var-201302-0132
Vulnerability from variot
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than other CVEs listed in the February 2013 CPU. Java 7 Update 11, Java 6 Update 38, and earlier versions of Java contain vulnerabilities that can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. The vulnerability can be exploited over multiple protocols. This issue affects the 'Deployment' sub-component. This vulnerability affects the following supported versions: 7 Update 11 and prior, 6 Update 38 and prior, 5.0 Update 38 and prior Note: This issue was previously discussed in BID 57670 (Oracle Java Runtime Environment Multiple Security Vulnerabilities) but has been given its own record to better document it. In a typical operating environment, these are of low security risk as the runtime is not used on untrusted applets. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
APPLE-SA-2013-02-19-1 Java for OS X 2013-001 and Mac OS X v10.6 Update 13
Java for OS X 2013-001 and Mac OS X v10.6 Update 13 is now available and addresses the following:
Java Available for: OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later Impact: Multiple vulnerabilities in Java 1.6.0_37 Description: Multiple vulnerabilities existed in Java 1.6.0_37, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_41. For Mac OS X v10.6 systems, these issues were addressed in Java for Mac OS X v10.6 Update 13. Further information is available via the Java website at http://www.oracle.com/technetwork/java/javase/ releasenotes-136954.html CVE-ID CVE-2012-3213 CVE-2012-3342 CVE-2013-0351 CVE-2013-0409 CVE-2013-0419 CVE-2013-0423 CVE-2013-0424 CVE-2013-0425 CVE-2013-0426 CVE-2013-0427 CVE-2013-0428 CVE-2013-0429 CVE-2013-0432 CVE-2013-0433 CVE-2013-0434 CVE-2013-0435 CVE-2013-0438 CVE-2013-0440 CVE-2013-0441 CVE-2013-0442 CVE-2013-0443 CVE-2013-0445 CVE-2013-0446 CVE-2013-0450 CVE-2013-1473 CVE-2013-1475 CVE-2013-1476 CVE-2013-1478 CVE-2013-1480 CVE-2013-1481
Java Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later Impact: Multiple vulnerabilities in Java Description: Multiple vulnerabilities existed in Java, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user. These issues were addressed by updating to Java version 1.6.0_41. Further information is available via the Java website at http://www.o racle.com/technetwork/java/javase/releasenotes-136954.html CVE-ID CVE-2013-1486 CVE-2013-1487 CVE-2013-1488
Malware removal Available for: Mac OS X v10.6.8, Mac OS X Server v10.6.8, OS X Lion v10.7 or later, OS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later Description: This update runs a malware removal tool that will remove the most common variants of malware. If malware is found, it presents a dialog notifying the user that malware was removed. There is no indication to the user if malware is not found.
Java for OS X 2013-001 and Java for Mac OS X 10.6 Update 13 may be obtained from the Software Update pane in System Preferences, Mac App Store, or Apple's Software Downloads web site: http://www.apple.com/support/downloads/
For Mac OS X v10.6 systems The download file is named: JavaForMacOSX10.6.Update13.dmg Its SHA-1 digest is: 5327984bc0b300c237fe69cecf69513624f56b0e
For OS X Lion and Mountain Lion systems The download file is named: JavaForOSX2013-001.dmg Its SHA-1 digest is: 145d74354241cf2f567d2768bbd0a7185e7d308a
Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org
iQIcBAEBAgAGBQJRI/A/AAoJEPefwLHPlZEwDp4QAKz9nfo397KaudpFDey26bsb GNR8HQ3Z5Ln0ArgwBcc2XabzIYXsjmY7nPdZgq1m0sWgFGWtfQ7qslRooUyNLOsB WUddu+hQYvPn3CJOZsaPfTA2mfK6Qk9LeyqzUUkZrRNltHnIFMO7uXLEIdrFdnnx exFMPjbIq+xM5UZgvd/2grtF4DaZHnbcK+t/tDwH09/hGRQ+l+3a/3FB2S1Av85c FSuiieyrz2NNnDwFCj5NeSFQuK7hr52TiSOEPYI2eiTepyBHrUy03wAe8uwIzQII RjkY3Nbc8AZt0Q6lq5TgsQbH+vrwVE07nty36uMKmE2vJXyOAIZjfrrwv9SetLwd QnU5NYMbeHAHmSN5JQfuvDxEfL15/7Jafw2noJGotdrMzs6XQACFIHKqLORdwNkp sltj3LwykpcyoCR8Dq7NPafqhp2wySaHX8DFSohcq1aa1w+SLDgPCZUAzknwokCL f/hVQzP6hD0uHP/2jsLjh5g6TgHmCRdR+CKCs7QZaYAUketelRX9YOcgcXzqf5sy EcbDvJ+rd3KsQ9gIByGwVhHD87NSZDJAyG0ROjMMS9w/7l7nhGxedzGzlyK3oNl/ VpewgZ8FpUrvY80HOPz5XyFmX+HQoSnJ8er6OI5AvHBPn+Z1yHDLS5zpLeDD/wO9 rmbzMJjZUnlCDXoLEVQ9 =qlVo -----END PGP SIGNATURE----- . ============================================================================ Ubuntu Security Notice USN-1724-1 February 14, 2013
openjdk-6, openjdk-7 vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.10
- Ubuntu 12.04 LTS
- Ubuntu 11.10
- Ubuntu 10.04 LTS
Summary:
Several security issues were fixed in OpenJDK.
