FKIE_CVE-2013-4578

Vulnerability from fkie_nvd - Published: 2017-12-29 22:29 - Updated: 2025-04-20 01:37
Severity ?
5.3 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Summary
jarsigner in OpenJDK and Oracle Java SE before 7u51 allows remote attackers to bypass a code-signing protection mechanism and inject unsigned bytecode into a signed JAR file by leveraging improper file validation.
References
secalert@redhat.comhttp://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/d5f36e1c927ePatch, Vendor Advisory
secalert@redhat.comhttp://www.openwall.com/lists/oss-security/2015/02/08/6Mailing List, Third Party Advisory
secalert@redhat.comhttp://www.openwall.com/lists/oss-security/2015/02/09/9Mailing List, Third Party Advisory
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2014:0414Patch, Third Party Advisory, VDB Entry
secalert@redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=1031471Issue Tracking, Patch, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/d5f36e1c927ePatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2015/02/08/6Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2015/02/09/9Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2014:0414Patch, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=1031471Issue Tracking, Patch, Third Party Advisory, VDB Entry
Impacted products
Vendor Product Version
oracle jdk 1.7.0
oracle jdk 1.7.0
oracle jdk 1.7.0
oracle jdk 1.7.0
oracle jdk 1.7.0
oracle jdk 1.7.0
oracle jdk 1.7.0
oracle jdk 1.7.0
oracle jdk 1.7.0
oracle jdk 1.7.0
oracle jdk 1.7.0
oracle jdk 1.7.0
oracle jdk 1.7.0
oracle jdk 1.7.0
oracle jdk 1.7.0
oracle jdk 1.7.0
oracle jdk 1.7.0
oracle jdk 1.7.0
oracle jdk 1.7.0
oracle jdk 1.7.0
oracle jdk 1.7.0
oracle jdk 1.7.0
oracle jdk 1.7.0
oracle jdk 1.7.0
oracle jdk 1.7.0
oracle jdk 1.7.0
oracle jdk 1.7.0
oracle jdk 1.7.0
oracle jdk 1.7.0
oracle jdk 1.7.0
oracle jdk 1.7.0
oracle jdk 1.7.0
oracle jdk 1.7.0
oracle jre 1.7.0
oracle jre 1.7.0
oracle jre 1.7.0
oracle jre 1.7.0
oracle jre 1.7.0
oracle jre 1.7.0
oracle jre 1.7.0
oracle jre 1.7.0
oracle jre 1.7.0
oracle jre 1.7.0
oracle jre 1.7.0
oracle jre 1.7.0
oracle jre 1.7.0
oracle jre 1.7.0
oracle jre 1.7.0
oracle jre 1.7.0
oracle jre 1.7.0
oracle jre 1.7.0
oracle jre 1.7.0
oracle jre 1.7.0
oracle jre 1.7.0
oracle jre 1.7.0
oracle jre 1.7.0
oracle jre 1.7.0
oracle jre 1.7.0
oracle jre 1.7.0
oracle jre 1.7.0
oracle jre 1.7.0
oracle jre 1.7.0
oracle jre 1.7.0
oracle jre 1.7.0
oracle jre 1.7.0
oracle jre 1.7.0
oracle jdk *
oracle jre *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*",
              "matchCriteriaId": "6152036D-6421-4AE4-9223-766FE07B5A44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update10:*:*:*:*:*:*",
              "matchCriteriaId": "FE8B0935-6637-413D-B896-28E0ED7F2CEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update10_b31:*:*:*:*:*:*",
              "matchCriteriaId": "961EA7A1-1D15-4593-8045-4488225A35B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update11:*:*:*:*:*:*",
              "matchCriteriaId": "30B480BC-0886-4B19-B0A5-57B531077F40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update11_b32:*:*:*:*:*:*",
              "matchCriteriaId": "E03D6E3B-7BC1-4968-8190-3EE383B581A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update13:*:*:*:*:*:*",
              "matchCriteriaId": "7FA1990D-BBC2-429C-872C-6150459516B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update15:*:*:*:*:*:*",
              "matchCriteriaId": "8DC2887E-610B-42FE-9A96-1E2F01BF17A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update17:*:*:*:*:*:*",
              "matchCriteriaId": "130849CD-A581-4FE6-B2AA-99134F16FE65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update17_b31:*:*:*:*:*:*",
              "matchCriteriaId": "D9ED7306-CB1F-4E50-9C5C-E1746F1E5D12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update17_b32:*:*:*:*:*:*",
              "matchCriteriaId": "F2D5B1D3-0D27-41A7-B4F9-3788272E1DEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*",
              "matchCriteriaId": "D375CECB-405C-4E18-A7E8-9C5A2F97BD69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update21:*:*:*:*:*:*",
              "matchCriteriaId": "50AF5AE9-5314-4CE7-95A7-CE6D1B036D23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update21_b31:*:*:*:*:*:*",
              "matchCriteriaId": "29E8513E-09C8-4679-A84D-7DD50093E5B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update25:*:*:*:*:*:*",
              "matchCriteriaId": "1B10B19C-FA60-4CD5-AA61-A9791F6CECA8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update25_b33:*:*:*:*:*:*",
