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_java:11:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "252CF7A7-3FEB-4503-AEE8-B67139C5B0D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_java:11:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "79D7DBBA-6849-45F7-AFEF-C765569C481A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_sdk:11:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "2C634990-2690-4E3B-B21F-6687A6A34644",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_sdk:11:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "73B7BC23-6CCA-41B2-8F61-EDB95F1AFB1D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:9:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CD2D897-E321-4CED-92E0-11A98B52053C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:ltss:*:*:*",
              "matchCriteriaId": "CED02712-1031-4206-AC4D-E68710F46EC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:-:*:*:*",
              "matchCriteriaId": "D1D7B467-58DD-45F1-9F1F-632620DF072A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:-:*:*",
              "matchCriteriaId": "88D6E858-FD8F-4C55-B7D5-CEEDA2BBA898",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:vmware:*:*",
              "matchCriteriaId": "DB4D6749-81A1-41D7-BF4F-1C45A7F49A22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*",
              "matchCriteriaId": "E534C201-BCC5-473C-AAA7-AAB97CEB5437",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*",
              "matchCriteriaId": "2470C6E8-2024-4CF5-9982-CFF50E88EAE9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
              "matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*",
              "matchCriteriaId": "CB66DB75-2B16-4EBF-9B93-CE49D8086E41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2076871-2E80-4605-A470-A41C1A8EC7EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFAA48D9-BEB4-4E49-AD50-325C262D46D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F61F047-129C-41A6-8A27-FFCBB8563E91",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apache:xerces2_java:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CFD62E4-794A-43C0-8C65-A44D970D1569",
              "versionEndExcluding": "2.12.0",
              "versionStartIncluding": "2.4.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment (JRE) in IBM Java 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 as well as Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, Java SE Embedded 7u40 and earlier, and possibly other products allows remote attackers to cause a denial of service via vectors related to XML attribute names."
    },
    {
      "lang": "es",
      "value": "XMLscanner.java en Apache Xerces2 Java Parser, en versiones anteriores a la 2.12.0, tal y como se emple\u00f3 en Java Runtime Environment (JRE) en IBM Java, en versiones 5.0 anteriores a la 5.0 SR16-FP3, 6 anteriores a la 6 SR14, 6.0.1 anteriores a la 6.0.1 SR6 y 7 anteriores a la 7 SR5, as\u00ed como en Oracle Java SE 7u40 y anteriores, Java SE 6u60 y anteriores, Java SE 5.0u51 y anteriores, JRockit R28.2.8 y anteriores, JRockit R27.7.6 y anteriores, Java SE Embedded 7u40 y anteriores y, posiblemente, otros productos, permite que los atacantes remotos realicen una denegaci\u00f3n de servicio (DoS) mediante vectores relacionados con los nombres de atributo XML."
    }
  ],
  "id": "CVE-2013-4002",
  "lastModified": "2024-11-21T01:54:41.567",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-07-23T11:03:19.790",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Broken Link",
        "Mailing List"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Issue Tracking",
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Issue Tracking",
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1059.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1081.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1818.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1821.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1822.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1823.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2015-0675.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2015-0720.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2015-0765.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2015-0773.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/56257"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://support.apple.com/kb/HT5982"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://svn.apache.org/viewvc/xerces/java/trunk/src/org/apache/xerces/impl/XMLScanner.java?r1=965250\u0026r2=1499506\u0026view=patch"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC98015"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21653371"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21657539"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_filenet_content_manager_and_ibm_content_foundation_xml_4j_denial_of_service_attack_cve_2013_4002"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=swg21648172"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/61310"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2033-1"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2089-1"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2014:0414"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85260"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Issue Tracking",
        "Vendor Advisory"
      ],
      "url": "https://issues.apache.org/jira/browse/XERCESJ-1679"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "https://lists.apache.org/thread.html/49dc6702104a86ecbb40292dcd329ce9ae4c32b74733199ecab14a73%40%3Cj-users.xerces.apache.org%3E"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5%40%3Csolr-user.lucene.apache.org%3E"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Mailing List"
      ],
      "url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1059.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1081.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1818.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1821.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1822.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1823.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2015-0675.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2015-0720.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2015-0765.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2015-0773.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/56257"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://support.apple.com/kb/HT5982"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://svn.apache.org/viewvc/xerces/java/trunk/src/org/apache/xerces/impl/XMLScanner.java?r1=965250\u0026r2=1499506\u0026view=patch"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC98015"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21653371"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21657539"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_filenet_content_manager_and_ibm_content_foundation_xml_4j_denial_of_service_attack_cve_2013_4002"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.ibm.com/support/docview.wss?uid=swg21648172"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/61310"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2033-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.ubuntu.com/usn/USN-2089-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2014:0414"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85260"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Vendor Advisory"
      ],
      "url": "https://issues.apache.org/jira/browse/XERCESJ-1679"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/49dc6702104a86ecbb40292dcd329ce9ae4c32b74733199ecab14a73%40%3Cj-users.xerces.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5%40%3Csolr-user.lucene.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2013-06-18 22:55

Modified

2025-01-06 19:31

Severity ?

Summary

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect image channel verification" in 2D.

References

URL	Tags
secalert_us@oracle.com	http://advisories.mageia.org/MGASA-2013-0185.html	Broken Link
secalert_us@oracle.com	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880	Broken Link
secalert_us@oracle.com	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880	Broken Link
secalert_us@oracle.com	http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/2a9c79db0040	Patch
secalert_us@oracle.com	http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html	Mailing List, Third Party Advisory
secalert_us@oracle.com	http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html	Mailing List, Third Party Advisory
secalert_us@oracle.com	http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html	Mailing List, Third Party Advisory
secalert_us@oracle.com	http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html	Mailing List, Third Party Advisory
secalert_us@oracle.com	http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00031.html	Mailing List, Third Party Advisory
secalert_us@oracle.com	http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html	Mailing List, Third Party Advisory
secalert_us@oracle.com	http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html	Mailing List, Third Party Advisory
secalert_us@oracle.com	http://marc.info/?l=bugtraq&m=137545505800971&w=2	Mailing List, Third Party Advisory
secalert_us@oracle.com	http://marc.info/?l=bugtraq&m=137545592101387&w=2	Mailing List, Third Party Advisory
secalert_us@oracle.com	http://rhn.redhat.com/errata/RHSA-2013-0963.html	Third Party Advisory
secalert_us@oracle.com	http://rhn.redhat.com/errata/RHSA-2013-1059.html	Third Party Advisory
secalert_us@oracle.com	http://rhn.redhat.com/errata/RHSA-2013-1060.html	Third Party Advisory
secalert_us@oracle.com	http://rhn.redhat.com/errata/RHSA-2013-1081.html	Third Party Advisory
secalert_us@oracle.com	http://rhn.redhat.com/errata/RHSA-2013-1455.html	Third Party Advisory
secalert_us@oracle.com	http://rhn.redhat.com/errata/RHSA-2013-1456.html	Third Party Advisory
secalert_us@oracle.com	http://secunia.com/advisories/54154	Not Applicable
secalert_us@oracle.com	http://security.gentoo.org/glsa/glsa-201406-32.xml	Third Party Advisory
secalert_us@oracle.com	http://www-01.ibm.com/support/docview.wss?uid=swg21642336	Third Party Advisory
secalert_us@oracle.com	http://www.mandriva.com/security/advisories?name=MDVSA-2013:183	Not Applicable
secalert_us@oracle.com	http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html	Vendor Advisory
secalert_us@oracle.com	http://www.securityfocus.com/bid/60657	Broken Link, Third Party Advisory, VDB Entry
secalert_us@oracle.com	http://www.us-cert.gov/ncas/alerts/TA13-169A	Third Party Advisory, US Government Resource
secalert_us@oracle.com	https://access.redhat.com/errata/RHSA-2014:0414	Third Party Advisory
secalert_us@oracle.com	https://bugzilla.redhat.com/show_bug.cgi?id=975118	Issue Tracking
secalert_us@oracle.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17106	Broken Link
secalert_us@oracle.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19074	Broken Link
secalert_us@oracle.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19455	Broken Link
secalert_us@oracle.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19703	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://advisories.mageia.org/MGASA-2013-0185.html	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/2a9c79db0040	Patch
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00031.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=137545505800971&w=2	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=137545592101387&w=2	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2013-0963.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2013-1059.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2013-1060.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2013-1081.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2013-1455.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2013-1456.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/54154	Not Applicable
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-201406-32.xml	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21642336	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDVSA-2013:183	Not Applicable
af854a3a-2127-422b-91ae-364da2661108	http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/60657	Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/ncas/alerts/TA13-169A	Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2014:0414	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=975118	Issue Tracking
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17106	Broken Link
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19074	Broken Link
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19455	Broken Link
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19703	Broken Link