Software Description: - openjdk-7: Open Source Java implementation - openjdk-6: Open Source Java implementation
Details:
Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit these to cause a denial of service. (CVE-2012-1541, CVE-2012-3342, CVE-2013-0351, CVE-2013-0419, CVE-2013-0423, CVE-2013-0446, CVE-2012-3213, CVE-2013-0425, CVE-2013-0426, CVE-2013-0428, CVE-2013-0429, CVE-2013-0430, CVE-2013-0441, CVE-2013-0442, CVE-2013-0445, CVE-2013-0450, CVE-2013-1475, CVE-2013-1476, CVE-2013-1478, CVE-2013-1480)
Vulnerabilities were discovered in the OpenJDK JRE related to information disclosure. (CVE-2013-0409, CVE-2013-0434, CVE-2013-0438)
Several data integrity vulnerabilities were discovered in the OpenJDK JRE. (CVE-2013-0424, CVE-2013-0427, CVE-2013-0433, CVE-2013-1473)
Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and data integrity. (CVE-2013-0432, CVE-2013-0435, CVE-2013-0443)
A vulnerability was discovered in the OpenJDK JRE related to availability. An attacker could exploit this to cause a denial of service. (CVE-2013-0440)
A vulnerability was discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit this to cause a denial of service. This issue only affected Ubuntu 12.10. (CVE-2013-0444)
A data integrity vulnerability was discovered in the OpenJDK JRE. This issue only affected Ubuntu 12.10. (CVE-2013-0448)
An information disclosure vulnerability was discovered in the OpenJDK JRE. This issue only affected Ubuntu 12.10. (CVE-2013-0449)
A vulnerability was discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit this to cause a denial of service. (CVE-2013-1481)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.10: icedtea-7-jre-jamvm 7u13-2.3.6-0ubuntu0.12.10.1 openjdk-7-jre 7u13-2.3.6-0ubuntu0.12.10.1 openjdk-7-jre-headless 7u13-2.3.6-0ubuntu0.12.10.1 openjdk-7-jre-lib 7u13-2.3.6-0ubuntu0.12.10.1 openjdk-7-jre-zero 7u13-2.3.6-0ubuntu0.12.10.1
Ubuntu 12.04 LTS: icedtea-6-jre-cacao 6b27-1.12.1-2ubuntu0.12.04.2 icedtea-6-jre-jamvm 6b27-1.12.1-2ubuntu0.12.04.2 openjdk-6-jre 6b27-1.12.1-2ubuntu0.12.04.2 openjdk-6-jre-headless 6b27-1.12.1-2ubuntu0.12.04.2 openjdk-6-jre-lib 6b27-1.12.1-2ubuntu0.12.04.2 openjdk-6-jre-zero 6b27-1.12.1-2ubuntu0.12.04.2
Ubuntu 11.10: icedtea-6-jre-cacao 6b27-1.12.1-2ubuntu0.11.10.2 icedtea-6-jre-jamvm 6b27-1.12.1-2ubuntu0.11.10.2 openjdk-6-jre 6b27-1.12.1-2ubuntu0.11.10.2 openjdk-6-jre-headless 6b27-1.12.1-2ubuntu0.11.10.2 openjdk-6-jre-lib 6b27-1.12.1-2ubuntu0.11.10.2 openjdk-6-jre-zero 6b27-1.12.1-2ubuntu0.11.10.2
Ubuntu 10.04 LTS: icedtea-6-jre-cacao 6b27-1.12.1-2ubuntu0.10.04.2 openjdk-6-jre 6b27-1.12.1-2ubuntu0.10.04.2 openjdk-6-jre-headless 6b27-1.12.1-2ubuntu0.10.04.2 openjdk-6-jre-lib 6b27-1.12.1-2ubuntu0.10.04.2 openjdk-6-jre-zero 6b27-1.12.1-2ubuntu0.10.04.2
