rhsa-2013_1793
Vulnerability from csaf_redhat
Published
2013-12-05 17:32
Modified
2024-11-05 18:15
Summary
Red Hat Security Advisory: Red Hat Network Satellite server IBM Java Runtime security update
Notes
Topic
Updated java-1.6.0-ibm packages that fix several security issues are now
available for Red Hat Network Satellite Server 5.4, 5.5 and 5.6.
The Red Hat Security Response Team has rated this update as having low
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
Details
This update corrects several security vulnerabilities in the IBM Java
Runtime Environment shipped as part of Red Hat Network Satellite Server
5.4, 5.5 and 5.6. In a typical operating environment, these are of low
security risk as the runtime is not used on untrusted applets.
Several flaws were fixed in the IBM Java 2 Runtime Environment.
(CVE-2013-3829, CVE-2013-4041, CVE-2013-5372, CVE-2013-5375, CVE-2013-5457,
CVE-2013-5772, CVE-2013-5774, CVE-2013-5776, CVE-2013-5778, CVE-2013-5780,
CVE-2013-5782, CVE-2013-5783, CVE-2013-5784, CVE-2013-5787, CVE-2013-5789,
CVE-2013-5797, CVE-2013-5801, CVE-2013-5802, CVE-2013-5803, CVE-2013-5804,
CVE-2013-5809, CVE-2013-5812, CVE-2013-5814, CVE-2013-5817, CVE-2013-5818,
CVE-2013-5819, CVE-2013-5820, CVE-2013-5823, CVE-2013-5824, CVE-2013-5825,
CVE-2013-5829, CVE-2013-5830, CVE-2013-5831, CVE-2013-5832, CVE-2013-5840,
CVE-2013-5842, CVE-2013-5843, CVE-2013-5848, CVE-2013-5849, CVE-2013-5850,
CVE-2013-5851)
Users of Red Hat Network Satellite Server 5.4, 5.5 and 5.6 are advised to
upgrade to these updated packages, which contain the IBM Java SE 6 SR15
release. For this update to take effect, Red Hat Network Satellite Server
must be restarted ("/usr/sbin/rhn-satellite restart"), as well as all
running instances of IBM Java.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated java-1.6.0-ibm packages that fix several security issues are now\navailable for Red Hat Network Satellite Server 5.4, 5.5 and 5.6.\n\nThe Red Hat Security Response Team has rated this update as having low\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This update corrects several security vulnerabilities in the IBM Java\nRuntime Environment shipped as part of Red Hat Network Satellite Server\n5.4, 5.5 and 5.6. In a typical operating environment, these are of low\nsecurity risk as the runtime is not used on untrusted applets.\n\nSeveral flaws were fixed in the IBM Java 2 Runtime Environment.\n(CVE-2013-3829, CVE-2013-4041, CVE-2013-5372, CVE-2013-5375, CVE-2013-5457,\nCVE-2013-5772, CVE-2013-5774, CVE-2013-5776, CVE-2013-5778, CVE-2013-5780,\nCVE-2013-5782, CVE-2013-5783, CVE-2013-5784, CVE-2013-5787, CVE-2013-5789,\nCVE-2013-5797, CVE-2013-5801, CVE-2013-5802, CVE-2013-5803, CVE-2013-5804,\nCVE-2013-5809, CVE-2013-5812, CVE-2013-5814, CVE-2013-5817, CVE-2013-5818,\nCVE-2013-5819, CVE-2013-5820, CVE-2013-5823, CVE-2013-5824, CVE-2013-5825,\nCVE-2013-5829, CVE-2013-5830, CVE-2013-5831, CVE-2013-5832, CVE-2013-5840,\nCVE-2013-5842, CVE-2013-5843, CVE-2013-5848, CVE-2013-5849, CVE-2013-5850,\nCVE-2013-5851)\n\nUsers of Red Hat Network Satellite Server 5.4, 5.5 and 5.6 are advised to\nupgrade to these updated packages, which contain the IBM Java SE 6 SR15\nrelease. For this update to take effect, Red Hat Network Satellite Server\nmust be restarted (\"/usr/sbin/rhn-satellite restart\"), as well as all\nrunning instances of IBM Java.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2013:1793",
"url": "https://access.redhat.com/errata/RHSA-2013:1793"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#low",
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"category": "external",
"summary": "http://www.ibm.com/developerworks/java/jdk/alerts/",
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/"
},
{
"category": "external",
"summary": "1018713",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1018713"
},
{
"category": "external",
"summary": "1018717",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1018717"
},
{
"category": "external",
"summary": "1018720",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1018720"
},
{
"category": "external",
"summary": "1018727",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1018727"
},
{
"category": "external",
"summary": "1018750",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1018750"
},
{
"category": "external",
"summary": "1018785",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1018785"
},
{
"category": "external",
"summary": "1018831",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1018831"
},
{
"category": "external",
"summary": "1018972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1018972"
},
{
"category": "external",
"summary": "1018977",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1018977"
},
{
"category": "external",
"summary": "1018984",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1018984"
},
{
"category": "external",
"summary": "1019108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019108"
},
{
"category": "external",
"summary": "1019110",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019110"
},
{
"category": "external",
"summary": "1019113",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019113"
},
{
"category": "external",
"summary": "1019115",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019115"
},
{
"category": "external",
"summary": "1019117",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019117"
},
{
"category": "external",
"summary": "1019118",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019118"
},
{
"category": "external",
"summary": "1019123",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019123"
},
{
"category": "external",
"summary": "1019127",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019127"
},
{
"category": "external",
"summary": "1019130",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019130"
},
{
"category": "external",
"summary": "1019131",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019131"
},
{
"category": "external",
"summary": "1019133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019133"
},
{
"category": "external",
"summary": "1019137",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019137"
},
{
"category": "external",
"summary": "1019139",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019139"
},
{
"category": "external",
"summary": "1019145",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019145"
},
{
"category": "external",
"summary": "1019147",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019147"
},
{
"category": "external",
"summary": "1019691",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019691"
},
{
"category": "external",
"summary": "1019693",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019693"
},
{
"category": "external",
"summary": "1019697",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019697"
},
{
"category": "external",
"summary": "1019701",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019701"
},
{
"category": "external",
"summary": "1019702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019702"
},
{
"category": "external",
"summary": "1019706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019706"
},
{
"category": "external",
"summary": "1019710",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019710"
},
{
"category": "external",
"summary": "1019712",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019712"
},
{
"category": "external",
"summary": "1019713",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019713"
},
{
"category": "external",
"summary": "1019715",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019715"
},
{
"category": "external",
"summary": "1019716",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019716"
},
{
"category": "external",
"summary": "1019720",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019720"
},
{
"category": "external",
"summary": "1027760",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1027760"
},
{
"category": "external",
"summary": "1027764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1027764"
},
{
"category": "external",
"summary": "1027768",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1027768"
},
{
"category": "external",
