Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2014-AVI-232
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans les produits Juniper. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| N/A | N/A | Juniper NSM versions antérieures à 2012.2R8 | ||
| Juniper Networks | Junos Space | Juniper Junos Space versions antérieures à 13.3R1.8 | ||
| Juniper Networks | N/A | Juniper ScreenOS 6.3 |
References
| Title | Publication Time | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Juniper NSM versions ant\u00e9rieures \u00e0 2012.2R8",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Juniper Junos Space versions ant\u00e9rieures \u00e0 13.3R1.8",
"product": {
"name": "Junos Space",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Juniper ScreenOS 6.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2014-3411",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3411"
},
{
"name": "CVE-2010-1429",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-1429"
},
{
"name": "CVE-2013-1557",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1557"
},
{
"name": "CVE-2013-2389",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2389"
},
{
"name": "CVE-2013-3805",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-3805"
},
{
"name": "CVE-2013-3801",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-3801"
},
{
"name": "CVE-2010-0738",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0738"
},
{
"name": "CVE-2010-1428",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-1428"
},
{
"name": "CVE-2013-1502",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1502"
},
{
"name": "CVE-2013-1544",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1544"
},
{
"name": "CVE-2013-2392",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2392"
},
{
"name": "CVE-2013-3804",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-3804"
},
{
"name": "CVE-2014-2842",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-2842"
},
{
"name": "CVE-2013-3809",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-3809"
},
{
"name": "CVE-2014-3412",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3412"
},
{
"name": "CVE-2013-3808",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-3808"
},
{
"name": "CVE-2013-3783",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-3783"
},
{
"name": "CVE-2012-3143",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3143"
},
{
"name": "CVE-2013-2422",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2422"
},
{
"name": "CVE-2013-2376",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2376"
},
{
"name": "CVE-2013-3794",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-3794"
},
{
"name": "CVE-2013-1511",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1511"
},
{
"name": "CVE-2013-1862",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1862"
},
{
"name": "CVE-2014-3413",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3413"
},
{
"name": "CVE-2013-3802",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-3802"
},
{
"name": "CVE-2013-3839",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-3839"
},
{
"name": "CVE-2013-3812",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-3812"
},
{
"name": "CVE-2013-2375",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2375"
},
{
"name": "CVE-2013-1896",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1896"
},
{
"name": "CVE-2013-1532",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1532"
},
{
"name": "CVE-2013-2391",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-2391"
},
{
"name": "CVE-2013-3793",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-3793"
},
{
"name": "CVE-2013-1537",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1537"
}
],
"links": [],
"reference": "CERTFR-2014-AVI-232",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2014-05-19T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans les produits \u003cspan\nclass=\"textit\"\u003eJuniper\u003c/span\u003e. Certaines d\u0027entre elles permettent \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un\nd\u00e9ni de service \u00e0 distance et un contournement de la politique de\ns\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10625 du 01 mai 2014",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10625"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10627 du 01 mai 2014",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10627"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10624 du 01 mai 2014",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10624"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10626 du 01 mai 2014",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10626"
}
]
}
CVE-2013-1532 (GCVE-0-2013-1532)
Vulnerability from cvelistv5 – Published: 2013-04-17 12:10 – Updated: 2024-08-06 15:04
VLAI?
EPSS
Summary
Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Information Schema.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:04:49.477Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "53372",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/53372"
},
{
"name": "GLSA-201308-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html"
},
{
"name": "RHSA-2013:0772",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0772.html"
},
{
"name": "MDVSA-2013:150",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-04-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Information Schema."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-02-10T22:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "53372",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/53372"
},
{
"name": "GLSA-201308-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html"
},
{
"name": "RHSA-2013:0772",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0772.html"
},
{
"name": "MDVSA-2013:150",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2013-1532",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Information Schema."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "53372",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/53372"
},
{
"name": "GLSA-201308-06",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html"
},
{
"name": "RHSA-2013:0772",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0772.html"
},
{
"name": "MDVSA-2013:150",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2013-1532",
"datePublished": "2013-04-17T12:10:00",
"dateReserved": "2013-01-30T00:00:00",
"dateUpdated": "2024-08-06T15:04:49.477Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-2842 (GCVE-0-2014-2842)
Vulnerability from cvelistv5 – Published: 2014-04-15 14:00 – Updated: 2024-08-06 10:28
VLAI?
EPSS
Summary
Juniper ScreenOS 6.3 and earlier allows remote attackers to cause a denial of service (crash and restart or failover) via a malformed SSL/TLS packet.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:28:46.222Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#480428",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/480428"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10624"
},
{
"name": "66802",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/66802"
},
{
"name": "57910",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/57910"
},
{
"name": "1030564",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030564"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-04-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Juniper ScreenOS 6.3 and earlier allows remote attackers to cause a denial of service (crash and restart or failover) via a malformed SSL/TLS packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-07-16T19:57:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "VU#480428",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/480428"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10624"
},
{
"name": "66802",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/66802"
},
{
"name": "57910",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/57910"
},
{
"name": "1030564",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030564"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2842",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Juniper ScreenOS 6.3 and earlier allows remote attackers to cause a denial of service (crash and restart or failover) via a malformed SSL/TLS packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#480428",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/480428"
},
{
"name": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10624",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10624"
},
{
"name": "66802",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66802"
},
{
"name": "57910",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/57910"
},
{
"name": "1030564",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030564"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-2842",
"datePublished": "2014-04-15T14:00:00",
"dateReserved": "2014-04-10T00:00:00",
"dateUpdated": "2024-08-06T10:28:46.222Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2376 (GCVE-0-2013-2376)
Vulnerability from cvelistv5 – Published: 2013-04-17 14:00 – Updated: 2024-08-06 15:36
VLAI?
EPSS
Summary
Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Stored Procedure.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:36:46.162Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "53372",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/53372"
},
{
"name": "GLSA-201308-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html"
},
{
"name": "MDVSA-2013:150",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-04-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Stored Procedure."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-14T14:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "53372",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/53372"
},
{
"name": "GLSA-201308-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html"
},
{
"name": "MDVSA-2013:150",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2013-2376",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Stored Procedure."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "53372",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/53372"
},
{
"name": "GLSA-201308-06",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html"
},
{
"name": "MDVSA-2013:150",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2013-2376",
"datePublished": "2013-04-17T14:00:00",
"dateReserved": "2013-03-05T00:00:00",
"dateUpdated": "2024-08-06T15:36:46.162Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3808 (GCVE-0-2013-3808)
Vulnerability from cvelistv5 – Published: 2013-07-17 10:00 – Updated: 2024-08-06 16:22
VLAI?
EPSS
Summary
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:22:01.050Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "95330",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/95330"
},
{
"name": "53372",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/53372"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"name": "GLSA-201308-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"
},
{
"name": "openSUSE-SU-2013:1335",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html"
},
{
"name": "oracle-cpujuly2013-cve20133808(85717)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85717"
},
{
"name": "SUSE-SU-2013:1390",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html"
},
{
"name": "openSUSE-SU-2013:1410",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html"
},
{
"name": "SUSE-SU-2013:1529",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-07-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "95330",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/95330"
},
{
"name": "53372",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/53372"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"name": "GLSA-201308-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"
},
{
"name": "openSUSE-SU-2013:1335",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html"
},
{
"name": "oracle-cpujuly2013-cve20133808(85717)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85717"
},
{
"name": "SUSE-SU-2013:1390",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html"
},
{
"name": "openSUSE-SU-2013:1410",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html"
},
{
"name": "SUSE-SU-2013:1529",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2013-3808",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95330",
"refsource": "OSVDB",
"url": "http://osvdb.org/95330"
},
{
"name": "53372",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/53372"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"name": "GLSA-201308-06",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"
},
{
"name": "openSUSE-SU-2013:1335",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html"
},
{
"name": "oracle-cpujuly2013-cve20133808(85717)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85717"
},
{
"name": "SUSE-SU-2013:1390",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html"
},
{
"name": "openSUSE-SU-2013:1410",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html"
},
{
"name": "SUSE-SU-2013:1529",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2013-3808",
"datePublished": "2013-07-17T10:00:00",
"dateReserved": "2013-06-03T00:00:00",
"dateUpdated": "2024-08-06T16:22:01.050Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-3412 (GCVE-0-2014-3412)
Vulnerability from cvelistv5 – Published: 2014-05-20 14:00 – Updated: 2024-08-06 10:43
VLAI?
EPSS
Summary
Unspecified vulnerability in Juniper Junos Space before 13.3R1.8, when the firewall in disabled, allows remote attackers to execute arbitrary commands via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:43:05.515Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "67454",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/67454"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10626"
},
{
"name": "1030254",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030254"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-05-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Juniper Junos Space before 13.3R1.8, when the firewall in disabled, allows remote attackers to execute arbitrary commands via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-05-20T12:57:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "67454",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/67454"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10626"
},
{
"name": "1030254",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030254"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-3412",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Juniper Junos Space before 13.3R1.8, when the firewall in disabled, allows remote attackers to execute arbitrary commands via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "67454",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/67454"
},
{
"name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10626",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10626"
},
{
"name": "1030254",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030254"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-3412",
"datePublished": "2014-05-20T14:00:00",
"dateReserved": "2014-05-07T00:00:00",
"dateUpdated": "2024-08-06T10:43:05.515Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3812 (GCVE-0-2013-3812)
Vulnerability from cvelistv5 – Published: 2013-07-17 10:00 – Updated: 2024-08-06 16:22
VLAI?
EPSS
Summary
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Replication.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:22:00.892Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oracle-cpujuly2013-cve20133812(85723)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85723"
},
{
"name": "54300",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54300"
},
{
"name": "DSA-2818",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2013/dsa-2818"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"name": "openSUSE-SU-2013:1335",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html"
},
{
"name": "USN-1909-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1909-1"
},
{
"name": "SUSE-SU-2013:1390",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html"
},
{
"name": "95336",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/95336"
},
{
"name": "openSUSE-SU-2013:1410",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html"
},
{
"name": "SUSE-SU-2013:1529",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-07-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Replication."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "oracle-cpujuly2013-cve20133812(85723)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85723"
},
{
"name": "54300",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54300"
},
{
"name": "DSA-2818",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2013/dsa-2818"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"name": "openSUSE-SU-2013:1335",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html"
},
{
"name": "USN-1909-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1909-1"
},
{
"name": "SUSE-SU-2013:1390",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html"
},
{
"name": "95336",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/95336"
},
{
"name": "openSUSE-SU-2013:1410",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html"
},
{
"name": "SUSE-SU-2013:1529",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2013-3812",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Replication."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oracle-cpujuly2013-cve20133812(85723)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85723"
},
{
"name": "54300",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54300"
},
{
"name": "DSA-2818",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2013/dsa-2818"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"name": "openSUSE-SU-2013:1335",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html"
},
{
"name": "USN-1909-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1909-1"
},
{
"name": "SUSE-SU-2013:1390",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html"
},
{
"name": "95336",
"refsource": "OSVDB",
"url": "http://osvdb.org/95336"
},
{
"name": "openSUSE-SU-2013:1410",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html"
},
{
"name": "SUSE-SU-2013:1529",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2013-3812",
"datePublished": "2013-07-17T10:00:00",
"dateReserved": "2013-06-03T00:00:00",
"dateUpdated": "2024-08-06T16:22:00.892Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-1428 (GCVE-0-2010-1428)
Vulnerability from cvelistv5 – Published: 2010-04-28 22:00 – Updated: 2025-10-22 00:05
VLAI?