Impacted products

Vendor	Product	Version
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.7.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
oracle	jre	1.6.0
sun	jre	1.6.0
sun	jre	1.6.0
sun	jre	1.6.0
sun	jre	1.6.0
sun	jre	1.6.0
sun	jre	1.6.0
sun	jre	1.6.0
sun	jre	1.6.0
sun	jre	1.6.0
sun	jre	1.6.0
sun	jre	1.6.0
sun	jre	1.6.0
sun	jre	1.6.0
sun	jre	1.6.0
sun	jre	1.6.0
sun	jre	1.6.0
sun	jre	1.6.0
sun	jre	1.6.0
sun	jre	1.6.0
oracle	jre	1.5.0
oracle	jre	1.5.0
oracle	jre	1.5.0
oracle	jre	1.5.0
oracle	jre	1.5.0
oracle	jre	1.5.0
oracle	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
sun	jre	1.5.0
suse	linux_enterprise_desktop	10
suse	linux_enterprise_java	10
suse	linux_enterprise_java	11
suse	linux_enterprise_java	11
suse	linux_enterprise_server	10
suse	linux_enterprise_server	10
suse	linux_enterprise_server	11
suse	linux_enterprise_server	11
suse	linux_enterprise_server	11
suse	linux_enterprise_server	11
suse	linux_enterprise_software_development_kit	11
suse	linux_enterprise_software_development_kit	11