"summary": "1027825",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1027825"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2013/rhsa-2013_1793.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Network Satellite server IBM Java Runtime security update",
"tracking": {
"current_release_date": "2024-11-05T18:15:51+00:00",
"generator": {
"date": "2024-11-05T18:15:51+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2013:1793",
"initial_release_date": "2013-12-05T17:32:00+00:00",
"revision_history": [
{
"date": "2013-12-05T17:32:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2013-12-05T17:38:10+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-05T18:15:51+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Satellite 5.4 (RHEL v.5)",
"product": {
"name": "Red Hat Satellite 5.4 (RHEL v.5)",
"product_id": "5Server-Satellite54",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:network_satellite:5.4::el5"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 5.5 (RHEL v.5)",
"product": {
"name": "Red Hat Satellite 5.5 (RHEL v.5)",
"product_id": "5Server-Satellite55",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:network_satellite:5.5::el5"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 5.6 (RHEL v.5)",
"product": {
"name": "Red Hat Satellite 5.6 (RHEL v.5)",
"product_id": "5Server-Satellite56",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:network_satellite:5.6::el5"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 5.4 (RHEL v.6)",
"product": {
"name": "Red Hat Satellite 5.4 (RHEL v.6)",
"product_id": "6Server-Satellite",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:network_satellite:5.4::el6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 5.5 (RHEL v.6)",
"product": {
"name": "Red Hat Satellite 5.5 (RHEL v.6)",
"product_id": "6Server-Satellite55",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:network_satellite:5.5::el6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 5.6 (RHEL v.6)",
"product": {
"name": "Red Hat Satellite 5.6 (RHEL v.6)",
"product_id": "6Server-Satellite56",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:network_satellite:5.6::el6"
}
}
}
],
"category": "product_family",
"name": "Red Hat Satellite"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"product": {
"name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"product_id": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.15.0-1jpp.1.el5?arch=i386\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"product": {
"name": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"product_id": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.15.0-1jpp.1.el5?arch=i386\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"product": {
"name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"product_id": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.15.0-1jpp.1.el5?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"product": {
"name": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"product_id": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.15.0-1jpp.1.el5?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"product": {
"name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"product_id": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.15.0-1jpp.1.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"product": {
"name": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"product_id": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.15.0-1jpp.1.el6?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"product": {
"name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"product_id": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.15.0-1jpp.1.el5?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"product": {
"name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"product_id": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.15.0-1jpp.1.el6?arch=src\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"product": {
"name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"product_id": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.15.0-1jpp.1.el5?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"product": {
"name": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"product_id": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.15.0-1jpp.1.el5?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"product": {
"name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"product_id": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-ibm@1.6.0.15.0-1jpp.1.el6?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"product": {
"name": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"product_id": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-ibm-devel@1.6.0.15.0-1jpp.1.el6?arch=s390x\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386 as a component of Red Hat Satellite 5.4 (RHEL v.5)",
"product_id": "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386"
},
"product_reference": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"relates_to_product_reference": "5Server-Satellite54"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x as a component of Red Hat Satellite 5.4 (RHEL v.5)",
"product_id": "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x"
},
"product_reference": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"relates_to_product_reference": "5Server-Satellite54"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src as a component of Red Hat Satellite 5.4 (RHEL v.5)",
"product_id": "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src"
},
"product_reference": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"relates_to_product_reference": "5Server-Satellite54"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64 as a component of Red Hat Satellite 5.4 (RHEL v.5)",
"product_id": "5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Server-Satellite54"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386 as a component of Red Hat Satellite 5.4 (RHEL v.5)",
"product_id": "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386"
},
"product_reference": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"relates_to_product_reference": "5Server-Satellite54"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x as a component of Red Hat Satellite 5.4 (RHEL v.5)",
"product_id": "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x"
},
"product_reference": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"relates_to_product_reference": "5Server-Satellite54"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64 as a component of Red Hat Satellite 5.4 (RHEL v.5)",
"product_id": "5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Server-Satellite54"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x as a component of Red Hat Satellite 5.5 (RHEL v.5)",
"product_id": "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x"
},
"product_reference": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"relates_to_product_reference": "5Server-Satellite55"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src as a component of Red Hat Satellite 5.5 (RHEL v.5)",
"product_id": "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src"
},
"product_reference": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"relates_to_product_reference": "5Server-Satellite55"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64 as a component of Red Hat Satellite 5.5 (RHEL v.5)",
"product_id": "5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Server-Satellite55"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x as a component of Red Hat Satellite 5.5 (RHEL v.5)",
"product_id": "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x"
},
"product_reference": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"relates_to_product_reference": "5Server-Satellite55"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64 as a component of Red Hat Satellite 5.5 (RHEL v.5)",
"product_id": "5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Server-Satellite55"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x as a component of Red Hat Satellite 5.6 (RHEL v.5)",
"product_id": "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x"
},