EPSS
Summary
The Web Console (aka web-console) in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for the GET and POST methods, which allows remote attackers to obtain sensitive information via an unspecified request that uses a different method.
Severity ?
7.5 (High)
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T01:21:19.108Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2010:0379",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0379.html"
},
{
"name": "RHSA-2010:0378",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0378.html"
},
{
"name": "jboss-webconsole-information-disclosure(58148)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58148"
},
{
"name": "HPSBMU02736",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=132698550418872\u0026w=2"
},
{
"name": "RHSA-2010:0376",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0376.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=585899"
},
{
"name": "RHSA-2010:0377",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0377.html"
},
{
"name": "SSRT100699",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=132698550418872\u0026w=2"
},
{
"name": "ADV-2010-0992",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0992"
},
{
"name": "1023917",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1023917"
},
{
"name": "39710",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/39710"
},
{
"name": "39563",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39563"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2010-1428",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-07T13:23:24.770044Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2022-05-25",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-1428"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-749",
"description": "CWE-749 Exposed Dangerous Method or Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-22T00:05:52.450Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-1428"
}
],
"timeline": [
{
"lang": "en",
"time": "2022-05-25T00:00:00+00:00",
"value": "CVE-2010-1428 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-04-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Web Console (aka web-console) in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for the GET and POST methods, which allows remote attackers to obtain sensitive information via an unspecified request that uses a different method."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2010:0379",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0379.html"
},
{
"name": "RHSA-2010:0378",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0378.html"
},
{
"name": "jboss-webconsole-information-disclosure(58148)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58148"
},
{
"name": "HPSBMU02736",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=132698550418872\u0026w=2"
},
{
"name": "RHSA-2010:0376",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0376.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=585899"
},
{
"name": "RHSA-2010:0377",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0377.html"
},
{
"name": "SSRT100699",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=132698550418872\u0026w=2"
},
{
"name": "ADV-2010-0992",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0992"
},
{
"name": "1023917",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1023917"
},
{
"name": "39710",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/39710"
},
{
"name": "39563",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39563"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-1428",
"datePublished": "2010-04-28T22:00:00.000Z",
"dateReserved": "2010-04-15T00:00:00.000Z",
"dateUpdated": "2025-10-22T00:05:52.450Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3793 (GCVE-0-2013-3793)
Vulnerability from cvelistv5 – Published: 2013-07-17 10:00 – Updated: 2024-08-06 16:22
VLAI?
EPSS
Summary
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:22:01.047Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "54300",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54300"
},
{
"name": "oracle-cpujuly2013-cve20133793(85710)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85710"
},
{
"name": "DSA-2818",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2013/dsa-2818"
},
{
"name": "95323",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/95323"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"name": "openSUSE-SU-2013:1335",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html"
},
{
"name": "USN-1909-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1909-1"
},
{
"name": "SUSE-SU-2013:1390",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html"
},
{
"name": "openSUSE-SU-2013:1410",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html"
},
{
"name": "61264",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/61264"
},
{
"name": "SUSE-SU-2013:1529",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-07-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "54300",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54300"
},
{
"name": "oracle-cpujuly2013-cve20133793(85710)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85710"
},
{
"name": "DSA-2818",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2013/dsa-2818"
},
{
"name": "95323",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/95323"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"name": "openSUSE-SU-2013:1335",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html"
},
{
"name": "USN-1909-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1909-1"
},
{
"name": "SUSE-SU-2013:1390",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html"
},
{
"name": "openSUSE-SU-2013:1410",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html"
},
{
"name": "61264",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/61264"
},
{
"name": "SUSE-SU-2013:1529",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2013-3793",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "54300",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54300"
},
{
"name": "oracle-cpujuly2013-cve20133793(85710)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85710"
},
{
"name": "DSA-2818",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2013/dsa-2818"
},
{
"name": "95323",
"refsource": "OSVDB",
"url": "http://osvdb.org/95323"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"name": "openSUSE-SU-2013:1335",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html"
},
{
"name": "USN-1909-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1909-1"
},
{
"name": "SUSE-SU-2013:1390",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html"
},
{
"name": "openSUSE-SU-2013:1410",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html"
},
{
"name": "61264",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/61264"
},
{
"name": "SUSE-SU-2013:1529",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2013-3793",
"datePublished": "2013-07-17T10:00:00",
"dateReserved": "2013-06-03T00:00:00",
"dateUpdated": "2024-08-06T16:22:01.047Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-1557 (GCVE-0-2013-1557)
Vulnerability from cvelistv5 – Published: 2013-04-17 15:00 – Updated: 2024-08-06 15:04
VLAI?
EPSS
Summary
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "missing security restrictions" in the LogStream.setDefaultStream method.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:04:49.478Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SU-2013:0835",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00013.html"
},
{
"name": "oval:org.mitre.oval:def:19294",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19294"
},
{
"name": "GLSA-201406-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "[distro-pkg-dev] 20130417 [SECURITY] IcedTea 1.11.10 for OpenJDK 6 Released!",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2013-April/022796.html"
},
{
"name": "SUSE-SU-2013:0871",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00001.html"
},
{
"name": "RHSA-2013:0758",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0758.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/76eb3fb80740"
},
{
"name": "APPLE-SA-2013-04-16-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2013/Apr/msg00001.html"
},
{
"name": "MDVSA-2013:145",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:145"
},
{
"name": "oval:org.mitre.oval:def:19672",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19672"
},
{
"name": "TA13-107A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/ncas/alerts/TA13-107A"
},
{
"name": "IV40772",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV40772"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blog.fuseyism.com/index.php/2013/04/25/security-icedtea-1-11-11-1-12-5-for-openjdk-6-released/"
},
{
"name": "SSRT101252",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=137283787217316\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0130"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=952648"
},
{
"name": "RHSA-2013:1455",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
},
{
"name": "SSRT101305",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880"
},
{
"name": "59170",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/59170"
},
{
"name": "RHSA-2013:0757",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0757.html"
},
{
"name": "HPSBUX02922",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21645566"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0124"
},
{
"name": "openSUSE-SU-2013:0777",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-05/msg00017.html"
},
{
"name": "MDVSA-2013:161",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:161"
},
{
"name": "openSUSE-SU-2013:0964",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00099.html"
},
{
"name": "RHSA-2013:0752",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0752.html"
},
{
"name": "USN-1806-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1806-1"
},
{
"name": "oval:org.mitre.oval:def:16688",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16688"
},
{
"name": "RHSA-2013:1456",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
},
{
"name": "SUSE-SU-2013:0814",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00007.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released/"
},
{
"name": "SUSE-SU-2013:0934",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00007.html"
},
{
"name": "HPSBUX02889",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=137283787217316\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-04-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to \"missing security restrictions\" in the LogStream.setDefaultStream method."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "SUSE-SU-2013:0835",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00013.html"
},
{
"name": "oval:org.mitre.oval:def:19294",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19294"
},
{
"name": "GLSA-201406-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "[distro-pkg-dev] 20130417 [SECURITY] IcedTea 1.11.10 for OpenJDK 6 Released!",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2013-April/022796.html"
},
{
"name": "SUSE-SU-2013:0871",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00001.html"
},
{
"name": "RHSA-2013:0758",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0758.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/76eb3fb80740"
},
{
"name": "APPLE-SA-2013-04-16-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2013/Apr/msg00001.html"
},
{
"name": "MDVSA-2013:145",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:145"
},
{
"name": "oval:org.mitre.oval:def:19672",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19672"
},
{
"name": "TA13-107A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/ncas/alerts/TA13-107A"
},
{
"name": "IV40772",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV40772"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blog.fuseyism.com/index.php/2013/04/25/security-icedtea-1-11-11-1-12-5-for-openjdk-6-released/"
},
{
"name": "SSRT101252",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=137283787217316\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0130"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=952648"
},
{
"name": "RHSA-2013:1455",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
},
{
"name": "SSRT101305",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880"
},
{
"name": "59170",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/59170"
},
{
"name": "RHSA-2013:0757",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0757.html"
},
{
"name": "HPSBUX02922",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21645566"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0124"
},
{
"name": "openSUSE-SU-2013:0777",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-05/msg00017.html"
},
{
"name": "MDVSA-2013:161",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:161"
},
{
"name": "openSUSE-SU-2013:0964",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00099.html"
},
{
"name": "RHSA-2013:0752",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0752.html"
},
{
"name": "USN-1806-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1806-1"
},
{
"name": "oval:org.mitre.oval:def:16688",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16688"
},
{
"name": "RHSA-2013:1456",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
},
{
"name": "SUSE-SU-2013:0814",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00007.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released/"
},
{
"name": "SUSE-SU-2013:0934",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00007.html"
},
{
"name": "HPSBUX02889",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=137283787217316\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2013-1557",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to \"missing security restrictions\" in the LogStream.setDefaultStream method."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SUSE-SU-2013:0835",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00013.html"
},
{
"name": "oval:org.mitre.oval:def:19294",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19294"
},
{
"name": "GLSA-201406-32",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "[distro-pkg-dev] 20130417 [SECURITY] IcedTea 1.11.10 for OpenJDK 6 Released!",
"refsource": "MLIST",
"url": "http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2013-April/022796.html"
},
{
"name": "SUSE-SU-2013:0871",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00001.html"
},
{
"name": "RHSA-2013:0758",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0758.html"
},
{
"name": "http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/76eb3fb80740",
"refsource": "MISC",
"url": "http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/76eb3fb80740"
},
{
"name": "APPLE-SA-2013-04-16-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2013/Apr/msg00001.html"
},
{
"name": "MDVSA-2013:145",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:145"
},
{
"name": "oval:org.mitre.oval:def:19672",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19672"
},
{
"name": "TA13-107A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/ncas/alerts/TA13-107A"
},
{
"name": "IV40772",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV40772"
},
{
"name": "http://blog.fuseyism.com/index.php/2013/04/25/security-icedtea-1-11-11-1-12-5-for-openjdk-6-released/",
"refsource": "CONFIRM",
"url": "http://blog.fuseyism.com/index.php/2013/04/25/security-icedtea-1-11-11-1-12-5-for-openjdk-6-released/"
},
{
"name": "SSRT101252",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=137283787217316\u0026w=2"
},
{
"name": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0130",
"refsource": "CONFIRM",
"url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0130"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=952648",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=952648"
},
{
"name": "RHSA-2013:1455",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
},
{
"name": "SSRT101305",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880"
},
{
"name": "59170",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/59170"
},
{
"name": "RHSA-2013:0757",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0757.html"
},
{
"name": "HPSBUX02922",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21645566",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21645566"
},
{
"name": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0124",
"refsource": "CONFIRM",
"url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0124"
},
{
"name": "openSUSE-SU-2013:0777",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-05/msg00017.html"
},
{
"name": "MDVSA-2013:161",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:161"
},
{
"name": "openSUSE-SU-2013:0964",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00099.html"
},
{
"name": "RHSA-2013:0752",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0752.html"
},
{
"name": "USN-1806-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1806-1"
},
{
"name": "oval:org.mitre.oval:def:16688",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16688"
},
{
"name": "RHSA-2013:1456",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
},
{
"name": "SUSE-SU-2013:0814",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00007.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html"
},
{
"name": "http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released/",
"refsource": "CONFIRM",
"url": "http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released/"
},
{
"name": "SUSE-SU-2013:0934",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00007.html"
},
{
"name": "HPSBUX02889",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=137283787217316\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2013-1557",
"datePublished": "2013-04-17T15:00:00",
"dateReserved": "2013-01-30T00:00:00",
"dateUpdated": "2024-08-06T15:04:49.478Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-1429 (GCVE-0-2010-1429)
Vulnerability from cvelistv5 – Published: 2010-04-28 22:00 – Updated: 2024-08-07 01:21
VLAI?