JSON

To clipboard

{
  "cisaActionDue": "2022-04-18",
  "cisaExploitAdd": "2022-03-28",
  "cisaRequiredAction": "Apply updates per vendor instructions.",
  "cisaVulnerabilityName": "Oracle Java SE Unspecified Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "DFAA351A-93CD-46A8-A480-CE2783CCD620",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*",
              "matchCriteriaId": "F4B153FD-E20B-4909-8B10-884E48F5B590",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update10:*:*:*:*:*:*",
              "matchCriteriaId": "F21933FB-A27C-4AF3-9811-2DE28484A5A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update11:*:*:*:*:*:*",
              "matchCriteriaId": "B2B20041-EB5D-4FA4-AC7D-C35E7878BCFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update13:*:*:*:*:*:*",
              "matchCriteriaId": "F3C3C9C7-73AE-4B1D-AA85-C7F5330A4DE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update15:*:*:*:*:*:*",
              "matchCriteriaId": "1D8BB8D7-D5EC-42D6-BEAA-CB03D1D6513E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update17:*:*:*:*:*:*",
              "matchCriteriaId": "37B5B98B-0E41-4397-8AB0-C18C6F10AED1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*",
              "matchCriteriaId": "CB106FA9-26CE-48C5-AEA5-FD1A5454AEE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update21:*:*:*:*:*:*",
              "matchCriteriaId": "4FF6C211-AD55-40FE-9130-77164E586F62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*",
              "matchCriteriaId": "5831D70B-3854-4CB8-B88D-40F1743DAEE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*",
              "matchCriteriaId": "EEB101C9-CA38-4421-BC0C-C1AD47AA2CC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*",
              "matchCriteriaId": "BA302DF3-ABBB-4262-B206-4C0F7B5B1E91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*",
              "matchCriteriaId": "F9A8EBCB-5E6A-42F0-8D07-F3A3D1C850F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update7:*:*:*:*:*:*",
              "matchCriteriaId": "0CD8A54E-185B-4D34-82EF-C0C05739EC12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update9:*:*:*:*:*:*",
              "matchCriteriaId": "4FFC7F0D-1F32-4235-8359-277CE41382DF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "EB864346-1429-46B5-A91E-A1126C486421",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update22:*:*:*:*:*:*",
              "matchCriteriaId": "EF13B96D-1F80-4672-8DA3-F86F6D3BF070",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update23:*:*:*:*:*:*",
              "matchCriteriaId": "D1A2D440-D966-41A6-955D-38B28DDE0FDB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update24:*:*:*:*:*:*",
              "matchCriteriaId": "B1C57774-AD93-4162-8E45-92B09139C808",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update25:*:*:*:*:*:*",
              "matchCriteriaId": "CD7C4194-D34A-418F-9B00-5C6012844AAE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update26:*:*:*:*:*:*",
              "matchCriteriaId": "DAF7D86B-1B4D-4E1F-9EF0-DA7E419D7E99",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update27:*:*:*:*:*:*",
              "matchCriteriaId": "F0B82FB1-0F0E-44F9-87AE-628517279E4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update29:*:*:*:*:*:*",
              "matchCriteriaId": "A0A67640-2F4A-488A-9D8F-3FE1F4DA8DEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update30:*:*:*:*:*:*",
              "matchCriteriaId": "0D60D98D-4363-44A0-AAB4-B61BA623EE21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update31:*:*:*:*:*:*",
              "matchCriteriaId": "23CDA4F0-C32B-4B08-A377-7D4426C2F569",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update32:*:*:*:*:*:*",
              "matchCriteriaId": "8E76476E-4120-46A9-90A8-A95FE89636CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update33:*:*:*:*:*:*",
              "matchCriteriaId": "97A84689-0CED-404F-8DC3-708BEB37D2CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update34:*:*:*:*:*:*",
              "matchCriteriaId": "738EC3E5-A4EB-47FE-9C9A-7C8E8C669765",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update35:*:*:*:*:*:*",
              "matchCriteriaId": "FF56E0D9-612D-4215-9C76-560AE0661A05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update37:*:*:*:*:*:*",
              "matchCriteriaId": "BA717604-4BB0-4968-B258-7C9F884016FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update38:*:*:*:*:*:*",
              "matchCriteriaId": "AA71FCF4-580F-432D-AADC-65A2A92CEBC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update39:*:*:*:*:*:*",
              "matchCriteriaId": "F1E1A8F3-5A63-401E-9BDA-ACCA30FF6AC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update41:*:*:*:*:*:*",
              "matchCriteriaId": "5C91517E-4C81-4D09-9FCB-B7AC769C7107",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update43:*:*:*:*:*:*",
              "matchCriteriaId": "8B276B96-66BE-4C09-BE9F-11FA7461CBDF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update45:*:*:*:*:*:*",
              "matchCriteriaId": "626E11CA-20EE-4AB0-84D7-8DAE7A9D8960",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_1:*:*:*:*:*:*",
              "matchCriteriaId": "09027C19-D442-446F-B7A8-21DB6787CF43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_10:*:*:*:*:*:*",
              "matchCriteriaId": "0A0FEC28-0707-4F42-9740-78F3D2D551EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_11:*:*:*:*:*:*",
              "matchCriteriaId": "C3C5879A-A608-4230-9DC1-C27F0F48A13B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_12:*:*:*:*:*:*",
              "matchCriteriaId": "0C71089A-BDDE-41FC-9DF9-9AEF4C2374DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_13:*:*:*:*:*:*",
              "matchCriteriaId": "2DBB6B73-8D6B-41FF-BEE0-E0C7F5F1EB41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_14:*:*:*:*:*:*",
              "matchCriteriaId": "12A3B254-8580-45DB-BDE4-5B5A29CBFFB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_15:*:*:*:*:*:*",
              "matchCriteriaId": "1DB1DE6A-66AE-499B-AD92-9E6ACE474C6D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_16:*:*:*:*:*:*",
              "matchCriteriaId": "AADBB4F9-E43E-428B-9979-F47A15696C85",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_17:*:*:*:*:*:*",
              "matchCriteriaId": "49260B94-05DE-4B78-9068-6F5F6BFDD19E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_18:*:*:*:*:*:*",
              "matchCriteriaId": "C4FDE9EB-08FE-436E-A265-30E83B15DB23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_19:*:*:*:*:*:*",
              "matchCriteriaId": "BE409D5C-8F9F-4DE9-ACB7-0E0B813F6399",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_20:*:*:*:*:*:*",
              "matchCriteriaId": "B08C075B-9FC0-4381-A9E4-FFF0362BD308",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_21:*:*:*:*:*:*",
              "matchCriteriaId": "F587E635-3A15-4186-B6A1-F99BE0A56820",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_3:*:*:*:*:*:*",
              "matchCriteriaId": "90EC6C13-4B37-48E5-8199-A702A944D5A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_4:*:*:*:*:*:*",
              "matchCriteriaId": "2528152C-E20A-4D97-931C-A5EC3CEAA06D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_5:*:*:*:*:*:*",
              "matchCriteriaId": "A99DAB4C-272B-4C91-BC70-7729E1152590",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_6:*:*:*:*:*:*",
              "matchCriteriaId": "30DFC10A-A4D9-4F89-B17C-AB9260087D29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_7:*:*:*:*:*:*",
              "matchCriteriaId": "272A5C44-18EC-41A9-8233-E9D4D0734EA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.6.0:update_9:*:*:*:*:*:*",
              "matchCriteriaId": "81C2C04D-D4BA-4C87-9609-C53AA63BFF19",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.5.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "D8730889-A618-4CF9-888C-BF95802DD00F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.5.0:update36:*:*:*:*:*:*",
              "matchCriteriaId": "CC062AE6-515B-4D40-9B86-46F7A1D7FF1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.5.0:update38:*:*:*:*:*:*",
              "matchCriteriaId": "B4A2D725-A7DC-4802-A377-5C3963AD9941",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.5.0:update39:*:*:*:*:*:*",
              "matchCriteriaId": "A47E0A76-D6A3-445E-84C8-038497655BBC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.5.0:update40:*:*:*:*:*:*",
              "matchCriteriaId": "A3C6E1D8-B96E-40FB-9E66-9B3A5325E78B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.5.0:update41:*:*:*:*:*:*",
              "matchCriteriaId": "F08A5AAD-84CA-491F-83D3-CEFFD16212E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.5.0:update45:*:*:*:*:*:*",
              "matchCriteriaId": "A13547EA-EF77-493A-A863-F09E2AEE8BD4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update1:*:*:*:*:*:*",
              "matchCriteriaId": "A7FC09E8-7F30-4FE4-912E-588AA250E2A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update10:*:*:*:*:*:*",
              "matchCriteriaId": "A586DE4E-8A46-41DE-9FDB-5FDB81DCC87B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update11:*:*:*:*:*:*",
              "matchCriteriaId": "9919D091-73D7-465A-80FF-F37D6CAF9F46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update12:*:*:*:*:*:*",
              "matchCriteriaId": "02565D6F-4CB2-4671-A4EF-3169BCFA6154",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update13:*:*:*:*:*:*",
              "matchCriteriaId": "452A3E51-9EAC-451D-BA04-A1E7B7D917EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update14:*:*:*:*:*:*",
              "matchCriteriaId": "3E8C6AAC-C90B-4220-A69B-2A886A35CF5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update15:*:*:*:*:*:*",
              "matchCriteriaId": "55231B6B-9298-4363-9B5A-14C2DA7B1F50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update16:*:*:*:*:*:*",
              "matchCriteriaId": "E42CF0F7-418C-4BB6-9B73-FA3B9171D092",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update17:*:*:*:*:*:*",
              "matchCriteriaId": "A5467E9D-07D8-4BEB-84D5-A3136C133519",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update18:*:*:*:*:*:*",
              "matchCriteriaId": "B83B2CE1-45D7-47AD-BC0A-6EC74D5F8F5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update19:*:*:*:*:*:*",
              "matchCriteriaId": "8A32F326-EA92-43CD-930E-E527B60CDD3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update2:*:*:*:*:*:*",
              "matchCriteriaId": "7EA5B9E9-654D-44F7-AE98-3D8B382804AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update20:*:*:*:*:*:*",
              "matchCriteriaId": "04344167-530E-4A4D-90EF-74C684943DF1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update21:*:*:*:*:*:*",
              "matchCriteriaId": "B0E0373B-201D-408F-9234-A7EFE8B4970D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update22:*:*:*:*:*:*",
              "matchCriteriaId": "15EAD76D-D5D0-4984-9D07-C1451D791083",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update23:*:*:*:*:*:*",
              "matchCriteriaId": "DE949EBF-2BC0-4355-8B28-B494023D45FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update24:*:*:*:*:*:*",
              "matchCriteriaId": "7E0A0A2D-62B9-4A00-84EF-90C15E47A632",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update25:*:*:*:*:*:*",
              "matchCriteriaId": "A070A282-CBD6-4041-B149-5E310BD12E7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update26:*:*:*:*:*:*",
              "matchCriteriaId": "3ECAE71B-C549-4EFB-A509-BFD599F5917A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update27:*:*:*:*:*:*",
              "matchCriteriaId": "044BADDD-A80B-4AE2-8595-5F8186314550",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update28:*:*:*:*:*:*",
              "matchCriteriaId": "B7FC11BE-8CF7-4D45-BB4A-3EFA1DDBB10D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update29:*:*:*:*:*:*",
              "matchCriteriaId": "1D75C40D-62AE-47F2-A6E0-53F3495260BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update3:*:*:*:*:*:*",
              "matchCriteriaId": "44051CFE-D15D-4416-A123-F3E49C67A9E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update31:*:*:*:*:*:*",
              "matchCriteriaId": "4C061911-FB19-45EB-8E88-7450224F4023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update33:*:*:*:*:*:*",
              "matchCriteriaId": "0E8009BC-F5A8-4D00-9F5F-8635475C6065",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update4:*:*:*:*:*:*",
              "matchCriteriaId": "F296ACF3-1373-429D-B991-8B5BA704A7EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update5:*:*:*:*:*:*",
              "matchCriteriaId": "B863420B-DE16-416A-9640-1A1340A9B855",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update6:*:*:*:*:*:*",
              "matchCriteriaId": "724C972F-74FE-4044-BBC4-7E0E61FC9002",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update7:*:*:*:*:*:*",
              "matchCriteriaId": "46F41C15-0EF4-4115-BFAA-EEAD56FAEEDB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update8:*:*:*:*:*:*",
              "matchCriteriaId": "EBE909DE-E55A-4BD3-A5BF-ADE407432193",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sun:jre:1.5.0:update9:*:*:*:*:*:*",
              "matchCriteriaId": "5DAC04D2-68FD-4793-A8E7-4690A543D7D4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:-:*:*:*",
              "matchCriteriaId": "4339DE06-19FB-4B8E-B6AE-3495F605AD05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_java:10:sp4:*:*:*:*:*:*",
              "matchCriteriaId": "3CF5C5B9-2CB9-4CD8-B94F-A674ED909CC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_java:11:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "252CF7A7-3FEB-4503-AEE8-B67139C5B0D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_java:11:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "79D7DBBA-6849-45F7-AFEF-C765569C481A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:ltss:*:*:*",
              "matchCriteriaId": "CED02712-1031-4206-AC4D-E68710F46EC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:-:*:*:*",
              "matchCriteriaId": "D1D7B467-58DD-45F1-9F1F-632620DF072A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:-:*:*",
              "matchCriteriaId": "88D6E858-FD8F-4C55-B7D5-CEEDA2BBA898",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:vmware:*:*",
              "matchCriteriaId": "DB4D6749-81A1-41D7-BF4F-1C45A7F49A22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*",
              "matchCriteriaId": "E534C201-BCC5-473C-AAA7-AAB97CEB5437",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*",
              "matchCriteriaId": "2470C6E8-2024-4CF5-9982-CFF50E88EAE9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "5AA37837-3083-4DC7-94F4-54FD5D7CB53C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "2F7F8866-DEAD-44D1-AB10-21EE611AA026",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.  NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to \"Incorrect image channel verification\" in 2D."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Java SE versi\u00f3n 7 Update 21 y anteriores, versi\u00f3n 6 Update 45 y anteriores, y versi\u00f3n 5.0 Update 45 y anteriores, y OpenJDK versi\u00f3n 7 de Oracle, permite a los atacantes remotos afectar la confidencialidad, integridad y disponibilidad por medio de vectores desconocidos relacionados con 2D. NOTA: la informaci\u00f3n previa es de la CPU de junio de 2013. Oracle no ha comentado sobre las afirmaciones de otro proveedor de que este problema permite a los atacantes remotos omitir el sandbox de Java por medio de vectores relacionados con la \"Incorrect image attribute verification\" en 2D."
    }
  ],
  "evaluatorComment": "Per: http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html\n\n\u0027Applies to client deployment of Java only. This vulnerability can be exploited only through sandboxed Java Web Start applications and sandboxed Java applets.\u0027",
  "id": "CVE-2013-2465",
  "lastModified": "2025-01-06T19:31:37.547",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-06-18T22:55:02.807",
  "references": [
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://advisories.mageia.org/MGASA-2013-0185.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Patch"
      ],
      "url": "http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/2a9c79db0040"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00031.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=137545505800971\u0026w=2"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=137545592101387\u0026w=2"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-0963.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1059.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1081.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Not Applicable"
      ],
      "url": "http://secunia.com/advisories/54154"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21642336"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Not Applicable"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:183"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/60657"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/ncas/alerts/TA13-169A"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2014:0414"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=975118"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Broken Link"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17106"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Broken Link"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19074"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Broken Link"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19455"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Broken Link"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19703"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://advisories.mageia.org/MGASA-2013-0185.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/2a9c79db0040"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00031.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=137545505800971\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=137545592101387\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-0963.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1059.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1081.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Not Applicable"
      ],
      "url": "http://secunia.com/advisories/54154"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21642336"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Not Applicable"
      ],
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:183"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/60657"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/ncas/alerts/TA13-169A"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2014:0414"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=975118"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17106"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19074"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19455"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19703"
    }
  ],
  "sourceIdentifier": "secalert_us@oracle.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

cve-2011-3544

Vulnerability from cvelistv5

Published

2011-10-19 21:00

Modified

2024-08-06 23:37

Severity ?