              "matchCriteriaId": "4AE3DEB6-A368-4BFA-AA8B-2D5AEF812199",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update25_b34:*:*:*:*:*:*",
              "matchCriteriaId": "2A291196-FA04-4897-B2B0-E078C51E8C14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update25_b35:*:*:*:*:*:*",
              "matchCriteriaId": "FD014E94-E45B-4DCD-B345-12DDD59F358C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*",
              "matchCriteriaId": "52EEEA5A-E77C-43CF-A063-9D5C64EA1870",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*",
              "matchCriteriaId": "003746F6-DEF0-4D0F-AD97-9E335868E301",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update40:*:*:*:*:*:*",
              "matchCriteriaId": "220536FA-695D-4DE8-9813-494E3D061B78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update45:*:*:*:*:*:*",
              "matchCriteriaId": "45B89CBB-BF1F-4887-BD28-6D6FB77AD18A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update45_b31:*:*:*:*:*:*",
              "matchCriteriaId": "8288A04E-B4C0-499D-B5F0-E93B99C76DE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update45_b32:*:*:*:*:*:*",
              "matchCriteriaId": "55AA22EE-0B24-4768-B8D3-89A8065454EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update45_b33:*:*:*:*:*:*",
              "matchCriteriaId": "DC399FA2-1B97-42D5-980B-20ED438A09EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update45_b34:*:*:*:*:*:*",
              "matchCriteriaId": "218A03B4-9443-4312-A63A-F1BE0682868D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update5:*:*:*:*:*:*",
              "matchCriteriaId": "CF830E0E-0169-4B6A-81FF-2E9FCD7D913B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update51:*:*:*:*:*:*",
              "matchCriteriaId": "3343969B-2926-4C55-8787-792ABF6429D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update6:*:*:*:*:*:*",
              "matchCriteriaId": "6BAE3670-0938-480A-8472-DFF0B3A0D0BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update7:*:*:*:*:*:*",
              "matchCriteriaId": "0EC967FF-26A6-4498-BC09-EC23B2B75CBA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update7_b32:*:*:*:*:*:*",
              "matchCriteriaId": "270DE3F5-C51F-4E62-B532-7773BCF8CC7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update9:*:*:*:*:*:*",
              "matchCriteriaId": "02781457-4E40-46A9-A5F7-945232A8C2B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update9_b31:*:*:*:*:*:*",
              "matchCriteriaId": "5ED1BA76-BCA4-483F-B238-39FA792984BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update9_b32:*:*:*:*:*:*",
              "matchCriteriaId": "D450D249-DD3B-435F-B006-C44A215A3DC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*",
              "matchCriteriaId": "F4B153FD-E20B-4909-8B10-884E48F5B590",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update10:*:*:*:*:*:*",
              "matchCriteriaId": "F21933FB-A27C-4AF3-9811-2DE28484A5A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update10_b31:*:*:*:*:*:*",
              "matchCriteriaId": "61B7A9E2-14BE-40E3-AF51-1BA6FC612170",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update11:*:*:*:*:*:*",
              "matchCriteriaId": "B2B20041-EB5D-4FA4-AC7D-C35E7878BCFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update11_b32:*:*:*:*:*:*",
              "matchCriteriaId": "2438C775-5722-4AE6-98A8-354ABB6E0744",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update13:*:*:*:*:*:*",
              "matchCriteriaId": "F3C3C9C7-73AE-4B1D-AA85-C7F5330A4DE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update15:*:*:*:*:*:*",
              "matchCriteriaId": "1D8BB8D7-D5EC-42D6-BEAA-CB03D1D6513E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update17:*:*:*:*:*:*",
              "matchCriteriaId": "37B5B98B-0E41-4397-8AB0-C18C6F10AED1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update17_b31:*:*:*:*:*:*",
              "matchCriteriaId": "B0228195-41B4-4145-B8A4-7B974456ABA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update17_b32:*:*:*:*:*:*",
              "matchCriteriaId": "44F8FB6D-3602-4263-9814-CCB64B8D1926",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*",
              "matchCriteriaId": "CB106FA9-26CE-48C5-AEA5-FD1A5454AEE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update21:*:*:*:*:*:*",
              "matchCriteriaId": "4FF6C211-AD55-40FE-9130-77164E586F62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update21_b31:*:*:*:*:*:*",
              "matchCriteriaId": "2D3257E5-17DB-4E02-9A8E-DD0E4D4339DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update25:*:*:*:*:*:*",
              "matchCriteriaId": "F40DB141-E5B3-4EC2-9E2F-2E27414FCCB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update25_b33:*:*:*:*:*:*",
