FKIE_CVE-2013-2462
Vulnerability from fkie_nvd - Published: 2013-06-18 22:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | jre | * | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jdk | * | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.7.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jre:*:update21:*:*:*:*:*:*",
"matchCriteriaId": "42F9C9BD-C6F4-4E9B-B5BE-A776259B5A3F",
"versionEndIncluding": "1.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5C27372B-A091-46D5-AE39-A44BBB1D9EE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "F4B153FD-E20B-4909-8B10-884E48F5B590",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update10:*:*:*:*:*:*",
"matchCriteriaId": "F21933FB-A27C-4AF3-9811-2DE28484A5A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update11:*:*:*:*:*:*",
"matchCriteriaId": "B2B20041-EB5D-4FA4-AC7D-C35E7878BCFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update13:*:*:*:*:*:*",
"matchCriteriaId": "F3C3C9C7-73AE-4B1D-AA85-C7F5330A4DE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update15:*:*:*:*:*:*",
"matchCriteriaId": "1D8BB8D7-D5EC-42D6-BEAA-CB03D1D6513E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update17:*:*:*:*:*:*",
"matchCriteriaId": "37B5B98B-0E41-4397-8AB0-C18C6F10AED1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "CB106FA9-26CE-48C5-AEA5-FD1A5454AEE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "5831D70B-3854-4CB8-B88D-40F1743DAEE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "EEB101C9-CA38-4421-BC0C-C1AD47AA2CC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "BA302DF3-ABBB-4262-B206-4C0F7B5B1E91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "F9A8EBCB-5E6A-42F0-8D07-F3A3D1C850F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update7:*:*:*:*:*:*",
"matchCriteriaId": "0CD8A54E-185B-4D34-82EF-C0C05739EC12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update9:*:*:*:*:*:*",
"matchCriteriaId": "4FFC7F0D-1F32-4235-8359-277CE41382DF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:*:update21:*:*:*:*:*:*",
"matchCriteriaId": "E84798AA-D2D0-49C7-BB4D-A331E5FDCF49",
"versionEndIncluding": "1.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E44FC8AF-F76F-4A8E-8D03-4F8BCA8CB031",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*",
"matchCriteriaId": "6152036D-6421-4AE4-9223-766FE07B5A44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update10:*:*:*:*:*:*",
"matchCriteriaId": "FE8B0935-6637-413D-B896-28E0ED7F2CEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update11:*:*:*:*:*:*",
"matchCriteriaId": "30B480BC-0886-4B19-B0A5-57B531077F40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update13:*:*:*:*:*:*",
"matchCriteriaId": "7FA1990D-BBC2-429C-872C-6150459516B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update15:*:*:*:*:*:*",
"matchCriteriaId": "8DC2887E-610B-42FE-9A96-1E2F01BF17A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update17:*:*:*:*:*:*",
"matchCriteriaId": "130849CD-A581-4FE6-B2AA-99134F16FE65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*",
"matchCriteriaId": "D375CECB-405C-4E18-A7E8-9C5A2F97BD69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*",
"matchCriteriaId": "52EEEA5A-E77C-43CF-A063-9D5C64EA1870",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*",
"matchCriteriaId": "003746F6-DEF0-4D0F-AD97-9E335868E301",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update5:*:*:*:*:*:*",
"matchCriteriaId": "CF830E0E-0169-4B6A-81FF-2E9FCD7D913B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update6:*:*:*:*:*:*",
"matchCriteriaId": "6BAE3670-0938-480A-8472-DFF0B3A0D0BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update7:*:*:*:*:*:*",
"matchCriteriaId": "0EC967FF-26A6-4498-BC09-EC23B2B75CBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update9:*:*:*:*:*:*",
"matchCriteriaId": "02781457-4E40-46A9-A5F7-945232A8C2B1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Oracle Java SE 7 Update 21 y anteriores permite a atacantes remotos afectar a la integridad, confidencialidad y disponibilidad mediante vectores relacionados con Deployment."
}
],
"evaluatorComment": "Per: http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html\r\n\r\n\u0027Applies to client deployment of Java only. This vulnerability can be exploited only through sandboxed Java Web Start applications and sandboxed Java applets.\u0027",
"id": "CVE-2013-2462",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-06-18T22:55:02.747",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=137545505800971\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0963.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/54154"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21642336"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/ncas/alerts/TA13-169A"
},
{
"source": "secalert_us@oracle.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17257"
},
{
"source": "secalert_us@oracle.com",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19378"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=137545505800971\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0963.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/54154"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21642336"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.us-cert.gov/ncas/alerts/TA13-169A"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17257"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19378"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…