EPSS
Summary
Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 allows remote attackers to obtain sensitive information about "deployed web contexts" via a request to the status servlet, as demonstrated by a full=true query string. NOTE: this issue exists because of a CVE-2008-3273 regression.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T01:21:19.049Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2010:0379",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0379.html"
},
{
"name": "RHSA-2010:0378",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0378.html"
},
{
"name": "HPSBMU02736",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=132698550418872\u0026w=2"
},
{
"name": "RHSA-2010:0376",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0376.html"
},
{
"name": "RHSA-2010:0377",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0377.html"
},
{
"name": "jboss-status-servlet-information-disclosure(58149)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58149"
},
{
"name": "SSRT100699",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=132698550418872\u0026w=2"
},
{
"name": "ADV-2010-0992",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0992"
},
{
"name": "44009",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/44009/"
},
{
"name": "39710",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/39710"
},
{
"name": "39563",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39563"
},
{
"name": "1023918",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1023918"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=585900"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-04-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 allows remote attackers to obtain sensitive information about \"deployed web contexts\" via a request to the status servlet, as demonstrated by a full=true query string. NOTE: this issue exists because of a CVE-2008-3273 regression."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-02-12T10:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2010:0379",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0379.html"
},
{
"name": "RHSA-2010:0378",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0378.html"
},
{
"name": "HPSBMU02736",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=132698550418872\u0026w=2"
},
{
"name": "RHSA-2010:0376",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0376.html"
},
{
"name": "RHSA-2010:0377",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0377.html"
},
{
"name": "jboss-status-servlet-information-disclosure(58149)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58149"
},
{
"name": "SSRT100699",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=132698550418872\u0026w=2"
},
{
"name": "ADV-2010-0992",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0992"
},
{
"name": "44009",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/44009/"
},
{
"name": "39710",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/39710"
},
{
"name": "39563",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39563"
},
{
"name": "1023918",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1023918"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=585900"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-1429",
"datePublished": "2010-04-28T22:00:00",
"dateReserved": "2010-04-15T00:00:00",
"dateUpdated": "2024-08-07T01:21:19.049Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2389 (GCVE-0-2013-2389)
Vulnerability from cvelistv5 – Published: 2013-04-17 14:00 – Updated: 2024-08-06 15:36
VLAI?
EPSS
Summary
Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:36:46.252Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "53372",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/53372"
},
{
"name": "GLSA-201308-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html"
},
{
"name": "RHSA-2013:0772",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0772.html"
},
{
"name": "MDVSA-2013:150",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-04-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-02-10T22:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "53372",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/53372"
},
{
"name": "GLSA-201308-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html"
},
{
"name": "RHSA-2013:0772",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0772.html"
},
{
"name": "MDVSA-2013:150",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2013-2389",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "53372",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/53372"
},
{
"name": "GLSA-201308-06",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html"
},
{
"name": "RHSA-2013:0772",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0772.html"
},
{
"name": "MDVSA-2013:150",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2013-2389",
"datePublished": "2013-04-17T14:00:00",
"dateReserved": "2013-03-05T00:00:00",
"dateUpdated": "2024-08-06T15:36:46.252Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0738 (GCVE-0-2010-0738)
Vulnerability from cvelistv5 – Published: 2010-04-28 22:00 – Updated: 2025-10-22 00:05
VLAI?
EPSS
Summary
The JMX-Console web application in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for the GET and POST methods, which allows remote attackers to send requests to this application's GET handler by using a different method.
Severity ?
5.3 (Medium)
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:59:38.958Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2010:0379",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0379.html"
},
{
"name": "RHSA-2010:0378",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0378.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=574105"
},
{
"name": "RHSA-2010:0376",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0376.html"
},
{
"name": "8408",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/8408"
},
{
"name": "RHSA-2010:0377",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0377.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=35"
},
{
"name": "ADV-2010-0992",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0992"
},
{
"name": "HPSBMU02714",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=132129312609324\u0026w=2"
},
{
"name": "jboss-jmxconsole-security-bypass(58147)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58147"
},
{
"name": "SSRT100244",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=132129312609324\u0026w=2"
},
{
"name": "39710",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/39710"
},
{
"name": "39563",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39563"
},
{
"name": "1023918",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1023918"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2010-0738",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-07T13:23:07.402575Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2022-05-25",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-0738"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-749",
"description": "CWE-749 Exposed Dangerous Method or Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-22T00:05:52.604Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-0738"
}
],
"timeline": [
{
"lang": "en",
"time": "2022-05-25T00:00:00+00:00",
"value": "CVE-2010-0738 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-04-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The JMX-Console web application in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 performs access control only for the GET and POST methods, which allows remote attackers to send requests to this application\u0027s GET handler by using a different method."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2010:0379",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0379.html"
},
{
"name": "RHSA-2010:0378",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0378.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=574105"
},
{
"name": "RHSA-2010:0376",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0376.html"
},
{
"name": "8408",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/8408"
},
{
"name": "RHSA-2010:0377",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0377.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=35"
},
{
"name": "ADV-2010-0992",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0992"
},
{
"name": "HPSBMU02714",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=132129312609324\u0026w=2"
},
{
"name": "jboss-jmxconsole-security-bypass(58147)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58147"
},
{
"name": "SSRT100244",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=132129312609324\u0026w=2"
},
{
"name": "39710",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/39710"
},
{
"name": "39563",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39563"
},
{
"name": "1023918",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1023918"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2010-0738",
"datePublished": "2010-04-28T22:00:00.000Z",
"dateReserved": "2010-02-26T00:00:00.000Z",
"dateUpdated": "2025-10-22T00:05:52.604Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3805 (GCVE-0-2013-3805)
Vulnerability from cvelistv5 – Published: 2013-07-17 10:00 – Updated: 2024-08-06 16:22
VLAI?
EPSS
Summary
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Prepared Statements.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:22:01.327Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"name": "openSUSE-SU-2013:1335",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html"
},
{
"name": "SUSE-SU-2013:1390",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html"
},
{
"name": "95327",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/95327"
},
{
"name": "openSUSE-SU-2013:1410",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html"
},
{
"name": "SUSE-SU-2013:1529",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-07-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Prepared Statements."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-14T14:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"name": "openSUSE-SU-2013:1335",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html"
},
{
"name": "SUSE-SU-2013:1390",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html"
},
{
"name": "95327",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/95327"
},
{
"name": "openSUSE-SU-2013:1410",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html"
},
{
"name": "SUSE-SU-2013:1529",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2013-3805",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Prepared Statements."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"name": "openSUSE-SU-2013:1335",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html"
},
{
"name": "SUSE-SU-2013:1390",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html"
},
{
"name": "95327",
"refsource": "OSVDB",
"url": "http://osvdb.org/95327"
},
{
"name": "openSUSE-SU-2013:1410",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html"
},
{
"name": "SUSE-SU-2013:1529",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2013-3805",
"datePublished": "2013-07-17T10:00:00",
"dateReserved": "2013-06-03T00:00:00",
"dateUpdated": "2024-08-06T16:22:01.327Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3783 (GCVE-0-2013-3783)
Vulnerability from cvelistv5 – Published: 2013-07-17 10:00 – Updated: 2024-08-06 16:22
VLAI?
EPSS
Summary
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Parser.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:22:00.912Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "54300",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54300"
},
{
"name": "DSA-2818",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2013/dsa-2818"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"name": "openSUSE-SU-2013:1335",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html"
},
{
"name": "USN-1909-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1909-1"
},
{
"name": "SUSE-SU-2013:1390",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html"
},
{
"name": "61210",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/61210"
},
{
"name": "openSUSE-SU-2013:1410",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html"
},
{
"name": "oracle-cpujuly2013-cve20133783(85719)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85719"
},
{
"name": "95332",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/95332"
},
{
"name": "SUSE-SU-2013:1529",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-07-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Parser."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "54300",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54300"
},
{
"name": "DSA-2818",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2013/dsa-2818"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"name": "openSUSE-SU-2013:1335",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html"
},
{
"name": "USN-1909-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1909-1"
},
{
"name": "SUSE-SU-2013:1390",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html"
},
{
"name": "61210",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/61210"
},
{
"name": "openSUSE-SU-2013:1410",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html"
},
{
"name": "oracle-cpujuly2013-cve20133783(85719)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85719"
},
{
"name": "95332",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/95332"
},
{
"name": "SUSE-SU-2013:1529",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2013-3783",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Parser."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "54300",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54300"
},
{
"name": "DSA-2818",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2013/dsa-2818"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"name": "openSUSE-SU-2013:1335",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html"
},
{
"name": "USN-1909-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1909-1"
},
{
"name": "SUSE-SU-2013:1390",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html"
},
{
"name": "61210",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/61210"
},
{
"name": "openSUSE-SU-2013:1410",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html"
},
{
"name": "oracle-cpujuly2013-cve20133783(85719)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85719"
},
{
"name": "95332",
"refsource": "OSVDB",
"url": "http://osvdb.org/95332"
},
{
"name": "SUSE-SU-2013:1529",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2013-3783",
"datePublished": "2013-07-17T10:00:00",
"dateReserved": "2013-06-03T00:00:00",
"dateUpdated": "2024-08-06T16:22:00.912Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3809 (GCVE-0-2013-3809)
Vulnerability from cvelistv5 – Published: 2013-07-17 10:00 – Updated: 2024-08-06 16:22
VLAI?