              "matchCriteriaId": "3391456D-86B0-457B-83BB-4C74DA0ED634",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update25_b34:*:*:*:*:*:*",
              "matchCriteriaId": "AA88EAC0-FD2D-4B38-8944-D4B6C3BD6FE7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update25_b35:*:*:*:*:*:*",
              "matchCriteriaId": "C12DF03E-6E61-41DF-A283-D16AB356B6A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*",
              "matchCriteriaId": "5831D70B-3854-4CB8-B88D-40F1743DAEE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*",
              "matchCriteriaId": "EEB101C9-CA38-4421-BC0C-C1AD47AA2CC9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update40:*:*:*:*:*:*",
              "matchCriteriaId": "7CB654DC-1D3D-4475-8815-335AC573F54C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update45:*:*:*:*:*:*",
              "matchCriteriaId": "A5226952-1972-4572-9F8C-C90D89040FD3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update45_b31:*:*:*:*:*:*",
              "matchCriteriaId": "420E7D70-E1D0-4B0F-B425-921012A4C535",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update45_b32:*:*:*:*:*:*",
              "matchCriteriaId": "019B216D-9A0F-4614-9D60-7EFB087800D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update45_b33:*:*:*:*:*:*",
              "matchCriteriaId": "4E9ACBA1-B1AA-41D7-A4FF-7ACEBB77AE4F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update45_b34:*:*:*:*:*:*",
              "matchCriteriaId": "26C2D713-5050-4ADC-9F20-DB90FFD5E646",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*",
              "matchCriteriaId": "BA302DF3-ABBB-4262-B206-4C0F7B5B1E91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update51:*:*:*:*:*:*",
              "matchCriteriaId": "4DA64EFB-8416-4A0B-91B5-F02CC1A79D40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*",
              "matchCriteriaId": "F9A8EBCB-5E6A-42F0-8D07-F3A3D1C850F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update7:*:*:*:*:*:*",
              "matchCriteriaId": "0CD8A54E-185B-4D34-82EF-C0C05739EC12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update7_b32:*:*:*:*:*:*",
              "matchCriteriaId": "CD27AF64-5AA9-40F0-9308-2B4196FE7653",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update9:*:*:*:*:*:*",
              "matchCriteriaId": "4FFC7F0D-1F32-4235-8359-277CE41382DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update9_b31:*:*:*:*:*:*",
              "matchCriteriaId": "85AAF389-656C-4460-AE39-70703CE74ABF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update9_b32:*:*:*:*:*:*",
              "matchCriteriaId": "5CEBEC4F-12CB-4790-B909-C2E796CEA60A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:oracle:jdk:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E516A72D-806A-4C5F-89AE-589BC1FB364A",
              "versionEndIncluding": "1.7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A33D498-F52E-4321-87B3-10FB0050D66B",
              "versionEndIncluding": "1.7.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "jarsigner in OpenJDK and Oracle Java SE before 7u51 allows remote attackers to bypass a code-signing protection mechanism and inject unsigned bytecode into a signed JAR file by leveraging improper file validation."
    },
    {
      "lang": "es",
      "value": "jarsigner en OpenJDK y Oracle Java SE en versiones anteriores a la 7u51 permite que atacantes remotos omitan un mecanismo de protecci\u00f3n de firma de c\u00f3digo e inyecten c\u00f3digo de bytes no firmado en un archivo JAR firmado aprovechando la validaci\u00f3n incorrecta de archivos."
    }
  ],
  "id": "CVE-2013-4578",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-12-29T22:29:00.207",
  "references": [
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/d5f36e1c927e"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2015/02/08/6"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2015/02/09/9"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2014:0414"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Issue Tracking",
        "Patch",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1031471"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/d5f36e1c927e"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2015/02/08/6"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2015/02/09/9"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2014:0414"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Patch",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1031471"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-74"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.