Summary

References

▼	URL	Tags
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13947	vdb-entry, signature, x_refsource_OVAL
	http://security.gentoo.org/glsa/glsa-201406-32.xml	vendor-advisory, x_refsource_GENTOO
	http://marc.info/?l=bugtraq&m=134254866602253&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/48308	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=132750579901589&w=2	vendor-advisory, x_refsource_HP
	http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html	vendor-advisory, x_refsource_SUSE
	http://rhn.redhat.com/errata/RHSA-2013-1455.html	vendor-advisory, x_refsource_REDHAT
	http://marc.info/?l=bugtraq&m=132750579901589&w=2	vendor-advisory, x_refsource_HP
	http://www.redhat.com/support/errata/RHSA-2011-1384.html	vendor-advisory, x_refsource_REDHAT
	http://www.securityfocus.com/bid/50218	vdb-entry, x_refsource_BID
	http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=134254957702612&w=2	vendor-advisory, x_refsource_HP
	https://exchange.xforce.ibmcloud.com/vulnerabilities/70849	vdb-entry, x_refsource_XF
	http://www.securitytracker.com/id?1026215	vdb-entry, x_refsource_SECTRACK
	http://www.ubuntu.com/usn/USN-1263-1	vendor-advisory, x_refsource_UBUNTU
	http://marc.info/?l=bugtraq&m=134254957702612&w=2	vendor-advisory, x_refsource_HP
	http://www.ibm.com/developerworks/java/jdk/alerts/	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T23:37:48.020Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "oval:org.mitre.oval:def:13947",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13947"
          },
          {
            "name": "GLSA-201406-32",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
          },
          {
            "name": "HPSBMU02799",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
          },
          {
            "name": "48308",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48308"
          },
          {
            "name": "HPSBUX02730",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
          },
          {
            "name": "SUSE-SU-2012:0114",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html"
          },
          {
            "name": "RHSA-2013:1455",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
          },
          {
            "name": "SSRT100710",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
          },
          {
            "name": "RHSA-2011:1384",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2011-1384.html"
          },
          {
            "name": "50218",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/50218"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html"
          },
          {
            "name": "SSRT100867",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
          },
          {
            "name": "oracle-jre-scripting-unspecified(70849)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70849"
          },
          {
            "name": "1026215",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1026215"
          },
          {
            "name": "USN-1263-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1263-1"
          },
          {
            "name": "HPSBMU02797",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/developerworks/java/jdk/alerts/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2011-10-18T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7 and 6 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Scripting."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-05T18:57:01",
        "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "shortName": "oracle"
      },
      "references": [
        {
          "name": "oval:org.mitre.oval:def:13947",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13947"
        },
        {
          "name": "GLSA-201406-32",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
        },
        {
          "name": "HPSBMU02799",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
        },
        {
          "name": "48308",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48308"
        },
        {
          "name": "HPSBUX02730",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
        },
        {
          "name": "SUSE-SU-2012:0114",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html"
        },
        {
          "name": "RHSA-2013:1455",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
        },
        {
          "name": "SSRT100710",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
        },
        {
          "name": "RHSA-2011:1384",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2011-1384.html"
        },
        {
          "name": "50218",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/50218"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html"
        },
        {
          "name": "SSRT100867",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
        },
        {
          "name": "oracle-jre-scripting-unspecified(70849)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70849"
        },
        {
          "name": "1026215",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1026215"
        },
        {
          "name": "USN-1263-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1263-1"
        },
        {
          "name": "HPSBMU02797",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/developerworks/java/jdk/alerts/"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert_us@oracle.com",
          "ID": "CVE-2011-3544",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE JDK and JRE 7 and 6 Update 27 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality, integrity, and availability via unknown vectors related to Scripting."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "oval:org.mitre.oval:def:13947",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13947"
            },
            {
              "name": "GLSA-201406-32",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
            },
            {
              "name": "HPSBMU02799",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
            },
            {
              "name": "48308",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/48308"
            },
            {
              "name": "HPSBUX02730",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
            },
            {
              "name": "SUSE-SU-2012:0114",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html"
            },
            {
              "name": "RHSA-2013:1455",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
            },
            {
              "name": "SSRT100710",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=132750579901589\u0026w=2"
            },
            {
              "name": "RHSA-2011:1384",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2011-1384.html"
            },
            {
              "name": "50218",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/50218"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html"
            },
            {
              "name": "SSRT100867",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
            },
            {
              "name": "oracle-jre-scripting-unspecified(70849)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/70849"
            },
            {
              "name": "1026215",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1026215"
            },
            {
              "name": "USN-1263-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1263-1"
            },
            {
              "name": "HPSBMU02797",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
            },
            {
              "name": "http://www.ibm.com/developerworks/java/jdk/alerts/",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/developerworks/java/jdk/alerts/"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
    "assignerShortName": "oracle",
    "cveId": "CVE-2011-3544",
    "datePublished": "2011-10-19T21:00:00",
    "dateReserved": "2011-09-16T00:00:00",
    "dateUpdated": "2024-08-06T23:37:48.020Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2013-4002

Vulnerability from cvelistv5

Published

2013-07-23 10:00

Modified

2024-08-06 16:30

Severity ?