EPSS
Summary
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Audit Log.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:22:01.305Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "54300",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54300"
},
{
"name": "DSA-2818",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2013/dsa-2818"
},
{
"name": "95322",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/95322"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"name": "openSUSE-SU-2013:1335",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html"
},
{
"name": "USN-1909-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1909-1"
},
{
"name": "SUSE-SU-2013:1390",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html"
},
{
"name": "openSUSE-SU-2013:1410",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html"
},
{
"name": "oracle-cpujuly2013-cve20133809(85709)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85709"
},
{
"name": "SUSE-SU-2013:1529",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-07-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Audit Log."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "54300",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54300"
},
{
"name": "DSA-2818",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2013/dsa-2818"
},
{
"name": "95322",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/95322"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"name": "openSUSE-SU-2013:1335",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html"
},
{
"name": "USN-1909-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1909-1"
},
{
"name": "SUSE-SU-2013:1390",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html"
},
{
"name": "openSUSE-SU-2013:1410",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html"
},
{
"name": "oracle-cpujuly2013-cve20133809(85709)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85709"
},
{
"name": "SUSE-SU-2013:1529",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2013-3809",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Audit Log."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "54300",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54300"
},
{
"name": "DSA-2818",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2013/dsa-2818"
},
{
"name": "95322",
"refsource": "OSVDB",
"url": "http://osvdb.org/95322"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"name": "openSUSE-SU-2013:1335",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html"
},
{
"name": "USN-1909-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1909-1"
},
{
"name": "SUSE-SU-2013:1390",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html"
},
{
"name": "openSUSE-SU-2013:1410",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html"
},
{
"name": "oracle-cpujuly2013-cve20133809(85709)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85709"
},
{
"name": "SUSE-SU-2013:1529",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2013-3809",
"datePublished": "2013-07-17T10:00:00",
"dateReserved": "2013-06-03T00:00:00",
"dateUpdated": "2024-08-06T16:22:01.305Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3794 (GCVE-0-2013-3794)
Vulnerability from cvelistv5 – Published: 2013-07-17 10:00 – Updated: 2024-08-06 16:22
VLAI?
EPSS
Summary
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Partition.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:22:00.650Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"name": "openSUSE-SU-2013:1335",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html"
},
{
"name": "SUSE-SU-2013:1390",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html"
},
{
"name": "95333",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/95333"
},
{
"name": "openSUSE-SU-2013:1410",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html"
},
{
"name": "SUSE-SU-2013:1529",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
},
{
"name": "61222",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/61222"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-07-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Partition."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-14T14:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"name": "openSUSE-SU-2013:1335",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html"
},
{
"name": "SUSE-SU-2013:1390",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html"
},
{
"name": "95333",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/95333"
},
{
"name": "openSUSE-SU-2013:1410",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html"
},
{
"name": "SUSE-SU-2013:1529",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
},
{
"name": "61222",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/61222"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2013-3794",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Partition."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"name": "openSUSE-SU-2013:1335",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html"
},
{
"name": "SUSE-SU-2013:1390",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html"
},
{
"name": "95333",
"refsource": "OSVDB",
"url": "http://osvdb.org/95333"
},
{
"name": "openSUSE-SU-2013:1410",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html"
},
{
"name": "SUSE-SU-2013:1529",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
},
{
"name": "61222",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/61222"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2013-3794",
"datePublished": "2013-07-17T10:00:00",
"dateReserved": "2013-06-03T00:00:00",
"dateUpdated": "2024-08-06T16:22:00.650Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-1862 (GCVE-0-2013-1862)
Vulnerability from cvelistv5 – Published: 2013-06-10 17:00 – Updated: 2024-08-06 15:20
VLAI?
EPSS
Summary
mod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via an HTTP request containing an escape sequence for a terminal emulator.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:20:37.197Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=953729"
},
{
"name": "oval:org.mitre.oval:def:18790",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18790"
},
{
"name": "MDVSA-2013:174",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:174"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644047"
},
{
"name": "SSRT101288",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay\u0026spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03922406-1%257CdocLocale%253D%257CcalledBy%253D\u0026javax.portlet.begCacheTok=com.vignette.cachetoken\u0026javax.portlet.endCacheTok=com.vignette.cachetoken"
},
{
"name": "RHSA-2013:1209",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1209.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.apache.org/viewvc?view=revision\u0026revision=r1469311"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://people.apache.org/~jorton/mod_rewrite-CVE-2013-1862.patch"
},
{
"name": "openSUSE-SU-2013:1340",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00029.html"
},
{
"name": "RHSA-2013:0815",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0815.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT6150"
},
{
"name": "USN-1903-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1903-1"
},
{
"name": "HPSBUX02927",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay\u0026spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03922406-1%257CdocLocale%253D%257CcalledBy%253D\u0026javax.portlet.begCacheTok=com.vignette.cachetoken\u0026javax.portlet.endCacheTok=com.vignette.cachetoken"
},
{
"name": "RHSA-2013:1207",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1207.html"
},
{
"name": "59826",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/59826"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-201303e.html"
},
{
"name": "RHSA-2013:1208",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1208.html"
},
{
"name": "oval:org.mitre.oval:def:19534",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19534"
},
{
"name": "20130822 Apache HTTP Server mod_rewrite Log File Manipulation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1862"
},
{
"name": "openSUSE-SU-2013:1341",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00030.html"
},
{
"name": "64758",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/64758"
},
{
"name": "55032",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/55032"
},
{
"name": "openSUSE-SU-2013:1337",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00026.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048743 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048742 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058586 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058587 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [8/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1888194 [8/13] - /httpd/site/trunk/content/security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [9/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210603 svn commit: r1075360 [1/3] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210606 svn commit: r1075467 [1/2] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-04-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "mod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via an HTTP request containing an escape sequence for a terminal emulator."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-06T10:10:21",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=953729"
},
{
"name": "oval:org.mitre.oval:def:18790",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18790"
},
{
"name": "MDVSA-2013:174",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:174"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644047"
},
{
"name": "SSRT101288",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay\u0026spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03922406-1%257CdocLocale%253D%257CcalledBy%253D\u0026javax.portlet.begCacheTok=com.vignette.cachetoken\u0026javax.portlet.endCacheTok=com.vignette.cachetoken"
},
{
"name": "RHSA-2013:1209",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1209.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.apache.org/viewvc?view=revision\u0026revision=r1469311"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://people.apache.org/~jorton/mod_rewrite-CVE-2013-1862.patch"
},
{
"name": "openSUSE-SU-2013:1340",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00029.html"
},
{
"name": "RHSA-2013:0815",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0815.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT6150"
},
{
"name": "USN-1903-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1903-1"
},
{
"name": "HPSBUX02927",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay\u0026spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03922406-1%257CdocLocale%253D%257CcalledBy%253D\u0026javax.portlet.begCacheTok=com.vignette.cachetoken\u0026javax.portlet.endCacheTok=com.vignette.cachetoken"
},
{
"name": "RHSA-2013:1207",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1207.html"
},
{
"name": "59826",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/59826"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-201303e.html"
},
{
"name": "RHSA-2013:1208",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1208.html"
},
{
"name": "oval:org.mitre.oval:def:19534",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19534"
},
{
"name": "20130822 Apache HTTP Server mod_rewrite Log File Manipulation Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1862"
},
{
"name": "openSUSE-SU-2013:1341",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00030.html"
},
{
"name": "64758",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/64758"
},
{
"name": "55032",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/55032"
},
{
"name": "openSUSE-SU-2013:1337",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00026.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048743 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048742 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058586 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058587 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [8/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1888194 [8/13] - /httpd/site/trunk/content/security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [9/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210603 svn commit: r1075360 [1/3] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210606 svn commit: r1075467 [1/2] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-1862",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "mod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via an HTTP request containing an escape sequence for a terminal emulator."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=953729",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=953729"
},
{
"name": "oval:org.mitre.oval:def:18790",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18790"
},
{
"name": "MDVSA-2013:174",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:174"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21644047",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644047"
},
{
"name": "SSRT101288",
"refsource": "HP",
"url": "https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay\u0026spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03922406-1%257CdocLocale%253D%257CcalledBy%253D\u0026javax.portlet.begCacheTok=com.vignette.cachetoken\u0026javax.portlet.endCacheTok=com.vignette.cachetoken"
},
{
"name": "RHSA-2013:1209",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1209.html"
},
{
"name": "http://svn.apache.org/viewvc?view=revision\u0026revision=r1469311",
"refsource": "CONFIRM",
"url": "http://svn.apache.org/viewvc?view=revision\u0026revision=r1469311"
},
{
"name": "http://people.apache.org/~jorton/mod_rewrite-CVE-2013-1862.patch",
"refsource": "CONFIRM",
"url": "http://people.apache.org/~jorton/mod_rewrite-CVE-2013-1862.patch"
},
{
"name": "openSUSE-SU-2013:1340",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00029.html"
},
{
"name": "RHSA-2013:0815",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0815.html"
},
{
"name": "http://support.apple.com/kb/HT6150",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT6150"
},
{
"name": "USN-1903-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1903-1"
},
{
"name": "HPSBUX02927",
"refsource": "HP",
"url": "https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay\u0026spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03922406-1%257CdocLocale%253D%257CcalledBy%253D\u0026javax.portlet.begCacheTok=com.vignette.cachetoken\u0026javax.portlet.endCacheTok=com.vignette.cachetoken"
},
{
"name": "RHSA-2013:1207",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1207.html"
},
{
"name": "59826",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/59826"
},
{
"name": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-201303e.html",
"refsource": "CONFIRM",
"url": "http://www.fujitsu.com/global/support/software/security/products-f/interstage-201303e.html"
},
{
"name": "RHSA-2013:1208",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1208.html"
},
{
"name": "oval:org.mitre.oval:def:19534",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19534"
},
{
"name": "20130822 Apache HTTP Server mod_rewrite Log File Manipulation Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1862"
},
{
"name": "openSUSE-SU-2013:1341",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00030.html"
},
{
"name": "64758",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/64758"
},
{
"name": "55032",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55032"
},
{
"name": "openSUSE-SU-2013:1337",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00026.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048743 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048742 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058586 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058587 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [8/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1888194 [8/13] - /httpd/site/trunk/content/security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [9/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210603 svn commit: r1075360 [1/3] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r5f9c22f9c28adbd9f00556059edc7b03a5d5bb71d4bb80257c0d34e4@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210606 svn commit: r1075467 [1/2] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rb9c9f42dafa25d2f669dac2a536a03f2575bc5ec1be6f480618aee10@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-1862",
"datePublished": "2013-06-10T17:00:00",
"dateReserved": "2013-02-19T00:00:00",
"dateUpdated": "2024-08-06T15:20:37.197Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3839 (GCVE-0-2013-3839)
Vulnerability from cvelistv5 – Published: 2013-10-16 15:00 – Updated: 2024-08-06 16:22
VLAI?