"product_reference": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"relates_to_product_reference": "5Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src as a component of Red Hat Satellite 5.6 (RHEL v.5)",
"product_id": "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src"
},
"product_reference": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"relates_to_product_reference": "5Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64 as a component of Red Hat Satellite 5.6 (RHEL v.5)",
"product_id": "5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x as a component of Red Hat Satellite 5.6 (RHEL v.5)",
"product_id": "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x"
},
"product_reference": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"relates_to_product_reference": "5Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64 as a component of Red Hat Satellite 5.6 (RHEL v.5)",
"product_id": "5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64"
},
"product_reference": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"relates_to_product_reference": "5Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x as a component of Red Hat Satellite 5.5 (RHEL v.6)",
"product_id": "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x"
},
"product_reference": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"relates_to_product_reference": "6Server-Satellite55"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src as a component of Red Hat Satellite 5.5 (RHEL v.6)",
"product_id": "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src"
},
"product_reference": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"relates_to_product_reference": "6Server-Satellite55"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64 as a component of Red Hat Satellite 5.5 (RHEL v.6)",
"product_id": "6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64"
},
"product_reference": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"relates_to_product_reference": "6Server-Satellite55"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x as a component of Red Hat Satellite 5.5 (RHEL v.6)",
"product_id": "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x"
},
"product_reference": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"relates_to_product_reference": "6Server-Satellite55"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64 as a component of Red Hat Satellite 5.5 (RHEL v.6)",
"product_id": "6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
},
"product_reference": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"relates_to_product_reference": "6Server-Satellite55"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x as a component of Red Hat Satellite 5.6 (RHEL v.6)",
"product_id": "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x"
},
"product_reference": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"relates_to_product_reference": "6Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src as a component of Red Hat Satellite 5.6 (RHEL v.6)",
"product_id": "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src"
},
"product_reference": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"relates_to_product_reference": "6Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64 as a component of Red Hat Satellite 5.6 (RHEL v.6)",
"product_id": "6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64"
},
"product_reference": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"relates_to_product_reference": "6Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x as a component of Red Hat Satellite 5.6 (RHEL v.6)",
"product_id": "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x"
},
"product_reference": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"relates_to_product_reference": "6Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64 as a component of Red Hat Satellite 5.6 (RHEL v.6)",
"product_id": "6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
},
"product_reference": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"relates_to_product_reference": "6Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x as a component of Red Hat Satellite 5.4 (RHEL v.6)",
"product_id": "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x"
},
"product_reference": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"relates_to_product_reference": "6Server-Satellite"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src as a component of Red Hat Satellite 5.4 (RHEL v.6)",
"product_id": "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src"
},
"product_reference": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"relates_to_product_reference": "6Server-Satellite"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64 as a component of Red Hat Satellite 5.4 (RHEL v.6)",
"product_id": "6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64"
},
"product_reference": "java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"relates_to_product_reference": "6Server-Satellite"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x as a component of Red Hat Satellite 5.4 (RHEL v.6)",
"product_id": "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x"
},
"product_reference": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"relates_to_product_reference": "6Server-Satellite"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64 as a component of Red Hat Satellite 5.4 (RHEL v.6)",
"product_id": "6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
},
"product_reference": "java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"relates_to_product_reference": "6Server-Satellite"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2013-3829",
"discovery_date": "2013-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1019133"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java SE, Java SE Embedded component in Oracle Java SE Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: java.util.TimeZone does not restrict setting of default time zone (Libraries, 8001029)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-3829"
},
{
"category": "external",
"summary": "RHBZ#1019133",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019133"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-3829",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-3829"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-3829",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-3829"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
}
],
"release_date": "2013-10-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-12-05T17:32:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1793"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: java.util.TimeZone does not restrict setting of default time zone (Libraries, 8001029)"
},
{
"cve": "CVE-2013-4041",
"discovery_date": "2013-11-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1027764"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in IBM Java SDK 5.0.0 before SR16 FP4, 7.0.0 before SR6, 6.0.1 before SR7, and 6.0.0 before SR15 allows remote attackers to access restricted classes via unspecified vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified sandbox bypass (JVM)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-4041"
},
{
"category": "external",
"summary": "RHBZ#1027764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1027764"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-4041",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4041"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-4041",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4041"
}
],
"release_date": "2013-11-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-12-05T17:32:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1793"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "JDK: unspecified sandbox bypass (JVM)"
},
{
"cve": "CVE-2013-5372",
"discovery_date": "2013-11-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1027825"
}
],
"notes": [
{
"category": "description",
"text": "The XML4J parser in IBM WebSphere Message Broker 6.1 before 6.1.0.12, 7.0 before 7.0.0.7, and 8.0 before 8.0.0.4 and IBM Integration Bus 9.0 before 9.0.0.1 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document that triggers expansion for many entities.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: XML4J xml entity expansion excessive memory use (XML)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-5372"