Summary

References

▼	URL	Tags
	http://www-01.ibm.com/support/docview.wss?uid=swg1IC98015	vendor-advisory, x_refsource_AIXAPAR
	http://rhn.redhat.com/errata/RHSA-2013-1060.html	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2014:0414	vendor-advisory, x_refsource_REDHAT
	http://security.gentoo.org/glsa/glsa-201406-32.xml	vendor-advisory, x_refsource_GENTOO
	http://rhn.redhat.com/errata/RHSA-2013-1447.html	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2015-0765.html	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2013-1440.html	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2015-0675.html	vendor-advisory, x_refsource_REDHAT
	http://www.securityfocus.com/bid/61310	vdb-entry, x_refsource_BID
	http://rhn.redhat.com/errata/RHSA-2015-0773.html	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2015-0720.html	vendor-advisory, x_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2033-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2089-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html	vendor-advisory, x_refsource_SUSE
	http://marc.info/?l=bugtraq&m=138674073720143&w=2	vendor-advisory, x_refsource_HP
	http://rhn.redhat.com/errata/RHSA-2013-1505.html	vendor-advisory, x_refsource_REDHAT
	http://marc.info/?l=bugtraq&m=138674031212883&w=2	vendor-advisory, x_refsource_HP
	http://rhn.redhat.com/errata/RHSA-2014-1822.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/56257	third-party-advisory, x_refsource_SECUNIA
	http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html	vendor-advisory, x_refsource_SUSE
	http://rhn.redhat.com/errata/RHSA-2013-1059.html	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2014-1823.html	vendor-advisory, x_refsource_REDHAT
	http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html	vendor-advisory, x_refsource_SUSE
	http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html	vendor-advisory, x_refsource_APPLE
	http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html	vendor-advisory, x_refsource_SUSE
	http://rhn.redhat.com/errata/RHSA-2013-1081.html	vendor-advisory, x_refsource_REDHAT
	https://lists.apache.org/thread.html/49dc6702104a86ecbb40292dcd329ce9ae4c32b74733199ecab14a73%40%3Cj-users.xerces.apache.org%3E	mailing-list, x_refsource_MLIST
	http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html	vendor-advisory, x_refsource_SUSE
	http://rhn.redhat.com/errata/RHSA-2013-1451.html	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2014-1818.html	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2014-1821.html	vendor-advisory, x_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html	vendor-advisory, x_refsource_SUSE
	https://exchange.xforce.ibmcloud.com/vulnerabilities/85260	vdb-entry, x_refsource_XF
	https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E	mailing-list, x_refsource_MLIST
	https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5%40%3Csolr-user.lucene.apache.org%3E	mailing-list, x_refsource_MLIST
	https://www.oracle.com/security-alerts/cpuapr2022.html	x_refsource_MISC
	http://www.ibm.com/support/docview.wss?uid=swg21648172	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21657539	x_refsource_CONFIRM
	https://issues.apache.org/jira/browse/XERCESJ-1679	x_refsource_CONFIRM
	http://svn.apache.org/viewvc/xerces/java/trunk/src/org/apache/xerces/impl/XMLScanner.java?r1=965250&r2=1499506&view=patch	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21644197	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21653371	x_refsource_CONFIRM
	http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013	x_refsource_MISC
	http://support.apple.com/kb/HT5982	x_refsource_CONFIRM
	https://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html	x_refsource_CONFIRM
	http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_filenet_content_manager_and_ibm_content_foundation_xml_4j_denial_of_service_attack_cve_2013_4002	x_refsource_CONFIRM
	http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T16:30:49.315Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "IC98015",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC98015"
          },
          {
            "name": "RHSA-2013:1060",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
          },
          {
            "name": "RHSA-2014:0414",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2014:0414"
          },
          {
            "name": "GLSA-201406-32",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
          },
          {
            "name": "RHSA-2013:1447",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
          },
          {
            "name": "RHSA-2015:0765",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-0765.html"
          },
          {
            "name": "RHSA-2013:1440",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
          },
          {
            "name": "RHSA-2015:0675",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-0675.html"
          },
          {
            "name": "61310",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/61310"
          },
          {
            "name": "RHSA-2015:0773",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-0773.html"
          },
          {
            "name": "RHSA-2015:0720",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-0720.html"
          },
          {
            "name": "SUSE-SU-2013:1257",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
          },
          {
            "name": "USN-2033-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2033-1"
          },
          {
            "name": "USN-2089-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2089-1"
          },
          {
            "name": "SUSE-SU-2013:1256",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
          },
          {
            "name": "HPSBUX02944",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
          },
          {
            "name": "RHSA-2013:1505",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
          },
          {
            "name": "HPSBUX02943",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
          },
          {
            "name": "RHSA-2014:1822",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-1822.html"
          },
          {
            "name": "56257",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/56257"
          },
          {
            "name": "SUSE-SU-2013:1263",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html"
          },
          {
            "name": "RHSA-2013:1059",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1059.html"
          },
          {
            "name": "RHSA-2014:1823",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-1823.html"
          },
          {
            "name": "openSUSE-SU-2013:1663",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
          },
          {
            "name": "SUSE-SU-2013:1666",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
          },
          {
            "name": "APPLE-SA-2013-10-15-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
          },
          {
            "name": "SUSE-SU-2013:1293",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html"
          },
          {
            "name": "RHSA-2013:1081",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1081.html"
          },
          {
            "name": "[j-users] 20180503 [ANNOUNCEMENT]: Apache Xerces-J 2.12.0 now available",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/49dc6702104a86ecbb40292dcd329ce9ae4c32b74733199ecab14a73%40%3Cj-users.xerces.apache.org%3E"
          },
          {
            "name": "SUSE-SU-2013:1255",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html"
          },
          {
            "name": "RHSA-2013:1451",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
          },
          {
            "name": "RHSA-2014:1818",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-1818.html"
          },
          {
            "name": "RHSA-2014:1821",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-1821.html"
          },
          {
            "name": "SUSE-SU-2013:1305",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html"
          },
          {
            "name": "ibm-java-cve20134002-dos(85260)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85260"
          },
          {
            "name": "[lucene-solr-user] 20190104 Re: SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E"
          },
          {
            "name": "[lucene-solr-user] 20200320 CVEs (vulnerabilities) that apply to Solr 8.4.1",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5%40%3Csolr-user.lucene.apache.org%3E"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg21648172"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21657539"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.apache.org/jira/browse/XERCESJ-1679"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://svn.apache.org/viewvc/xerces/java/trunk/src/org/apache/xerces/impl/XMLScanner.java?r1=965250\u0026r2=1499506\u0026view=patch"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21653371"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://support.apple.com/kb/HT5982"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_filenet_content_manager_and_ibm_content_foundation_xml_4j_denial_of_service_attack_cve_2013_4002"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-07-18T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment (JRE) in IBM Java 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 as well as Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, Java SE Embedded 7u40 and earlier, and possibly other products allows remote attackers to cause a denial of service via vectors related to XML attribute names."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-04-19T23:19:06",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "IC98015",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC98015"
        },
        {
          "name": "RHSA-2013:1060",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
        },
        {
          "name": "RHSA-2014:0414",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2014:0414"
        },
        {
          "name": "GLSA-201406-32",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
        },
        {
          "name": "RHSA-2013:1447",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
        },
        {
          "name": "RHSA-2015:0765",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-0765.html"
        },
        {
          "name": "RHSA-2013:1440",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
        },
        {
          "name": "RHSA-2015:0675",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-0675.html"
        },
        {
          "name": "61310",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/61310"
        },
        {
          "name": "RHSA-2015:0773",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-0773.html"
        },
        {
          "name": "RHSA-2015:0720",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-0720.html"
        },
        {
          "name": "SUSE-SU-2013:1257",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
        },
        {
          "name": "USN-2033-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2033-1"
        },
        {
          "name": "USN-2089-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2089-1"
        },
        {
          "name": "SUSE-SU-2013:1256",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
        },
        {
          "name": "HPSBUX02944",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
        },
        {
          "name": "RHSA-2013:1505",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
        },
        {
          "name": "HPSBUX02943",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
        },
        {
          "name": "RHSA-2014:1822",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-1822.html"
        },
        {
          "name": "56257",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/56257"
        },
        {
          "name": "SUSE-SU-2013:1263",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html"
        },
        {
          "name": "RHSA-2013:1059",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1059.html"
        },
        {
          "name": "RHSA-2014:1823",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-1823.html"
        },
        {
          "name": "openSUSE-SU-2013:1663",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
        },
        {
          "name": "SUSE-SU-2013:1666",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
        },
        {
          "name": "APPLE-SA-2013-10-15-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
        },
        {
          "name": "SUSE-SU-2013:1293",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html"
        },
        {
          "name": "RHSA-2013:1081",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1081.html"
        },
        {
          "name": "[j-users] 20180503 [ANNOUNCEMENT]: Apache Xerces-J 2.12.0 now available",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/49dc6702104a86ecbb40292dcd329ce9ae4c32b74733199ecab14a73%40%3Cj-users.xerces.apache.org%3E"
        },
        {
          "name": "SUSE-SU-2013:1255",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html"
        },
        {
          "name": "RHSA-2013:1451",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
        },
        {
          "name": "RHSA-2014:1818",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-1818.html"
        },
        {
          "name": "RHSA-2014:1821",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-1821.html"
        },
        {
          "name": "SUSE-SU-2013:1305",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html"
        },
        {
          "name": "ibm-java-cve20134002-dos(85260)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85260"
        },
        {
          "name": "[lucene-solr-user] 20190104 Re: SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E"
        },
        {
          "name": "[lucene-solr-user] 20200320 CVEs (vulnerabilities) that apply to Solr 8.4.1",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5%40%3Csolr-user.lucene.apache.org%3E"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg21648172"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21657539"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.apache.org/jira/browse/XERCESJ-1679"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://svn.apache.org/viewvc/xerces/java/trunk/src/org/apache/xerces/impl/XMLScanner.java?r1=965250\u0026r2=1499506\u0026view=patch"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21653371"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://support.apple.com/kb/HT5982"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_filenet_content_manager_and_ibm_content_foundation_xml_4j_denial_of_service_attack_cve_2013_4002"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2013-4002",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment (JRE) in IBM Java 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 as well as Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, Java SE Embedded 7u40 and earlier, and possibly other products allows remote attackers to cause a denial of service via vectors related to XML attribute names."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "IC98015",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC98015"
            },
            {
              "name": "RHSA-2013:1060",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
            },
            {
              "name": "RHSA-2014:0414",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2014:0414"
            },
            {
              "name": "GLSA-201406-32",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
            },
            {
              "name": "RHSA-2013:1447",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
            },
            {
              "name": "RHSA-2015:0765",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-0765.html"
            },
            {
              "name": "RHSA-2013:1440",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
            },
            {
              "name": "RHSA-2015:0675",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-0675.html"
            },
            {
              "name": "61310",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/61310"
            },
            {
              "name": "RHSA-2015:0773",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-0773.html"
            },
            {
              "name": "RHSA-2015:0720",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-0720.html"
            },
            {
              "name": "SUSE-SU-2013:1257",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
            },
            {
              "name": "USN-2033-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2033-1"
            },
            {
              "name": "USN-2089-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2089-1"
            },
            {
              "name": "SUSE-SU-2013:1256",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
            },
            {
              "name": "HPSBUX02944",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
            },
            {
              "name": "RHSA-2013:1505",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
            },
            {
              "name": "HPSBUX02943",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
            },
            {
              "name": "RHSA-2014:1822",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-1822.html"
            },
            {
              "name": "56257",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/56257"
            },
            {
              "name": "SUSE-SU-2013:1263",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html"
            },
            {
              "name": "RHSA-2013:1059",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1059.html"
            },
            {
              "name": "RHSA-2014:1823",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-1823.html"
            },
            {
              "name": "openSUSE-SU-2013:1663",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
            },
            {
              "name": "SUSE-SU-2013:1666",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
            },
            {
              "name": "APPLE-SA-2013-10-15-1",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
            },
            {
              "name": "SUSE-SU-2013:1293",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html"
            },
            {
              "name": "RHSA-2013:1081",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1081.html"
            },
            {
              "name": "[j-users] 20180503 [ANNOUNCEMENT]: Apache Xerces-J 2.12.0 now available",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/49dc6702104a86ecbb40292dcd329ce9ae4c32b74733199ecab14a73@%3Cj-users.xerces.apache.org%3E"
            },
            {
              "name": "SUSE-SU-2013:1255",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html"
            },
            {
              "name": "RHSA-2013:1451",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
            },
            {
              "name": "RHSA-2014:1818",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-1818.html"
            },
            {
              "name": "RHSA-2014:1821",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-1821.html"
            },
            {
              "name": "SUSE-SU-2013:1305",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html"
            },
            {
              "name": "ibm-java-cve20134002-dos(85260)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85260"
            },
            {
              "name": "[lucene-solr-user] 20190104 Re: SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E"
            },
            {
              "name": "[lucene-solr-user] 20200320 CVEs (vulnerabilities) that apply to Solr 8.4.1",
              "refsource": "MLIST",
              "url": "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5@%3Csolr-user.lucene.apache.org%3E"
            },
            {
              "name": "https://www.oracle.com/security-alerts/cpuapr2022.html",
              "refsource": "MISC",
              "url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg21648172",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg21648172"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21657539",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21657539"
            },
            {
              "name": "https://issues.apache.org/jira/browse/XERCESJ-1679",
              "refsource": "CONFIRM",
              "url": "https://issues.apache.org/jira/browse/XERCESJ-1679"
            },
            {
              "name": "http://svn.apache.org/viewvc/xerces/java/trunk/src/org/apache/xerces/impl/XMLScanner.java?r1=965250\u0026r2=1499506\u0026view=patch",
              "refsource": "CONFIRM",
              "url": "http://svn.apache.org/viewvc/xerces/java/trunk/src/org/apache/xerces/impl/XMLScanner.java?r1=965250\u0026r2=1499506\u0026view=patch"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21653371",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21653371"
            },
            {
              "name": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013",
              "refsource": "MISC",
              "url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013"
            },
            {
              "name": "http://support.apple.com/kb/HT5982",
              "refsource": "CONFIRM",
              "url": "http://support.apple.com/kb/HT5982"
            },
            {
              "name": "https://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
              "refsource": "CONFIRM",
              "url": "https://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
            },
            {
              "name": "http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_filenet_content_manager_and_ibm_content_foundation_xml_4j_denial_of_service_attack_cve_2013_4002",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_filenet_content_manager_and_ibm_content_foundation_xml_4j_denial_of_service_attack_cve_2013_4002"
            },
            {
              "name": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html",
              "refsource": "CONFIRM",
              "url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2013-4002",
    "datePublished": "2013-07-23T10:00:00",
    "dateReserved": "2013-06-07T00:00:00",
    "dateUpdated": "2024-08-06T16:30:49.315Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2012-1717