EPSS
Summary
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.70 and earlier, 5.5.32 and earlier, and 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:22:01.307Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-2780",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2013/dsa-2780"
},
{
"name": "DSA-2818",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2013/dsa-2818"
},
{
"name": "RHSA-2014:0186",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0186.html"
},
{
"name": "MDVSA-2013:250",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:250"
},
{
"name": "55291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/55291"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"name": "USN-2006-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2006-1"
},
{
"name": "RHSA-2014:0173",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0173.html"
},
{
"name": "RHSA-2014:0189",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0189.html"
},
{
"name": "1029184",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029184"
},
{
"name": "63109",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/63109"
},
{
"name": "GLSA-201409-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201409-04.xml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-10-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.70 and earlier, 5.5.32 and earlier, and 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-04T17:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "DSA-2780",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2013/dsa-2780"
},
{
"name": "DSA-2818",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2013/dsa-2818"
},
{
"name": "RHSA-2014:0186",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0186.html"
},
{
"name": "MDVSA-2013:250",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:250"
},
{
"name": "55291",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/55291"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"name": "USN-2006-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2006-1"
},
{
"name": "RHSA-2014:0173",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0173.html"
},
{
"name": "RHSA-2014:0189",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0189.html"
},
{
"name": "1029184",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029184"
},
{
"name": "63109",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/63109"
},
{
"name": "GLSA-201409-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201409-04.xml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2013-3839",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.70 and earlier, 5.5.32 and earlier, and 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-2780",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2013/dsa-2780"
},
{
"name": "DSA-2818",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2013/dsa-2818"
},
{
"name": "RHSA-2014:0186",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0186.html"
},
{
"name": "MDVSA-2013:250",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:250"
},
{
"name": "55291",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/55291"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"name": "USN-2006-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2006-1"
},
{
"name": "RHSA-2014:0173",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0173.html"
},
{
"name": "RHSA-2014:0189",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0189.html"
},
{
"name": "1029184",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029184"
},
{
"name": "63109",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/63109"
},
{
"name": "GLSA-201409-04",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201409-04.xml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2013-3839",
"datePublished": "2013-10-16T15:00:00",
"dateReserved": "2013-06-03T00:00:00",
"dateUpdated": "2024-08-06T16:22:01.307Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-1544 (GCVE-0-2013-1544)
Vulnerability from cvelistv5 – Published: 2013-04-17 12:10 – Updated: 2024-08-06 15:04
VLAI?
EPSS
Summary
Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:04:49.294Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "53372",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/53372"
},
{
"name": "GLSA-201308-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html"
},
{
"name": "RHSA-2013:0772",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0772.html"
},
{
"name": "MDVSA-2013:150",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-04-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-02-10T22:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "53372",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/53372"
},
{
"name": "GLSA-201308-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html"
},
{
"name": "RHSA-2013:0772",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0772.html"
},
{
"name": "MDVSA-2013:150",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2013-1544",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "53372",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/53372"
},
{
"name": "GLSA-201308-06",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html"
},
{
"name": "RHSA-2013:0772",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0772.html"
},
{
"name": "MDVSA-2013:150",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2013-1544",
"datePublished": "2013-04-17T12:10:00",
"dateReserved": "2013-01-30T00:00:00",
"dateUpdated": "2024-08-06T15:04:49.294Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-1896 (GCVE-0-2013-1896)
Vulnerability from cvelistv5 – Published: 2013-07-10 20:00 – Updated: 2024-08-06 15:20
VLAI?
EPSS
Summary
mod_dav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service (segmentation fault) via a MERGE request in which the URI is configured for handling by the mod_dav_svn module, but a certain href attribute in XML data refers to a non-DAV URI.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:20:37.089Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/dav/main/mod_dav.c?view=log"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644047"
},
{
"name": "SSRT101288",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay\u0026spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03922406-1%257CdocLocale%253D%257CcalledBy%253D\u0026javax.portlet.begCacheTok=com.vignette.cachetoken\u0026javax.portlet.endCacheTok=com.vignette.cachetoken"
},
{
"name": "RHSA-2013:1209",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1209.html"
},
{
"name": "oval:org.mitre.oval:def:18835",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18835"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/dav/main/mod_dav.c?r1=1482522\u0026r2=1485668\u0026diff_format=h"
},
{
"name": "openSUSE-SU-2013:1340",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00029.html"
},
{
"name": "oval:org.mitre.oval:def:19747",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19747"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT6150"
},
{
"name": "RHSA-2013:1156",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1156.html"
},
{
"name": "USN-1903-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1903-1"
},
{
"name": "HPSBUX02927",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay\u0026spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03922406-1%257CdocLocale%253D%257CcalledBy%253D\u0026javax.portlet.begCacheTok=com.vignette.cachetoken\u0026javax.portlet.endCacheTok=com.vignette.cachetoken"
},
{
"name": "RHSA-2013:1207",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1207.html"
},
{
"name": "61129",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/61129"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.apache.org/dist/httpd/Announcement2.2.html"
},
{
"name": "RHSA-2013:1208",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1208.html"
},
{
"name": "20130822 Apache HTTP Server MERGE Request Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1896"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
},
{
"name": "openSUSE-SU-2013:1341",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00030.html"
},
{
"name": "55032",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/55032"
},
{
"name": "openSUSE-SU-2013:1337",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00026.html"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048743 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048742 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048743 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048742 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058586 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058586 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058587 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058587 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [8/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1888194 [8/13] - /httpd/site/trunk/content/security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [9/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073146 [3/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210603 svn commit: r1075360 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210606 svn commit: r1075467 [2/2] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-07-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "mod_dav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service (segmentation fault) via a MERGE request in which the URI is configured for handling by the mod_dav_svn module, but a certain href attribute in XML data refers to a non-DAV URI."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-06T10:11:58",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/dav/main/mod_dav.c?view=log"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644047"
},
{
"name": "SSRT101288",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay\u0026spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03922406-1%257CdocLocale%253D%257CcalledBy%253D\u0026javax.portlet.begCacheTok=com.vignette.cachetoken\u0026javax.portlet.endCacheTok=com.vignette.cachetoken"
},
{
"name": "RHSA-2013:1209",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1209.html"
},
{
"name": "oval:org.mitre.oval:def:18835",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18835"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/dav/main/mod_dav.c?r1=1482522\u0026r2=1485668\u0026diff_format=h"
},
{
"name": "openSUSE-SU-2013:1340",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00029.html"
},
{
"name": "oval:org.mitre.oval:def:19747",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19747"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT6150"
},
{
"name": "RHSA-2013:1156",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1156.html"
},
{
"name": "USN-1903-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1903-1"
},
{
"name": "HPSBUX02927",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay\u0026spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03922406-1%257CdocLocale%253D%257CcalledBy%253D\u0026javax.portlet.begCacheTok=com.vignette.cachetoken\u0026javax.portlet.endCacheTok=com.vignette.cachetoken"
},
{
"name": "RHSA-2013:1207",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1207.html"
},
{
"name": "61129",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/61129"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.apache.org/dist/httpd/Announcement2.2.html"
},
{
"name": "RHSA-2013:1208",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1208.html"
},
{
"name": "20130822 Apache HTTP Server MERGE Request Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1896"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
},
{
"name": "openSUSE-SU-2013:1341",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00030.html"
},
{
"name": "55032",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/55032"
},
{
"name": "openSUSE-SU-2013:1337",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00026.html"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048743 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048742 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048743 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048742 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058586 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058586 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058587 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058587 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [8/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r9b4b963760a3cb5a4a70c902f325c6c0337fe51d5b8570416f8f8729%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1888194 [8/13] - /httpd/site/trunk/content/security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r05b5357d1f6bd106f41541ee7d87aafe3f5ea4dc3e9bde5ce09baff8%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [9/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r9821b0a32a1d0a1b4947abb6f3630053fcbb2ec905d9a32c2bd4d4ee%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073146 [3/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210603 svn commit: r1075360 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rad01d817195e6cc871cb1d73b207ca326379a20a6e7f30febaf56d24%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210606 svn commit: r1075467 [2/2] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2021-31618.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r476d175be0aaf4a17680ef98c5153b4d336eaef76fb2224cc94c463a%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-1896",
"datePublished": "2013-07-10T20:00:00",
"dateReserved": "2013-02-19T00:00:00",
"dateUpdated": "2024-08-06T15:20:37.089Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-1502 (GCVE-0-2013-1502)
Vulnerability from cvelistv5 – Published: 2013-04-17 05:04 – Updated: 2024-08-06 15:04
VLAI?
EPSS
Summary
Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.9 and earlier allows local users to affect availability via unknown vectors related to Server Partition.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:04:48.892Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "53372",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/53372"
},
{
"name": "GLSA-201308-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html"
},
{
"name": "MDVSA-2013:150",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-04-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.9 and earlier allows local users to affect availability via unknown vectors related to Server Partition."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-14T14:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "53372",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/53372"
},
{
"name": "GLSA-201308-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html"
},
{
"name": "MDVSA-2013:150",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2013-1502",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.9 and earlier allows local users to affect availability via unknown vectors related to Server Partition."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "53372",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/53372"
},
{
"name": "GLSA-201308-06",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html"
},
{
"name": "MDVSA-2013:150",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2013-1502",
"datePublished": "2013-04-17T05:04:00",
"dateReserved": "2013-01-30T00:00:00",
"dateUpdated": "2024-08-06T15:04:48.892Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2392 (GCVE-0-2013-2392)
Vulnerability from cvelistv5 – Published: 2013-04-17 14:00 – Updated: 2024-08-06 15:36
VLAI?
EPSS
Summary
Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:36:46.264Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "53372",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/53372"
},
{
"name": "GLSA-201308-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html"
},
{
"name": "RHSA-2013:0772",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0772.html"
},
{
"name": "MDVSA-2013:150",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-04-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-02-10T22:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "53372",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/53372"
},
{
"name": "GLSA-201308-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html"
},
{
"name": "RHSA-2013:0772",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0772.html"
},
{
"name": "MDVSA-2013:150",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2013-2392",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "53372",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/53372"
},
{
"name": "GLSA-201308-06",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html"
},
{
"name": "RHSA-2013:0772",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0772.html"
},
{
"name": "MDVSA-2013:150",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2013-2392",
"datePublished": "2013-04-17T14:00:00",
"dateReserved": "2013-03-05T00:00:00",
"dateUpdated": "2024-08-06T15:36:46.264Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-3411 (GCVE-0-2014-3411)
Vulnerability from cvelistv5 – Published: 2014-05-19 14:00 – Updated: 2024-08-06 10:43
VLAI?