},
{
"category": "external",
"summary": "RHBZ#1027825",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1027825"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-5372",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5372"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5372",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5372"
}
],
"release_date": "2013-11-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-12-05T17:32:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1793"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JDK: XML4J xml entity expansion excessive memory use (XML)"
},
{
"cve": "CVE-2013-5375",
"discovery_date": "2013-11-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1027768"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6, 6.0.1 before SR7, 6.0.0 before SR15, and 5.0.0 before SR16 FP4 allows remote attackers to access restricted classes via unspecified vectors related to XML and XSL.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified sandbox bypass (XML)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-5375"
},
{
"category": "external",
"summary": "RHBZ#1027768",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1027768"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-5375",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5375"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5375",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5375"
}
],
"release_date": "2013-11-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-12-05T17:32:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1793"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JDK: unspecified sandbox bypass (XML)"
},
{
"cve": "CVE-2013-5457",
"discovery_date": "2013-11-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1027760"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6, 6.0.1 before SR7, and 6.0.0 before SR15 allows remote attackers to execute arbitrary code via unspecified vectors.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified sandbox bypass (ORB)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-5457"
},
{
"category": "external",
"summary": "RHBZ#1027760",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1027760"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-5457",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5457"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5457",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5457"
}
],
"release_date": "2013-11-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-12-05T17:32:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1793"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "JDK: unspecified sandbox bypass (ORB)"
},
{
"cve": "CVE-2013-5772",
"discovery_date": "2013-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1018717"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java SE component in Oracle Java SE Java SE 7u40 and earlier and Java SE 6u60 and earlier allows remote attackers to affect integrity via unknown vectors related to jhat.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: insufficient html escaping in jhat (jhat, 8011081)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-5772"
},
{
"category": "external",
"summary": "RHBZ#1018717",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1018717"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-5772",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5772"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5772",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5772"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
}
],
"release_date": "2013-10-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-12-05T17:32:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1793"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "OpenJDK: insufficient html escaping in jhat (jhat, 8011081)"
},
{
"cve": "CVE-2013-5774",
"discovery_date": "2013-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1019147"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, 6u60 and earlier, 5.0u51 and earlier, and Embedded 7u40 and earlier allows remote attackers to affect integrity via unknown vectors related to Libraries.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: Inet6Address class IPv6 address processing errors (Libraries, 8015743)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-5774"
},
{
"category": "external",
"summary": "RHBZ#1019147",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019147"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-5774",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5774"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5774",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5774"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
}
],
"release_date": "2013-10-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-12-05T17:32:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1793"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: Inet6Address class IPv6 address processing errors (Libraries, 8015743)"
},
{
"cve": "CVE-2013-5776",
"discovery_date": "2013-10-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1019712"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 7u45 (Deployment)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-5776"
},
{
"category": "external",
"summary": "RHBZ#1019712",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019712"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-5776",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5776"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5776",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5776"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
}
],
"release_date": "2013-10-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-12-05T17:32:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1793"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JDK: unspecified vulnerability fixed in 7u45 (Deployment)"
},
{
"cve": "CVE-2013-5778",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2013-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1018984"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, 6u60 and earlier, 5.0u51 and earlier, and Embedded 7u40 and earlier allows remote attackers to affect confidentiality via unknown vectors related to 2D.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: image conversion out of bounds read (2D, 8014102)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-5778"
},
{
"category": "external",
"summary": "RHBZ#1018984",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1018984"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-5778",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5778"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5778",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5778"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
}
],
"release_date": "2013-10-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-12-05T17:32:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1793"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: image conversion out of bounds read (2D, 8014102)"
},
{
"cve": "CVE-2013-5780",
"discovery_date": "2013-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1018785"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Libraries.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: key data leak via toString() methods (Libraries, 8011071)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-5780"
},
{
"category": "external",
"summary": "RHBZ#1018785",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1018785"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-5780",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5780"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5780",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5780"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
}
],
"release_date": "2013-10-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-12-05T17:32:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1793"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: key data leak via toString() methods (Libraries, 8011071)"