Vulnerability from cvelistv5

Published

2012-06-16 21:00

Modified

2024-08-06 19:08

Severity ?

Summary

References

▼	URL	Tags
	http://www.securityfocus.com/bid/53952	vdb-entry, x_refsource_BID
	http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00035.html	vendor-advisory, x_refsource_SUSE
	http://security.gentoo.org/glsa/glsa-201406-32.xml	vendor-advisory, x_refsource_GENTOO
	http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00020.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html	vendor-advisory, x_refsource_SUSE
	http://rhn.redhat.com/errata/RHSA-2012-0734.html	vendor-advisory, x_refsource_REDHAT
	http://www.oracle.com/technetwork/topics/security/javacpujun2012-1515912.html	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2012-1243.html	vendor-advisory, x_refsource_REDHAT
	http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-June/019076.html	mailing-list, x_refsource_MLIST
	http://secunia.com/advisories/50659	third-party-advisory, x_refsource_SECUNIA
	http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00028.html	vendor-advisory, x_refsource_SUSE
	http://rhn.redhat.com/errata/RHSA-2013-1455.html	vendor-advisory, x_refsource_REDHAT
	http://www.mandriva.com/security/advisories?name=MDVSA-2012:095	vendor-advisory, x_refsource_MANDRIVA
	http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2013-1456.html	vendor-advisory, x_refsource_REDHAT
	http://www.ibm.com/support/docview.wss?uid=swg21615246	x_refsource_CONFIRM
	http://www.mandriva.com/security/advisories?name=MDVSA-2013:150	vendor-advisory, x_refsource_MANDRIVA
	http://secunia.com/advisories/51080	third-party-advisory, x_refsource_SECUNIA

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T19:08:37.677Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "53952",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/53952"
          },
          {
            "name": "SUSE-SU-2012:1265",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00035.html"
          },
          {
            "name": "GLSA-201406-32",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
          },
          {
            "name": "SUSE-SU-2012:1177",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00020.html"
          },
          {
            "name": "SUSE-SU-2012:1231",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html"
          },
          {
            "name": "RHSA-2012:0734",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-0734.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/javacpujun2012-1515912.html"
          },
          {
            "name": "RHSA-2012:1243",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-1243.html"
          },
          {
            "name": "[OpenJDK] 20120612 IcedTea6 1.10.8 \u0026 1.11.3 Released",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-June/019076.html"
          },
          {
            "name": "50659",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/50659"
          },
          {
            "name": "SUSE-SU-2012:1204",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00028.html"
          },
          {
            "name": "RHSA-2013:1455",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
          },
          {
            "name": "MDVSA-2012:095",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:095"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"
          },
          {
            "name": "RHSA-2013:1456",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.ibm.com/support/docview.wss?uid=swg21615246"
          },
          {
            "name": "MDVSA-2013:150",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
          },
          {
            "name": "51080",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/51080"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-06-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows local users to affect confidentiality via unknown vectors related to printing on Solaris or Linux."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-17T19:57:01",
        "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "shortName": "oracle"
      },
      "references": [
        {
          "name": "53952",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/53952"
        },
        {
          "name": "SUSE-SU-2012:1265",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00035.html"
        },
        {
          "name": "GLSA-201406-32",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
        },
        {
          "name": "SUSE-SU-2012:1177",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00020.html"
        },
        {
          "name": "SUSE-SU-2012:1231",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html"
        },
        {
          "name": "RHSA-2012:0734",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-0734.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/javacpujun2012-1515912.html"
        },
        {
          "name": "RHSA-2012:1243",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-1243.html"
        },
        {
          "name": "[OpenJDK] 20120612 IcedTea6 1.10.8 \u0026 1.11.3 Released",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-June/019076.html"
        },
        {
          "name": "50659",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/50659"
        },
        {
          "name": "SUSE-SU-2012:1204",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00028.html"
        },
        {
          "name": "RHSA-2013:1455",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
        },
        {
          "name": "MDVSA-2012:095",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:095"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"
        },
        {
          "name": "RHSA-2013:1456",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.ibm.com/support/docview.wss?uid=swg21615246"
        },
        {
          "name": "MDVSA-2013:150",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
        },
        {
          "name": "51080",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/51080"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert_us@oracle.com",
          "ID": "CVE-2012-1717",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and earlier, and 1.4.2_37 and earlier allows local users to affect confidentiality via unknown vectors related to printing on Solaris or Linux."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "53952",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/53952"
            },
            {
              "name": "SUSE-SU-2012:1265",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00035.html"
            },
            {
              "name": "GLSA-201406-32",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
            },
            {
              "name": "SUSE-SU-2012:1177",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00020.html"
            },
            {
              "name": "SUSE-SU-2012:1231",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00032.html"
            },
            {
              "name": "RHSA-2012:0734",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2012-0734.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/javacpujun2012-1515912.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/javacpujun2012-1515912.html"
            },
            {
              "name": "RHSA-2012:1243",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2012-1243.html"
            },
            {
              "name": "[OpenJDK] 20120612 IcedTea6 1.10.8 \u0026 1.11.3 Released",
              "refsource": "MLIST",
              "url": "http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-June/019076.html"
            },
            {
              "name": "50659",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/50659"
            },
            {
              "name": "SUSE-SU-2012:1204",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00028.html"
            },
            {
              "name": "RHSA-2013:1455",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
            },
            {
              "name": "MDVSA-2012:095",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:095"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/cpujul2012-392727.html"
            },
            {
              "name": "RHSA-2013:1456",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
            },
            {
              "name": "http://www.ibm.com/support/docview.wss?uid=swg21615246",
              "refsource": "CONFIRM",
              "url": "http://www.ibm.com/support/docview.wss?uid=swg21615246"
            },
            {
              "name": "MDVSA-2013:150",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
            },
            {
              "name": "51080",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/51080"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
    "assignerShortName": "oracle",
    "cveId": "CVE-2012-1717",
    "datePublished": "2012-06-16T21:00:00",
    "dateReserved": "2012-03-16T00:00:00",
    "dateUpdated": "2024-08-06T19:08:37.677Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2013-2465

Vulnerability from cvelistv5

Published

2013-06-18 22:00

Modified

2024-08-06 15:36

Severity ?