EPSS
Summary
Unspecified vulnerability in the NSM XDB service in Juniper NSM before 2012.2R8 allows remote attackers to execute arbitrary code via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:43:05.463Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "58684",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/58684"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10625"
},
{
"name": "1030253",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1030253"
},
{
"name": "67445",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/67445"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-05-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the NSM XDB service in Juniper NSM before 2012.2R8 allows remote attackers to execute arbitrary code via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-01-04T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "58684",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/58684"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10625"
},
{
"name": "1030253",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1030253"
},
{
"name": "67445",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/67445"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-3411",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the NSM XDB service in Juniper NSM before 2012.2R8 allows remote attackers to execute arbitrary code via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "58684",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/58684"
},
{
"name": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10625",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10625"
},
{
"name": "1030253",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1030253"
},
{
"name": "67445",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/67445"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-3411",
"datePublished": "2014-05-19T14:00:00",
"dateReserved": "2014-05-07T00:00:00",
"dateUpdated": "2024-08-06T10:43:05.463Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-3143 (GCVE-0-2012-3143)
Vulnerability from cvelistv5 – Published: 2012-10-16 21:29 – Updated: 2024-08-06 19:57
VLAI?
EPSS
Summary
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JMX, a different vulnerability than CVE-2012-5089.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:57:49.988Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SU-2012:1398",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-023/index.html"
},
{
"name": "RHSA-2012:1466",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1466.html"
},
{
"name": "51315",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51315"
},
{
"name": "51438",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51438"
},
{
"name": "51141",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51141"
},
{
"name": "SSRT101043",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=135758563611658\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
},
{
"name": "56055",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/56055"
},
{
"name": "RHSA-2013:1455",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
},
{
"name": "RHSA-2012:1391",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1391.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21620037"
},
{
"name": "HPSBOV02833",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=135758563611658\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:16686",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16686"
},
{
"name": "51390",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51390"
},
{
"name": "RHSA-2012:1392",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1392.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21631786"
},
{
"name": "SUSE-SU-2012:1489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00010.html"
},
{
"name": "SUSE-SU-2012:1595",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00022.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
},
{
"name": "51327",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51327"
},
{
"name": "RHSA-2012:1467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
},
{
"name": "RHSA-2012:1465",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1465.html"
},
{
"name": "51328",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51328"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21620575"
},
{
"name": "SSRT101042",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=135542848327757\u0026w=2"
},
{
"name": "RHSA-2013:1456",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html"
},
{
"name": "51326",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51326"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf"
},
{
"name": "javaruntimeenvironment-jmx-cve20123143(79419)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79419"
},
{
"name": "HPSBUX02832",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=135542848327757\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-10-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JMX, a different vulnerability than CVE-2012-5089."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "SUSE-SU-2012:1398",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-023/index.html"
},
{
"name": "RHSA-2012:1466",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1466.html"
},
{
"name": "51315",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51315"
},
{
"name": "51438",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51438"
},
{
"name": "51141",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51141"
},
{
"name": "SSRT101043",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=135758563611658\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
},
{
"name": "56055",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/56055"
},
{
"name": "RHSA-2013:1455",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
},
{
"name": "RHSA-2012:1391",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1391.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21620037"
},
{
"name": "HPSBOV02833",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=135758563611658\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:16686",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16686"
},
{
"name": "51390",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51390"
},
{
"name": "RHSA-2012:1392",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1392.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21631786"
},
{
"name": "SUSE-SU-2012:1489",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00010.html"
},
{
"name": "SUSE-SU-2012:1595",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00022.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
},
{
"name": "51327",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51327"
},
{
"name": "RHSA-2012:1467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
},
{
"name": "RHSA-2012:1465",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1465.html"
},
{
"name": "51328",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51328"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21620575"
},
{
"name": "SSRT101042",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=135542848327757\u0026w=2"
},
{
"name": "RHSA-2013:1456",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html"
},
{
"name": "51326",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51326"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf"
},
{
"name": "javaruntimeenvironment-jmx-cve20123143(79419)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79419"
},
{
"name": "HPSBUX02832",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=135542848327757\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2012-3143",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 7 and earlier, 6 Update 35 and earlier, and 5.0 Update 36 and earlier allows remote attackers to affect confidentiality, integrity, and availability, related to JMX, a different vulnerability than CVE-2012-5089."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SUSE-SU-2012:1398",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00016.html"
},
{
"name": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-023/index.html",
"refsource": "CONFIRM",
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-023/index.html"
},
{
"name": "RHSA-2012:1466",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1466.html"
},
{
"name": "51315",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51315"
},
{
"name": "51438",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51438"
},
{
"name": "51141",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51141"
},
{
"name": "SSRT101043",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=135758563611658\u0026w=2"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
},
{
"name": "56055",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/56055"
},
{
"name": "RHSA-2013:1455",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
},
{
"name": "RHSA-2012:1391",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1391.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21620037",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21620037"
},
{
"name": "HPSBOV02833",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=135758563611658\u0026w=2"
},
{
"name": "oval:org.mitre.oval:def:16686",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16686"
},
{
"name": "51390",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51390"
},
{
"name": "RHSA-2012:1392",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1392.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21631786",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21631786"
},
{
"name": "SUSE-SU-2012:1489",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00010.html"
},
{
"name": "SUSE-SU-2012:1595",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00022.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
},
{
"name": "51327",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51327"
},
{
"name": "RHSA-2012:1467",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
},
{
"name": "RHSA-2012:1465",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1465.html"
},
{
"name": "51328",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51328"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21620575",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21620575"
},
{
"name": "SSRT101042",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=135542848327757\u0026w=2"
},
{
"name": "RHSA-2013:1456",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html"
},
{
"name": "51326",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51326"
},
{
"name": "http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf",
"refsource": "CONFIRM",
"url": "http://www.xerox.com/download/security/security-bulletin/16287-4d6b7b0c81f7b/cert_XRX13-003_v1.0.pdf"
},
{
"name": "javaruntimeenvironment-jmx-cve20123143(79419)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/79419"
},
{
"name": "HPSBUX02832",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=135542848327757\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2012-3143",
"datePublished": "2012-10-16T21:29:00",
"dateReserved": "2012-06-06T00:00:00",
"dateUpdated": "2024-08-06T19:57:49.988Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2422 (GCVE-0-2013-2422)
Vulnerability from cvelistv5 – Published: 2013-04-17 15:00 – Updated: 2024-08-06 15:36
VLAI?
EPSS
Summary
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper method-invocation restrictions by the MethodUtil trampoline class, which allows remote attackers to bypass the Java sandbox.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:36:46.483Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SU-2013:0835",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00013.html"
},
{
"name": "oval:org.mitre.oval:def:19087",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19087"
},
{
"name": "GLSA-201406-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=952642"
},
{
"name": "[distro-pkg-dev] 20130417 [SECURITY] IcedTea 1.11.10 for OpenJDK 6 Released!",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2013-April/022796.html"
},
{
"name": "SUSE-SU-2013:0871",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00001.html"
},
{
"name": "RHSA-2013:0758",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0758.html"
},
{
"name": "APPLE-SA-2013-04-16-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2013/Apr/msg00001.html"
},
{
"name": "MDVSA-2013:145",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:145"
},
{
"name": "TA13-107A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/ncas/alerts/TA13-107A"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blog.fuseyism.com/index.php/2013/04/25/security-icedtea-1-11-11-1-12-5-for-openjdk-6-released/"
},
{
"name": "SSRT101252",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=137283787217316\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0130"
},
{
"name": "RHSA-2013:1455",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
},
{
"name": "RHSA-2013:0757",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0757.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0124"
},
{
"name": "openSUSE-SU-2013:0777",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-05/msg00017.html"
},
{
"name": "MDVSA-2013:161",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:161"
},
{
"name": "openSUSE-SU-2013:0964",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00099.html"
},
{
"name": "RHSA-2013:0752",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0752.html"
},
{
"name": "USN-1806-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1806-1"
},
{
"name": "59228",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/59228"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/2899c3dbf5e8"
},
{
"name": "RHSA-2013:1456",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
},
{
"name": "oval:org.mitre.oval:def:16561",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16561"
},
{
"name": "SUSE-SU-2013:0814",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00007.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released/"
},
{
"name": "HPSBUX02889",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=137283787217316\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-04-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper method-invocation restrictions by the MethodUtil trampoline class, which allows remote attackers to bypass the Java sandbox."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "SUSE-SU-2013:0835",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00013.html"
},
{
"name": "oval:org.mitre.oval:def:19087",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19087"
},
{
"name": "GLSA-201406-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=952642"
},
{
"name": "[distro-pkg-dev] 20130417 [SECURITY] IcedTea 1.11.10 for OpenJDK 6 Released!",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2013-April/022796.html"
},
{
"name": "SUSE-SU-2013:0871",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00001.html"
},
{
"name": "RHSA-2013:0758",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0758.html"
},
{
"name": "APPLE-SA-2013-04-16-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2013/Apr/msg00001.html"
},
{
"name": "MDVSA-2013:145",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:145"
},
{
"name": "TA13-107A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/ncas/alerts/TA13-107A"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blog.fuseyism.com/index.php/2013/04/25/security-icedtea-1-11-11-1-12-5-for-openjdk-6-released/"
},
{
"name": "SSRT101252",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=137283787217316\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0130"
},
{
"name": "RHSA-2013:1455",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
},
{
"name": "RHSA-2013:0757",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0757.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0124"
},
{
"name": "openSUSE-SU-2013:0777",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-05/msg00017.html"
},
{
"name": "MDVSA-2013:161",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:161"
},
{
"name": "openSUSE-SU-2013:0964",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00099.html"
},
{
"name": "RHSA-2013:0752",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0752.html"
},
{
"name": "USN-1806-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1806-1"
},
{
"name": "59228",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/59228"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/2899c3dbf5e8"
},
{
"name": "RHSA-2013:1456",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
},
{
"name": "oval:org.mitre.oval:def:16561",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16561"
},
{
"name": "SUSE-SU-2013:0814",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00007.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released/"
},
{
"name": "HPSBUX02889",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=137283787217316\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2013-2422",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper method-invocation restrictions by the MethodUtil trampoline class, which allows remote attackers to bypass the Java sandbox."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SUSE-SU-2013:0835",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00013.html"
},
{
"name": "oval:org.mitre.oval:def:19087",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19087"
},
{
"name": "GLSA-201406-32",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=952642",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=952642"
},
{
"name": "[distro-pkg-dev] 20130417 [SECURITY] IcedTea 1.11.10 for OpenJDK 6 Released!",
"refsource": "MLIST",
"url": "http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2013-April/022796.html"
},
{
"name": "SUSE-SU-2013:0871",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00001.html"
},
{
"name": "RHSA-2013:0758",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0758.html"
},
{
"name": "APPLE-SA-2013-04-16-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2013/Apr/msg00001.html"
},
{
"name": "MDVSA-2013:145",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:145"
},
{
"name": "TA13-107A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/ncas/alerts/TA13-107A"
},
{
"name": "http://blog.fuseyism.com/index.php/2013/04/25/security-icedtea-1-11-11-1-12-5-for-openjdk-6-released/",
"refsource": "CONFIRM",
"url": "http://blog.fuseyism.com/index.php/2013/04/25/security-icedtea-1-11-11-1-12-5-for-openjdk-6-released/"
},
{
"name": "SSRT101252",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=137283787217316\u0026w=2"
},
{
"name": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0130",
"refsource": "CONFIRM",
"url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0130"
},
{
"name": "RHSA-2013:1455",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
},
{
"name": "RHSA-2013:0757",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0757.html"
},
{
"name": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0124",
"refsource": "CONFIRM",
"url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0124"
},
{
"name": "openSUSE-SU-2013:0777",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-05/msg00017.html"
},
{
"name": "MDVSA-2013:161",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:161"
},
{
"name": "openSUSE-SU-2013:0964",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00099.html"
},
{
"name": "RHSA-2013:0752",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0752.html"
},
{
"name": "USN-1806-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1806-1"
},
{
"name": "59228",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/59228"
},
{
"name": "http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/2899c3dbf5e8",
"refsource": "MISC",
"url": "http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/2899c3dbf5e8"
},
{
"name": "RHSA-2013:1456",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
},
{
"name": "oval:org.mitre.oval:def:16561",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16561"
},
{
"name": "SUSE-SU-2013:0814",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00007.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html"
},
{
"name": "http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released/",
"refsource": "CONFIRM",
"url": "http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released/"
},
{
"name": "HPSBUX02889",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=137283787217316\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2013-2422",
"datePublished": "2013-04-17T15:00:00",
"dateReserved": "2013-03-05T00:00:00",
"dateUpdated": "2024-08-06T15:36:46.483Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3801 (GCVE-0-2013-3801)
Vulnerability from cvelistv5 – Published: 2013-07-17 10:00 – Updated: 2024-08-06 16:22
VLAI?