},
{
"cve": "CVE-2013-5782",
"discovery_date": "2013-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1019108"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: Incorrect awt_getPixelByte/awt_getPixelShort/awt_setPixelByte/awt_setPixelShort image raster checks (2D, 8014093)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-5782"
},
{
"category": "external",
"summary": "RHBZ#1019108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019108"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-5782",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5782"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5782",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5782"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
}
],
"release_date": "2013-10-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-12-05T17:32:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1793"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK: Incorrect awt_getPixelByte/awt_getPixelShort/awt_setPixelByte/awt_setPixelShort image raster checks (2D, 8014093)"
},
{
"cve": "CVE-2013-5783",
"discovery_date": "2013-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1019137"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Swing.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: JTable not properly performing certain access checks (Swing, 8013744)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-5783"
},
{
"category": "external",
"summary": "RHBZ#1019137",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019137"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-5783",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5783"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5783",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5783"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
}
],
"release_date": "2013-10-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-12-05T17:32:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1793"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: JTable not properly performing certain access checks (Swing, 8013744)"
},
{
"cve": "CVE-2013-5784",
"discovery_date": "2013-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1018727"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via vectors related to SCRIPTING.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: insufficient InterfaceImplementor security checks (Scripting, 8017299)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-5784"
},
{
"category": "external",
"summary": "RHBZ#1018727",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1018727"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-5784",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5784"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5784",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5784"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
}
],
"release_date": "2013-10-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-12-05T17:32:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1793"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: insufficient InterfaceImplementor security checks (Scripting, 8017299)"
},
{
"cve": "CVE-2013-5787",
"discovery_date": "2013-10-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1019693"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5789, CVE-2013-5824, CVE-2013-5832, and CVE-2013-5852.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 7u45 (Deployment)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-5787"
},
{
"category": "external",
"summary": "RHBZ#1019693",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019693"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-5787",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5787"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5787",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5787"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
}
],
"release_date": "2013-10-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-12-05T17:32:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1793"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "JDK: unspecified vulnerability fixed in 7u45 (Deployment)"
},
{
"cve": "CVE-2013-5789",
"discovery_date": "2013-10-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1019697"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5787, CVE-2013-5824, CVE-2013-5832, and CVE-2013-5852.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 7u45 (Deployment)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-5789"
},
{
"category": "external",
"summary": "RHBZ#1019697",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019697"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-5789",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5789"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5789",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5789"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
}
],
"release_date": "2013-10-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-12-05T17:32:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1793"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "JDK: unspecified vulnerability fixed in 7u45 (Deployment)"
},
{
"cve": "CVE-2013-5797",
"discovery_date": "2013-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1018720"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and JavaFX 2.2.40 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Javadoc.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: insufficient escaping of window title string (Javadoc, 8016675)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-5797"
},
{
"category": "external",
"summary": "RHBZ#1018720",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1018720"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-5797",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5797"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5797",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5797"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
}
],
"release_date": "2013-10-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-12-05T17:32:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1793"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.6,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "OpenJDK: insufficient escaping of window title string (Javadoc, 8016675)"
},
{
"cve": "CVE-2013-5801",
"discovery_date": "2013-10-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1019710"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via unknown vectors related to 2D.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 7u45 (2D)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-5801"
},
{
"category": "external",
"summary": "RHBZ#1019710",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019710"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-5801",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5801"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5801",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5801"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
}
],
"release_date": "2013-10-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-12-05T17:32:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1793"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JDK: unspecified vulnerability fixed in 7u45 (2D)"
},
{
"cve": "CVE-2013-5802",
"discovery_date": "2013-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1019130"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAXP.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: javax.xml.transform.TransformerFactory does not properly honor XMLConstants.FEATURE_SECURE_PROCESSING (JAXP, 8012425)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-5802"
},
{
"category": "external",
"summary": "RHBZ#1019130",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019130"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-5802",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5802"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5802",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5802"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
}
],