Summary

References

▼	URL	Tags
	http://rhn.redhat.com/errata/RHSA-2013-1060.html	vendor-advisory, x_refsource_REDHAT
	http://marc.info/?l=bugtraq&m=137545592101387&w=2	vendor-advisory, x_refsource_HP
	https://access.redhat.com/errata/RHSA-2014:0414	vendor-advisory, x_refsource_REDHAT
	http://security.gentoo.org/glsa/glsa-201406-32.xml	vendor-advisory, x_refsource_GENTOO
	http://www.securityfocus.com/bid/60657	vdb-entry, x_refsource_BID
	http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00031.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html	vendor-advisory, x_refsource_SUSE
	http://marc.info/?l=bugtraq&m=137545505800971&w=2	vendor-advisory, x_refsource_HP
	http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html	vendor-advisory, x_refsource_SUSE
	http://secunia.com/advisories/54154	third-party-advisory, x_refsource_SECUNIA
	http://rhn.redhat.com/errata/RHSA-2013-1455.html	vendor-advisory, x_refsource_REDHAT
	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880	vendor-advisory, x_refsource_HP
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19455	vdb-entry, signature, x_refsource_OVAL
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19703	vdb-entry, signature, x_refsource_OVAL
	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880	vendor-advisory, x_refsource_HP
	http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/2a9c79db0040	x_refsource_MISC
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19074	vdb-entry, signature, x_refsource_OVAL
	http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html	vendor-advisory, x_refsource_SUSE
	http://rhn.redhat.com/errata/RHSA-2013-1059.html	vendor-advisory, x_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html	vendor-advisory, x_refsource_SUSE
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17106	vdb-entry, signature, x_refsource_OVAL
	http://rhn.redhat.com/errata/RHSA-2013-1081.html	vendor-advisory, x_refsource_REDHAT
	http://www.us-cert.gov/ncas/alerts/TA13-169A	third-party-advisory, x_refsource_CERT
	http://advisories.mageia.org/MGASA-2013-0185.html	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2013-0963.html	vendor-advisory, x_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html	vendor-advisory, x_refsource_SUSE
	https://bugzilla.redhat.com/show_bug.cgi?id=975118	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2013-1456.html	vendor-advisory, x_refsource_REDHAT
	http://www.mandriva.com/security/advisories?name=MDVSA-2013:183	vendor-advisory, x_refsource_MANDRIVA
	http://www-01.ibm.com/support/docview.wss?uid=swg21642336	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html	vendor-advisory, x_refsource_SUSE

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T15:36:46.609Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2013:1060",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
          },
          {
            "name": "HPSBUX02908",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=137545592101387\u0026w=2"
          },
          {
            "name": "RHSA-2014:0414",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2014:0414"
          },
          {
            "name": "GLSA-201406-32",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
          },
          {
            "name": "60657",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/60657"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html"
          },
          {
            "name": "SUSE-SU-2013:1264",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00031.html"
          },
          {
            "name": "SUSE-SU-2013:1257",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
          },
          {
            "name": "HPSBUX02907",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=137545505800971\u0026w=2"
          },
          {
            "name": "SUSE-SU-2013:1256",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
          },
          {
            "name": "54154",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/54154"
          },
          {
            "name": "RHSA-2013:1455",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
          },
          {
            "name": "SSRT101305",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880"
          },
          {
            "name": "oval:org.mitre.oval:def:19455",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19455"
          },
          {
            "name": "oval:org.mitre.oval:def:19703",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19703"
          },
          {
            "name": "HPSBUX02922",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/2a9c79db0040"
          },
          {
            "name": "oval:org.mitre.oval:def:19074",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19074"
          },
          {
            "name": "SUSE-SU-2013:1263",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html"
          },
          {
            "name": "RHSA-2013:1059",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1059.html"
          },
          {
            "name": "SUSE-SU-2013:1293",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html"
          },
          {
            "name": "oval:org.mitre.oval:def:17106",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17106"
          },
          {
            "name": "RHSA-2013:1081",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1081.html"
          },
          {
            "name": "TA13-169A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/ncas/alerts/TA13-169A"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://advisories.mageia.org/MGASA-2013-0185.html"
          },
          {
            "name": "RHSA-2013:0963",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-0963.html"
          },
          {
            "name": "SUSE-SU-2013:1255",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=975118"
          },
          {
            "name": "RHSA-2013:1456",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
          },
          {
            "name": "MDVSA-2013:183",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:183"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21642336"
          },
          {
            "name": "SUSE-SU-2013:1305",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-06-18T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.  NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to \"Incorrect image channel verification\" in 2D."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-04T19:57:01",
        "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "shortName": "oracle"
      },
      "references": [
        {
          "name": "RHSA-2013:1060",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
        },
        {
          "name": "HPSBUX02908",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=137545592101387\u0026w=2"
        },
        {
          "name": "RHSA-2014:0414",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2014:0414"
        },
        {
          "name": "GLSA-201406-32",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
        },
        {
          "name": "60657",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/60657"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html"
        },
        {
          "name": "SUSE-SU-2013:1264",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00031.html"
        },
        {
          "name": "SUSE-SU-2013:1257",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
        },
        {
          "name": "HPSBUX02907",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=137545505800971\u0026w=2"
        },
        {
          "name": "SUSE-SU-2013:1256",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
        },
        {
          "name": "54154",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/54154"
        },
        {
          "name": "RHSA-2013:1455",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
        },
        {
          "name": "SSRT101305",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880"
        },
        {
          "name": "oval:org.mitre.oval:def:19455",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19455"
        },
        {
          "name": "oval:org.mitre.oval:def:19703",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19703"
        },
        {
          "name": "HPSBUX02922",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/2a9c79db0040"
        },
        {
          "name": "oval:org.mitre.oval:def:19074",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19074"
        },
        {
          "name": "SUSE-SU-2013:1263",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html"
        },
        {
          "name": "RHSA-2013:1059",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1059.html"
        },
        {
          "name": "SUSE-SU-2013:1293",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html"
        },
        {
          "name": "oval:org.mitre.oval:def:17106",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17106"
        },
        {
          "name": "RHSA-2013:1081",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1081.html"
        },
        {
          "name": "TA13-169A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/ncas/alerts/TA13-169A"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://advisories.mageia.org/MGASA-2013-0185.html"
        },
        {
          "name": "RHSA-2013:0963",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-0963.html"
        },
        {
          "name": "SUSE-SU-2013:1255",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=975118"
        },
        {
          "name": "RHSA-2013:1456",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
        },
        {
          "name": "MDVSA-2013:183",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:183"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21642336"
        },
        {
          "name": "SUSE-SU-2013:1305",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert_us@oracle.com",
          "ID": "CVE-2013-2465",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.  NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to \"Incorrect image channel verification\" in 2D."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2013:1060",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
            },
            {
              "name": "HPSBUX02908",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=137545592101387\u0026w=2"
            },
            {
              "name": "RHSA-2014:0414",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2014:0414"
            },
            {
              "name": "GLSA-201406-32",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
            },
            {
              "name": "60657",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/60657"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html"
            },
            {
              "name": "SUSE-SU-2013:1264",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00031.html"
            },
            {
              "name": "SUSE-SU-2013:1257",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
            },
            {
              "name": "HPSBUX02907",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=137545505800971\u0026w=2"
            },
            {
              "name": "SUSE-SU-2013:1256",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
            },
            {
              "name": "54154",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/54154"
            },
            {
              "name": "RHSA-2013:1455",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
            },
            {
              "name": "SSRT101305",
              "refsource": "HP",
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880"
            },
            {
              "name": "oval:org.mitre.oval:def:19455",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19455"
            },
            {
              "name": "oval:org.mitre.oval:def:19703",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19703"
            },
            {
              "name": "HPSBUX02922",
              "refsource": "HP",
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880"
            },
            {
              "name": "http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/2a9c79db0040",
              "refsource": "MISC",
              "url": "http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/2a9c79db0040"
            },
            {
              "name": "oval:org.mitre.oval:def:19074",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19074"
            },
            {
              "name": "SUSE-SU-2013:1263",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html"
            },
            {
              "name": "RHSA-2013:1059",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1059.html"
            },
            {
              "name": "SUSE-SU-2013:1293",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html"
            },
            {
              "name": "oval:org.mitre.oval:def:17106",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17106"
            },
            {
              "name": "RHSA-2013:1081",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1081.html"
            },
            {
              "name": "TA13-169A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/ncas/alerts/TA13-169A"
            },
            {
              "name": "http://advisories.mageia.org/MGASA-2013-0185.html",
              "refsource": "CONFIRM",
              "url": "http://advisories.mageia.org/MGASA-2013-0185.html"
            },
            {
              "name": "RHSA-2013:0963",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-0963.html"
            },
            {
              "name": "SUSE-SU-2013:1255",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=975118",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=975118"
            },
            {
              "name": "RHSA-2013:1456",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
            },
            {
              "name": "MDVSA-2013:183",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:183"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21642336",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21642336"
            },
            {
              "name": "SUSE-SU-2013:1305",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
    "assignerShortName": "oracle",
    "cveId": "CVE-2013-2465",
    "datePublished": "2013-06-18T22:00:00",
    "dateReserved": "2013-03-05T00:00:00",
    "dateUpdated": "2024-08-06T15:36:46.609Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2012-0507

Vulnerability from cvelistv5

Published

2012-06-07 22:00

Modified

2024-08-06 18:23

Severity ?