EPSS
Summary
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:22:00.966Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"name": "openSUSE-SU-2013:1335",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html"
},
{
"name": "61269",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/61269"
},
{
"name": "SUSE-SU-2013:1390",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html"
},
{
"name": "95331",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/95331"
},
{
"name": "openSUSE-SU-2013:1410",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html"
},
{
"name": "SUSE-SU-2013:1529",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-07-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-14T14:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"name": "openSUSE-SU-2013:1335",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html"
},
{
"name": "61269",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/61269"
},
{
"name": "SUSE-SU-2013:1390",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html"
},
{
"name": "95331",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/95331"
},
{
"name": "openSUSE-SU-2013:1410",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html"
},
{
"name": "SUSE-SU-2013:1529",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2013-3801",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"name": "openSUSE-SU-2013:1335",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html"
},
{
"name": "61269",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/61269"
},
{
"name": "SUSE-SU-2013:1390",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html"
},
{
"name": "95331",
"refsource": "OSVDB",
"url": "http://osvdb.org/95331"
},
{
"name": "openSUSE-SU-2013:1410",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html"
},
{
"name": "SUSE-SU-2013:1529",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2013-3801",
"datePublished": "2013-07-17T10:00:00",
"dateReserved": "2013-06-03T00:00:00",
"dateUpdated": "2024-08-06T16:22:00.966Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-1537 (GCVE-0-2013-1537)
Vulnerability from cvelistv5 – Published: 2013-04-17 15:00 – Updated: 2024-08-06 15:04
VLAI?
EPSS
Summary
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to the default java.rmi.server.useCodebaseOnly setting of false, which allows remote attackers to perform "dynamic class downloading" and execute arbitrary code.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:04:49.454Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SU-2013:0835",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00013.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/java/javase/7u21-relnotes-1932873.html#rmichanges"
},
{
"name": "GLSA-201406-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "[distro-pkg-dev] 20130417 [SECURITY] IcedTea 1.11.10 for OpenJDK 6 Released!",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2013-April/022796.html"
},
{
"name": "SUSE-SU-2013:0871",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00001.html"
},
{
"name": "RHSA-2013:0758",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0758.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.security-explorations.com/en/SE-2012-01-details.html"
},
{
"name": "APPLE-SA-2013-04-16-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2013/Apr/msg00001.html"
},
{
"name": "MDVSA-2013:145",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:145"
},
{
"name": "TA13-107A",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.us-cert.gov/ncas/alerts/TA13-107A"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blog.fuseyism.com/index.php/2013/04/25/security-icedtea-1-11-11-1-12-5-for-openjdk-6-released/"
},
{
"name": "SSRT101252",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=137283787217316\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0130"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk/rev/096ed306159f"
},
{
"name": "RHSA-2013:1455",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
},
{
"name": "SSRT101305",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880"
},
{
"name": "RHSA-2013:0757",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0757.html"
},
{
"name": "HPSBUX02922",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880"
},
{
"name": "oval:org.mitre.oval:def:16578",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16578"
},
{
"name": "oval:org.mitre.oval:def:19385",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19385"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0124"
},
{
"name": "oval:org.mitre.oval:def:19550",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19550"
},
{
"name": "openSUSE-SU-2013:0777",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-05/msg00017.html"
},
{
"name": "MDVSA-2013:161",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:161"
},
{
"name": "59194",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/59194"
},
{
"name": "openSUSE-SU-2013:0964",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00099.html"
},
{
"name": "RHSA-2013:0752",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0752.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=952387"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/f098e2297ff1"
},
{
"name": "USN-1806-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1806-1"
},
{
"name": "RHSA-2013:1456",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
},
{
"name": "20130205 Re: [SE-2012-01] Details of issues fixed by Feb\t2013 Java SE CPU",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2013/Feb/18"
},
{
"name": "SUSE-SU-2013:0814",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00007.html"
},
{
"name": "MDVSA-2013:150",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released/"
},
{
"name": "SUSE-SU-2013:0934",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00007.html"
},
{
"name": "HPSBUX02889",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=137283787217316\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-04-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to the default java.rmi.server.useCodebaseOnly setting of false, which allows remote attackers to perform \"dynamic class downloading\" and execute arbitrary code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "SUSE-SU-2013:0835",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00013.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.oracle.com/technetwork/java/javase/7u21-relnotes-1932873.html#rmichanges"
},
{
"name": "GLSA-201406-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "[distro-pkg-dev] 20130417 [SECURITY] IcedTea 1.11.10 for OpenJDK 6 Released!",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2013-April/022796.html"
},
{
"name": "SUSE-SU-2013:0871",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00001.html"
},
{
"name": "RHSA-2013:0758",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0758.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.security-explorations.com/en/SE-2012-01-details.html"
},
{
"name": "APPLE-SA-2013-04-16-2",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2013/Apr/msg00001.html"
},
{
"name": "MDVSA-2013:145",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:145"
},
{
"name": "TA13-107A",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.us-cert.gov/ncas/alerts/TA13-107A"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blog.fuseyism.com/index.php/2013/04/25/security-icedtea-1-11-11-1-12-5-for-openjdk-6-released/"
},
{
"name": "SSRT101252",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=137283787217316\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0130"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk/rev/096ed306159f"
},
{
"name": "RHSA-2013:1455",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
},
{
"name": "SSRT101305",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880"
},
{
"name": "RHSA-2013:0757",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0757.html"
},
{
"name": "HPSBUX02922",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880"
},
{
"name": "oval:org.mitre.oval:def:16578",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16578"
},
{
"name": "oval:org.mitre.oval:def:19385",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19385"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0124"
},
{
"name": "oval:org.mitre.oval:def:19550",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19550"
},
{
"name": "openSUSE-SU-2013:0777",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-05/msg00017.html"
},
{
"name": "MDVSA-2013:161",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:161"
},
{
"name": "59194",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/59194"
},
{
"name": "openSUSE-SU-2013:0964",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00099.html"
},
{
"name": "RHSA-2013:0752",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0752.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=952387"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/f098e2297ff1"
},
{
"name": "USN-1806-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1806-1"
},
{
"name": "RHSA-2013:1456",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
},
{
"name": "20130205 Re: [SE-2012-01] Details of issues fixed by Feb\t2013 Java SE CPU",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2013/Feb/18"
},
{
"name": "SUSE-SU-2013:0814",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00007.html"
},
{
"name": "MDVSA-2013:150",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released/"
},
{
"name": "SUSE-SU-2013:0934",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00007.html"
},
{
"name": "HPSBUX02889",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=137283787217316\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2013-1537",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to the default java.rmi.server.useCodebaseOnly setting of false, which allows remote attackers to perform \"dynamic class downloading\" and execute arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SUSE-SU-2013:0835",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00013.html"
},
{
"name": "http://www.oracle.com/technetwork/java/javase/7u21-relnotes-1932873.html#rmichanges",
"refsource": "MISC",
"url": "http://www.oracle.com/technetwork/java/javase/7u21-relnotes-1932873.html#rmichanges"
},
{
"name": "GLSA-201406-32",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "[distro-pkg-dev] 20130417 [SECURITY] IcedTea 1.11.10 for OpenJDK 6 Released!",
"refsource": "MLIST",
"url": "http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2013-April/022796.html"
},
{
"name": "SUSE-SU-2013:0871",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00001.html"
},
{
"name": "RHSA-2013:0758",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0758.html"
},
{
"name": "http://www.security-explorations.com/en/SE-2012-01-details.html",
"refsource": "MISC",
"url": "http://www.security-explorations.com/en/SE-2012-01-details.html"
},
{
"name": "APPLE-SA-2013-04-16-2",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2013/Apr/msg00001.html"
},
{
"name": "MDVSA-2013:145",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:145"
},
{
"name": "TA13-107A",
"refsource": "CERT",
"url": "http://www.us-cert.gov/ncas/alerts/TA13-107A"
},
{
"name": "http://blog.fuseyism.com/index.php/2013/04/25/security-icedtea-1-11-11-1-12-5-for-openjdk-6-released/",
"refsource": "CONFIRM",
"url": "http://blog.fuseyism.com/index.php/2013/04/25/security-icedtea-1-11-11-1-12-5-for-openjdk-6-released/"
},
{
"name": "SSRT101252",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=137283787217316\u0026w=2"
},
{
"name": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0130",
"refsource": "CONFIRM",
"url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0130"
},
{
"name": "http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk/rev/096ed306159f",
"refsource": "CONFIRM",
"url": "http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk/rev/096ed306159f"
},
{
"name": "RHSA-2013:1455",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
},
{
"name": "SSRT101305",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880"
},
{
"name": "RHSA-2013:0757",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0757.html"
},
{
"name": "HPSBUX02922",
"refsource": "HP",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880"
},
{
"name": "oval:org.mitre.oval:def:16578",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16578"
},
{
"name": "oval:org.mitre.oval:def:19385",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19385"
},
{
"name": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0124",
"refsource": "CONFIRM",
"url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0124"
},
{
"name": "oval:org.mitre.oval:def:19550",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19550"
},
{
"name": "openSUSE-SU-2013:0777",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-05/msg00017.html"
},
{
"name": "MDVSA-2013:161",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:161"
},
{
"name": "59194",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/59194"
},
{
"name": "openSUSE-SU-2013:0964",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00099.html"
},
{
"name": "RHSA-2013:0752",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0752.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=952387",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=952387"
},
{
"name": "http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/f098e2297ff1",
"refsource": "CONFIRM",
"url": "http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/f098e2297ff1"
},
{
"name": "USN-1806-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1806-1"
},
{
"name": "RHSA-2013:1456",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
},
{
"name": "20130205 Re: [SE-2012-01] Details of issues fixed by Feb\t2013 Java SE CPU",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2013/Feb/18"
},
{
"name": "SUSE-SU-2013:0814",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00007.html"
},
{
"name": "MDVSA-2013:150",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html"
},
{
"name": "http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released/",
"refsource": "CONFIRM",
"url": "http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released/"
},
{
"name": "SUSE-SU-2013:0934",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00007.html"
},
{
"name": "HPSBUX02889",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=137283787217316\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2013-1537",
"datePublished": "2013-04-17T15:00:00",
"dateReserved": "2013-01-30T00:00:00",
"dateUpdated": "2024-08-06T15:04:49.454Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2391 (GCVE-0-2013-2391)
Vulnerability from cvelistv5 – Published: 2013-04-17 14:00 – Updated: 2024-08-06 15:36
VLAI?