"release_date": "2013-10-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-12-05T17:32:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1793"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: javax.xml.transform.TransformerFactory does not properly honor XMLConstants.FEATURE_SECURE_PROCESSING (JAXP, 8012425)"
},
{
"cve": "CVE-2013-5803",
"discovery_date": "2013-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1018713"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via vectors related to JGSS.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: insufficient checks of KDC replies (JGSS, 8014341)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-5803"
},
{
"category": "external",
"summary": "RHBZ#1018713",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1018713"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-5803",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5803"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5803",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5803"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
}
],
"release_date": "2013-10-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-12-05T17:32:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1793"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.6,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "OpenJDK: insufficient checks of KDC replies (JGSS, 8014341)"
},
{
"cve": "CVE-2013-5804",
"discovery_date": "2013-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1019131"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, and JRockit R27.7.6 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Javadoc.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: javac does not ignore certain ignorable characters (Javadoc, 8016653)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-5804"
},
{
"category": "external",
"summary": "RHBZ#1019131",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019131"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-5804",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5804"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5804",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5804"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
}
],
"release_date": "2013-10-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-12-05T17:32:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1793"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: javac does not ignore certain ignorable characters (Javadoc, 8016653)"
},
{
"cve": "CVE-2013-5809",
"discovery_date": "2013-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1019113"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-5829.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: JPEGImageReader and JPEGImageWriter missing band size checks (2D, 8013510)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-5809"
},
{
"category": "external",
"summary": "RHBZ#1019113",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019113"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-5809",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5809"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5809",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5809"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
}
],
"release_date": "2013-10-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-12-05T17:32:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1793"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK: JPEGImageReader and JPEGImageWriter missing band size checks (2D, 8013510)"
},
{
"cve": "CVE-2013-5812",
"discovery_date": "2013-10-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1019706"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality and availability via unknown vectors related to Deployment.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 7u45 (Deployment)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-5812"
},
{
"category": "external",
"summary": "RHBZ#1019706",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019706"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-5812",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5812"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5812",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5812"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
}
],
"release_date": "2013-10-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-12-05T17:32:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1793"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JDK: unspecified vulnerability fixed in 7u45 (Deployment)"
},
{
"cve": "CVE-2013-5814",
"discovery_date": "2013-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1019117"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: RMIConnection stub missing permission check (CORBA, 8011157)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-5814"
},
{
"category": "external",
"summary": "RHBZ#1019117",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019117"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-5814",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5814"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5814",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5814"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
}
],
"release_date": "2013-10-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-12-05T17:32:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1793"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK: RMIConnection stub missing permission check (CORBA, 8011157)"
},
{
"cve": "CVE-2013-5817",
"discovery_date": "2013-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1019118"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JNDI.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: VersionHelper12 does not honor modifyThreadGroup restriction (JNDI, 8013739)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-5817"
},
{
"category": "external",
"summary": "RHBZ#1019118",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019118"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-5817",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5817"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5817",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5817"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
}
],
"release_date": "2013-10-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-12-05T17:32:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1793"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK: VersionHelper12 does not honor modifyThreadGroup restriction (JNDI, 8013739)"
},
{
"cve": "CVE-2013-5818",
"discovery_date": "2013-10-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1019713"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5819 and CVE-2013-5831.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 7u45 (Deployment)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-5818"
},
{
"category": "external",
"summary": "RHBZ#1019713",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019713"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-5818",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5818"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5818",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5818"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
}
],
"release_date": "2013-10-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-12-05T17:32:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1793"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JDK: unspecified vulnerability fixed in 7u45 (Deployment)"
},
{
"cve": "CVE-2013-5819",
"discovery_date": "2013-10-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1019715"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5818 and CVE-2013-5831.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 7u45 (Deployment)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-5819"
},
{
"category": "external",
"summary": "RHBZ#1019715",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019715"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-5819",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5819"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5819",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5819"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