Summary

References

▼	URL	Tags
	http://marc.info/?l=bugtraq&m=133847939902305&w=2	vendor-advisory, x_refsource_HP
	http://www.oracle.com/technetwork/topics/security/javacpufeb2012-366318.html	x_refsource_CONFIRM
	http://secunia.com/advisories/48692	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=134254866602253&w=2	vendor-advisory, x_refsource_HP
	http://krebsonsecurity.com/2012/03/new-java-attack-rolled-into-exploit-packs/	x_refsource_MISC
	http://secunia.com/advisories/48589	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=133365109612558&w=2	vendor-advisory, x_refsource_HP
	http://weblog.ikvm.net/PermaLink.aspx?guid=cd48169a-9405-4f63-9087-798c4a1866d3	x_refsource_MISC
	http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html	vendor-advisory, x_refsource_SUSE
	http://rhn.redhat.com/errata/RHSA-2013-1455.html	vendor-advisory, x_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00010.html	vendor-advisory, x_refsource_SUSE
	http://secunia.com/advisories/48950	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/48948	third-party-advisory, x_refsource_SECUNIA
	http://blogs.technet.com/b/mmpc/archive/2012/03/20/an-interesting-case-of-jre-sandbox-breach-cve-2012-0507.aspx	x_refsource_MISC
	http://marc.info/?l=bugtraq&m=133847939902305&w=2	vendor-advisory, x_refsource_HP
	http://secunia.com/advisories/48915	third-party-advisory, x_refsource_SECUNIA
	http://marc.info/?l=bugtraq&m=133364885411663&w=2	vendor-advisory, x_refsource_HP
	http://www.debian.org/security/2012/dsa-2420	vendor-advisory, x_refsource_DEBIAN
	http://rhn.redhat.com/errata/RHSA-2012-0508.html	vendor-advisory, x_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=788994	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=134254957702612&w=2	vendor-advisory, x_refsource_HP
	http://rhn.redhat.com/errata/RHSA-2012-0514.html	vendor-advisory, x_refsource_REDHAT
	http://www.securityfocus.com/bid/52161	vdb-entry, x_refsource_BID
	http://marc.info/?l=bugtraq&m=133365109612558&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=133364885411663&w=2	vendor-advisory, x_refsource_HP
	http://marc.info/?l=bugtraq&m=134254957702612&w=2	vendor-advisory, x_refsource_HP

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T18:23:31.104Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "HPSBUX02784",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=133847939902305\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/javacpufeb2012-366318.html"
          },
          {
            "name": "48692",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48692"
          },
          {
            "name": "HPSBMU02799",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://krebsonsecurity.com/2012/03/new-java-attack-rolled-into-exploit-packs/"
          },
          {
            "name": "48589",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48589"
          },
          {
            "name": "SSRT100805",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=133365109612558\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://weblog.ikvm.net/PermaLink.aspx?guid=cd48169a-9405-4f63-9087-798c4a1866d3"
          },
          {
            "name": "SUSE-SU-2012:0602",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html"
          },
          {
            "name": "RHSA-2013:1455",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
          },
          {
            "name": "SUSE-SU-2012:0603",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00010.html"
          },
          {
            "name": "48950",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48950"
          },
          {
            "name": "48948",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48948"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://blogs.technet.com/b/mmpc/archive/2012/03/20/an-interesting-case-of-jre-sandbox-breach-cve-2012-0507.aspx"
          },
          {
            "name": "SSRT100871",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=133847939902305\u0026w=2"
          },
          {
            "name": "48915",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/48915"
          },
          {
            "name": "HPSBUX02757",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=133364885411663\u0026w=2"
          },
          {
            "name": "DSA-2420",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2012/dsa-2420"
          },
          {
            "name": "RHSA-2012:0508",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-0508.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=788994"
          },
          {
            "name": "SSRT100867",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
          },
          {
            "name": "RHSA-2012:0514",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-0514.html"
          },
          {
            "name": "52161",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/52161"
          },
          {
            "name": "HPSBUX02760",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=133365109612558\u0026w=2"
          },
          {
            "name": "SSRT100779",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=133364885411663\u0026w=2"
          },
          {
            "name": "HPSBMU02797",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-02-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Concurrency.  NOTE: the previous information was obtained from the February 2012 Oracle CPU. Oracle has not commented on claims from a downstream vendor and third party researchers that this issue occurs because the AtomicReferenceArray class implementation does not ensure that the array is of the Object[] type, which allows attackers to cause a denial of service (JVM crash) or bypass Java sandbox restrictions.  NOTE: this issue was originally mapped to CVE-2011-3571, but that identifier was already assigned to a different issue."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-12-28T20:57:01",
        "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "shortName": "oracle"
      },
      "references": [
        {
          "name": "HPSBUX02784",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=133847939902305\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/javacpufeb2012-366318.html"
        },
        {
          "name": "48692",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48692"
        },
        {
          "name": "HPSBMU02799",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://krebsonsecurity.com/2012/03/new-java-attack-rolled-into-exploit-packs/"
        },
        {
          "name": "48589",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48589"
        },
        {
          "name": "SSRT100805",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=133365109612558\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://weblog.ikvm.net/PermaLink.aspx?guid=cd48169a-9405-4f63-9087-798c4a1866d3"
        },
        {
          "name": "SUSE-SU-2012:0602",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html"
        },
        {
          "name": "RHSA-2013:1455",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
        },
        {
          "name": "SUSE-SU-2012:0603",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00010.html"
        },
        {
          "name": "48950",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48950"
        },
        {
          "name": "48948",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48948"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://blogs.technet.com/b/mmpc/archive/2012/03/20/an-interesting-case-of-jre-sandbox-breach-cve-2012-0507.aspx"
        },
        {
          "name": "SSRT100871",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=133847939902305\u0026w=2"
        },
        {
          "name": "48915",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/48915"
        },
        {
          "name": "HPSBUX02757",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=133364885411663\u0026w=2"
        },
        {
          "name": "DSA-2420",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2012/dsa-2420"
        },
        {
          "name": "RHSA-2012:0508",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-0508.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=788994"
        },
        {
          "name": "SSRT100867",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
        },
        {
          "name": "RHSA-2012:0514",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-0514.html"
        },
        {
          "name": "52161",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/52161"
        },
        {
          "name": "HPSBUX02760",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=133365109612558\u0026w=2"
        },
        {
          "name": "SSRT100779",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=133364885411663\u0026w=2"
        },
        {
          "name": "HPSBMU02797",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert_us@oracle.com",
          "ID": "CVE-2012-0507",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Concurrency.  NOTE: the previous information was obtained from the February 2012 Oracle CPU. Oracle has not commented on claims from a downstream vendor and third party researchers that this issue occurs because the AtomicReferenceArray class implementation does not ensure that the array is of the Object[] type, which allows attackers to cause a denial of service (JVM crash) or bypass Java sandbox restrictions.  NOTE: this issue was originally mapped to CVE-2011-3571, but that identifier was already assigned to a different issue."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "HPSBUX02784",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=133847939902305\u0026w=2"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/javacpufeb2012-366318.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/javacpufeb2012-366318.html"
            },
            {
              "name": "48692",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/48692"
            },
            {
              "name": "HPSBMU02799",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=134254866602253\u0026w=2"
            },
            {
              "name": "http://krebsonsecurity.com/2012/03/new-java-attack-rolled-into-exploit-packs/",
              "refsource": "MISC",
              "url": "http://krebsonsecurity.com/2012/03/new-java-attack-rolled-into-exploit-packs/"
            },
            {
              "name": "48589",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/48589"
            },
            {
              "name": "SSRT100805",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=133365109612558\u0026w=2"
            },
            {
              "name": "http://weblog.ikvm.net/PermaLink.aspx?guid=cd48169a-9405-4f63-9087-798c4a1866d3",
              "refsource": "MISC",
              "url": "http://weblog.ikvm.net/PermaLink.aspx?guid=cd48169a-9405-4f63-9087-798c4a1866d3"
            },
            {
              "name": "SUSE-SU-2012:0602",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html"
            },
            {
              "name": "RHSA-2013:1455",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
            },
            {
              "name": "SUSE-SU-2012:0603",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00010.html"
            },
            {
              "name": "48950",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/48950"
            },
            {
              "name": "48948",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/48948"
            },
            {
              "name": "http://blogs.technet.com/b/mmpc/archive/2012/03/20/an-interesting-case-of-jre-sandbox-breach-cve-2012-0507.aspx",
              "refsource": "MISC",
              "url": "http://blogs.technet.com/b/mmpc/archive/2012/03/20/an-interesting-case-of-jre-sandbox-breach-cve-2012-0507.aspx"
            },
            {
              "name": "SSRT100871",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=133847939902305\u0026w=2"
            },
            {
              "name": "48915",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/48915"
            },
            {
              "name": "HPSBUX02757",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=133364885411663\u0026w=2"
            },
            {
              "name": "DSA-2420",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2012/dsa-2420"
            },
            {
              "name": "RHSA-2012:0508",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2012-0508.html"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=788994",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=788994"
            },
            {
              "name": "SSRT100867",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
            },
            {
              "name": "RHSA-2012:0514",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2012-0514.html"
            },
            {
              "name": "52161",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/52161"
            },
            {
              "name": "HPSBUX02760",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=133365109612558\u0026w=2"
            },
            {
              "name": "SSRT100779",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=133364885411663\u0026w=2"
            },
            {
              "name": "HPSBMU02797",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=134254957702612\u0026w=2"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
    "assignerShortName": "oracle",
    "cveId": "CVE-2012-0507",
    "datePublished": "2012-06-07T22:00:00",
    "dateReserved": "2012-01-11T00:00:00",
    "dateUpdated": "2024-08-06T18:23:31.104Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}