EPSS
Summary
Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows local users to affect confidentiality and integrity via unknown vectors related to Server Install.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:36:46.443Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "53372",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/53372"
},
{
"name": "GLSA-201308-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html"
},
{
"name": "RHSA-2013:0772",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0772.html"
},
{
"name": "MDVSA-2013:150",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-04-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows local users to affect confidentiality and integrity via unknown vectors related to Server Install."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-02-10T22:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "53372",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/53372"
},
{
"name": "GLSA-201308-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html"
},
{
"name": "RHSA-2013:0772",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0772.html"
},
{
"name": "MDVSA-2013:150",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2013-2391",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows local users to affect confidentiality and integrity via unknown vectors related to Server Install."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "53372",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/53372"
},
{
"name": "GLSA-201308-06",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html"
},
{
"name": "RHSA-2013:0772",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0772.html"
},
{
"name": "MDVSA-2013:150",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2013-2391",
"datePublished": "2013-04-17T14:00:00",
"dateReserved": "2013-03-05T00:00:00",
"dateUpdated": "2024-08-06T15:36:46.443Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3804 (GCVE-0-2013-3804)
Vulnerability from cvelistv5 – Published: 2013-07-17 10:00 – Updated: 2024-08-06 16:22
VLAI?
EPSS
Summary
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:22:00.907Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "95328",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/95328"
},
{
"name": "54300",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54300"
},
{
"name": "DSA-2818",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2013/dsa-2818"
},
{
"name": "53372",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/53372"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"name": "GLSA-201308-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"
},
{
"name": "openSUSE-SU-2013:1335",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html"
},
{
"name": "USN-1909-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1909-1"
},
{
"name": "SUSE-SU-2013:1390",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html"
},
{
"name": "oracle-cpujuly2013-cve20133804(85715)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85715"
},
{
"name": "openSUSE-SU-2013:1410",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html"
},
{
"name": "SUSE-SU-2013:1529",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-07-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "95328",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/95328"
},
{
"name": "54300",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54300"
},
{
"name": "DSA-2818",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2013/dsa-2818"
},
{
"name": "53372",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/53372"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"name": "GLSA-201308-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"
},
{
"name": "openSUSE-SU-2013:1335",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html"
},
{
"name": "USN-1909-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1909-1"
},
{
"name": "SUSE-SU-2013:1390",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html"
},
{
"name": "oracle-cpujuly2013-cve20133804(85715)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85715"
},
{
"name": "openSUSE-SU-2013:1410",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html"
},
{
"name": "SUSE-SU-2013:1529",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2013-3804",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95328",
"refsource": "OSVDB",
"url": "http://osvdb.org/95328"
},
{
"name": "54300",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54300"
},
{
"name": "DSA-2818",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2013/dsa-2818"
},
{
"name": "53372",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/53372"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"name": "GLSA-201308-06",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"
},
{
"name": "openSUSE-SU-2013:1335",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html"
},
{
"name": "USN-1909-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1909-1"
},
{
"name": "SUSE-SU-2013:1390",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html"
},
{
"name": "oracle-cpujuly2013-cve20133804(85715)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85715"
},
{
"name": "openSUSE-SU-2013:1410",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html"
},
{
"name": "SUSE-SU-2013:1529",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2013-3804",
"datePublished": "2013-07-17T10:00:00",
"dateReserved": "2013-06-03T00:00:00",
"dateUpdated": "2024-08-06T16:22:00.907Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3802 (GCVE-0-2013-3802)
Vulnerability from cvelistv5 – Published: 2013-07-17 10:00 – Updated: 2024-08-06 16:22
VLAI?
EPSS
Summary
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Full Text Search.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:22:00.878Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "54300",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54300"
},
{
"name": "DSA-2818",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2013/dsa-2818"
},
{
"name": "oracle-cpujuly2013-cve20133802(85712)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85712"
},
{
"name": "95325",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/95325"
},
{
"name": "53372",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/53372"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"name": "GLSA-201308-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"
},
{
"name": "openSUSE-SU-2013:1335",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html"
},
{
"name": "USN-1909-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-1909-1"
},
{
"name": "SUSE-SU-2013:1390",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html"
},
{
"name": "openSUSE-SU-2013:1410",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html"
},
{
"name": "61244",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/61244"
},
{
"name": "SUSE-SU-2013:1529",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-07-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Full Text Search."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "54300",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54300"
},
{
"name": "DSA-2818",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2013/dsa-2818"
},
{
"name": "oracle-cpujuly2013-cve20133802(85712)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85712"
},
{
"name": "95325",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/95325"
},
{
"name": "53372",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/53372"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"name": "GLSA-201308-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"
},
{
"name": "openSUSE-SU-2013:1335",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html"
},
{
"name": "USN-1909-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-1909-1"
},
{
"name": "SUSE-SU-2013:1390",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html"
},
{
"name": "openSUSE-SU-2013:1410",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html"
},
{
"name": "61244",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/61244"
},
{
"name": "SUSE-SU-2013:1529",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2013-3802",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.69 and earlier, 5.5.31 and earlier, and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Full Text Search."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "54300",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54300"
},
{
"name": "DSA-2818",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2013/dsa-2818"
},
{
"name": "oracle-cpujuly2013-cve20133802(85712)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85712"
},
{
"name": "95325",
"refsource": "OSVDB",
"url": "http://osvdb.org/95325"
},
{
"name": "53372",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/53372"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"
},
{
"name": "GLSA-201308-06",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"
},
{
"name": "openSUSE-SU-2013:1335",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html"
},
{
"name": "USN-1909-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-1909-1"
},
{
"name": "SUSE-SU-2013:1390",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html"
},
{
"name": "openSUSE-SU-2013:1410",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html"
},
{
"name": "61244",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/61244"
},
{
"name": "SUSE-SU-2013:1529",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2013-3802",
"datePublished": "2013-07-17T10:00:00",
"dateReserved": "2013-06-03T00:00:00",
"dateUpdated": "2024-08-06T16:22:00.878Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-1511 (GCVE-0-2013-1511)
Vulnerability from cvelistv5 – Published: 2013-04-17 05:04 – Updated: 2024-08-06 15:04
VLAI?
EPSS
Summary
Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:04:49.067Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "53372",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/53372"
},
{
"name": "GLSA-201308-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html"
},
{
"name": "MDVSA-2013:150",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-04-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-14T14:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "53372",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/53372"
},
{
"name": "GLSA-201308-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html"
},
{
"name": "MDVSA-2013:150",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2013-1511",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle MySQL 5.5.30 and earlier and 5.6.10 and earlier allows remote authenticated users to affect availability via unknown vectors related to InnoDB."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "53372",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/53372"
},
{
"name": "GLSA-201308-06",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html"
},
{
"name": "MDVSA-2013:150",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2013-1511",
"datePublished": "2013-04-17T05:04:00",
"dateReserved": "2013-01-30T00:00:00",
"dateUpdated": "2024-08-06T15:04:49.067Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-3413 (GCVE-0-2014-3413)
Vulnerability from cvelistv5 – Published: 2018-04-05 17:00 – Updated: 2024-08-06 10:43
VLAI?
EPSS
Summary
The MySQL server in Juniper Networks Junos Space before 13.3R1.8 has an unspecified account with a hardcoded password, which allows remote attackers to obtain sensitive information and consequently obtain administrative control by leveraging database access.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:43:05.519Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2014-01"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10627"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-05-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The MySQL server in Juniper Networks Junos Space before 13.3R1.8 has an unspecified account with a hardcoded password, which allows remote attackers to obtain sensitive information and consequently obtain administrative control by leveraging database access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-04-05T16:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2014-01"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10627"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-3413",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The MySQL server in Juniper Networks Junos Space before 13.3R1.8 has an unspecified account with a hardcoded password, which allows remote attackers to obtain sensitive information and consequently obtain administrative control by leveraging database access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.tenable.com/security/research/tra-2014-01",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2014-01"
},
{
"name": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10627",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10627"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-3413",
"datePublished": "2018-04-05T17:00:00",
"dateReserved": "2014-05-07T00:00:00",
"dateUpdated": "2024-08-06T10:43:05.519Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-2375 (GCVE-0-2013-2375)
Vulnerability from cvelistv5 – Published: 2013-04-17 14:00 – Updated: 2024-08-06 15:36
VLAI?
EPSS
Summary
Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:36:46.161Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "53372",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/53372"
},
{
"name": "GLSA-201308-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html"
},
{
"name": "RHSA-2013:0772",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0772.html"
},
{
"name": "MDVSA-2013:150",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-04-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-02-10T22:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "53372",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/53372"
},
{
"name": "GLSA-201308-06",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html"
},
{
"name": "RHSA-2013:0772",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0772.html"
},
{
"name": "MDVSA-2013:150",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2013-2375",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "53372",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/53372"
},
{
"name": "GLSA-201308-06",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"
},
{
"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html"
},
{
"name": "RHSA-2013:0772",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0772.html"
},
{
"name": "MDVSA-2013:150",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2013-2375",
"datePublished": "2013-04-17T14:00:00",
"dateReserved": "2013-03-05T00:00:00",
"dateUpdated": "2024-08-06T15:36:46.161Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…