}
],
"release_date": "2013-10-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-12-05T17:32:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1793"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JDK: unspecified vulnerability fixed in 7u45 (Deployment)"
},
{
"cve": "CVE-2013-5820",
"discovery_date": "2013-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1018972"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via vectors related to JAX-WS.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: insufficient security checks (JAXWS, 8017505)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-5820"
},
{
"category": "external",
"summary": "RHBZ#1018972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1018972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-5820",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5820"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5820",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5820"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
}
],
"release_date": "2013-10-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-12-05T17:32:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1793"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: insufficient security checks (JAXWS, 8017505)"
},
{
"cve": "CVE-2013-5823",
"discovery_date": "2013-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1019145"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via unknown vectors related to Security.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: com.sun.org.apache.xml.internal.security.utils.UnsyncByteArrayOutputStream Denial of Service (Security, 8021290)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-5823"
},
{
"category": "external",
"summary": "RHBZ#1019145",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019145"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-5823",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5823"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5823",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5823"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
}
],
"release_date": "2013-10-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-12-05T17:32:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1793"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: com.sun.org.apache.xml.internal.security.utils.UnsyncByteArrayOutputStream Denial of Service (Security, 8021290)"
},
{
"cve": "CVE-2013-5824",
"discovery_date": "2013-10-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1019691"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5787, CVE-2013-5789, CVE-2013-5832, and CVE-2013-5852.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 7u45 (Deployment)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-5824"
},
{
"category": "external",
"summary": "RHBZ#1019691",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019691"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-5824",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5824"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5824",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5824"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
}
],
"release_date": "2013-10-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-12-05T17:32:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1793"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "JDK: unspecified vulnerability fixed in 7u45 (Deployment)"
},
{
"cve": "CVE-2013-5825",
"discovery_date": "2013-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1019139"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via vectors related to JAXP.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: XML parsing Denial of Service (JAXP, 8014530)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-5825"
},
{
"category": "external",
"summary": "RHBZ#1019139",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019139"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-5825",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5825"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5825",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5825"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
}
],
"release_date": "2013-10-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-12-05T17:32:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1793"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: XML parsing Denial of Service (JAXP, 8014530)"
},
{
"cve": "CVE-2013-5829",
"discovery_date": "2013-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1019115"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-5809.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: Java2d Disposer security bypass (2D, 8017287)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-5829"
},
{
"category": "external",
"summary": "RHBZ#1019115",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019115"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-5829",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5829"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5829",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5829"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
}
],
"release_date": "2013-10-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-12-05T17:32:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1793"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK: Java2d Disposer security bypass (2D, 8017287)"
},
{
"cve": "CVE-2013-5830",
"discovery_date": "2013-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1019110"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: checkPackageAccess missing security check (Libraries, 8017291)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-5830"
},
{
"category": "external",
"summary": "RHBZ#1019110",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019110"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-5830",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5830"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5830",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5830"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
}
],
"release_date": "2013-10-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-12-05T17:32:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1793"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK: checkPackageAccess missing security check (Libraries, 8017291)"
},
{
"cve": "CVE-2013-5831",
"discovery_date": "2013-10-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1019716"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5818 and CVE-2013-5819.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 7u45 (Deployment)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-5831"
},
{
"category": "external",
"summary": "RHBZ#1019716",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019716"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-5831",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5831"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5831",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5831"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
}
],
"release_date": "2013-10-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-12-05T17:32:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1793"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JDK: unspecified vulnerability fixed in 7u45 (Deployment)"
},
{
"cve": "CVE-2013-5832",
"discovery_date": "2013-10-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1019702"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5787, CVE-2013-5789, CVE-2013-5824, and CVE-2013-5852.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 7u45 (Deployment)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-5832"
},
{
"category": "external",
"summary": "RHBZ#1019702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019702"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-5832",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5832"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5832",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5832"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
}
],
"release_date": "2013-10-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-12-05T17:32:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1793"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "JDK: unspecified vulnerability fixed in 7u45 (Deployment)"
},
{
"cve": "CVE-2013-5840",
"discovery_date": "2013-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1018831"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Libraries.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: getDeclaringClass() information leak (Libraries, 8014349)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-5840"
},
{
"category": "external",
"summary": "RHBZ#1018831",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1018831"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-5840",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5840"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5840",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5840"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
}
],
"release_date": "2013-10-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-12-05T17:32:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1793"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: getDeclaringClass() information leak (Libraries, 8014349)"
},
{
"cve": "CVE-2013-5842",
"discovery_date": "2013-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1019123"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-5850.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: ObjectInputStream/ObjectOutputStream missing checks (Libraries, 8014987)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-5842"
},
{
"category": "external",
"summary": "RHBZ#1019123",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019123"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-5842",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5842"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5842",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5842"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
}
],
"release_date": "2013-10-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-12-05T17:32:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1793"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK: ObjectInputStream/ObjectOutputStream missing checks (Libraries, 8014987)"
},
{
"cve": "CVE-2013-5843",
"discovery_date": "2013-10-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1019701"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JavaFX 2.2.40 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 7u45 (2D)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-5843"
},
{
"category": "external",
"summary": "RHBZ#1019701",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019701"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-5843",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5843"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5843",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5843"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
}
],
"release_date": "2013-10-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-12-05T17:32:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1793"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "JDK: unspecified vulnerability fixed in 7u45 (2D)"
},
{
"cve": "CVE-2013-5848",
"discovery_date": "2013-10-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1019720"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and JavaFX 2.2.40 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 7u45 (Deployment)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-5848"
},
{
"category": "external",
"summary": "RHBZ#1019720",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019720"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-5848",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5848"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5848",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5848"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
}
],
"release_date": "2013-10-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-12-05T17:32:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1793"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JDK: unspecified vulnerability fixed in 7u45 (Deployment)"
},
{
"cve": "CVE-2013-5849",
"discovery_date": "2013-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1018750"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to AWT.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: insufficient DataFlavor security checks (AWT, 8012277)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-5849"
},
{
"category": "external",
"summary": "RHBZ#1018750",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1018750"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-5849",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5849"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5849",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5849"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
}
],
"release_date": "2013-10-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-12-05T17:32:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1793"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: insufficient DataFlavor security checks (AWT, 8012277)"
},
{
"cve": "CVE-2013-5850",
"discovery_date": "2013-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1019127"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-5842.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: Missing CORBA security checks (Libraries, 8017196)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-5850"
},
{
"category": "external",
"summary": "RHBZ#1019127",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019127"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-5850",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5850"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5850",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5850"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
}
],
"release_date": "2013-10-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-12-05T17:32:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1793"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK: Missing CORBA security checks (Libraries, 8017196)"
},
{
"cve": "CVE-2013-5851",
"discovery_date": "2013-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1018977"
}
],
"notes": [
{
"category": "description",
"text": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to JAXP.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: XML stream factory finder information leak (JAXP, 8013502)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-5851"
},
{
"category": "external",
"summary": "RHBZ#1018977",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1018977"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-5851",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5851"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5851",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5851"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
}
],
"release_date": "2013-10-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-12-05T17:32:00+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1793"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"products": [
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite54:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.i386",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite54:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.src",
"5Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.s390x",
"5Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite55:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite55:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite56:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite56:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.src",
"6Server-Satellite:java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6.x86_64",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.s390x",
"6Server-Satellite:java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: XML stream factory finder information leak (JAXP, 8013502)"
}
]
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.