This update uses a new upstream release which includes additional bug fixes. After a standard system update you need to restart any Java applications or applets to make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: java-1.6.0-sun security update Advisory ID: RHSA-2013:0236-01 Product: Red Hat Enterprise Linux Extras Advisory URL: https://rhn.redhat.com/errata/RHSA-2013-0236.html Issue date: 2013-02-04 CVE Names: CVE-2012-1541 CVE-2012-3213 CVE-2012-3342 CVE-2013-0351 CVE-2013-0409 CVE-2013-0419 CVE-2013-0423 CVE-2013-0424 CVE-2013-0425 CVE-2013-0426 CVE-2013-0427 CVE-2013-0428 CVE-2013-0429 CVE-2013-0430 CVE-2013-0432 CVE-2013-0433 CVE-2013-0434 CVE-2013-0435 CVE-2013-0438 CVE-2013-0440 CVE-2013-0441 CVE-2013-0442 CVE-2013-0443 CVE-2013-0445 CVE-2013-0446 CVE-2013-0450 CVE-2013-1473 CVE-2013-1475 CVE-2013-1476 CVE-2013-1478 CVE-2013-1480 CVE-2013-1481 =====================================================================
- Summary:
Updated java-1.6.0-sun packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64 Red Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64 Red Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64
- (CVE-2012-1541, CVE-2012-3213, CVE-2012-3342, CVE-2013-0351, CVE-2013-0409, CVE-2013-0419, CVE-2013-0423, CVE-2013-0424, CVE-2013-0425, CVE-2013-0426, CVE-2013-0427, CVE-2013-0428, CVE-2013-0429, CVE-2013-0430, CVE-2013-0432, CVE-2013-0433, CVE-2013-0434, CVE-2013-0435, CVE-2013-0438, CVE-2013-0440, CVE-2013-0441, CVE-2013-0442, CVE-2013-0443, CVE-2013-0445, CVE-2013-0446, CVE-2013-0450, CVE-2013-1473, CVE-2013-1475, CVE-2013-1476, CVE-2013-1478, CVE-2013-1480, CVE-2013-1481)
All users of java-1.6.0-sun are advised to upgrade to these updated packages, which provide Oracle Java 6 Update 39. All running instances of Oracle Java must be restarted for the update to take effect.
- Solution:
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258
- Bugs fixed (http://bugzilla.redhat.com/):
859140 - CVE-2013-0440 OpenJDK: CPU consumption DoS via repeated SSL ClientHello packets (JSSE, 7192393) 860652 - CVE-2013-1475 OpenJDK: IIOP type reuse sandbox bypass (CORBA, 8000540, SE-2012-01 Issue 50) 906813 - CVE-2013-0424 OpenJDK: RMI CGIHandler XSS issue (RMI, 6563318) 906892 - CVE-2013-0435 OpenJDK: com.sun.xml.internal.* not restricted packages (JAX-WS, 7201068) 906894 - CVE-2013-1478 OpenJDK: image parser insufficient raster parameter checks (2D, 8001972) 906899 - CVE-2013-0442 OpenJDK: insufficient privilege checking issue (AWT, 7192977) 906900 - CVE-2013-0445 OpenJDK: insufficient privilege checking issue (AWT, 8001057) 906904 - CVE-2013-1480 OpenJDK: image parser insufficient raster parameter checks (AWT, 8002325) 906911 - CVE-2013-0450 OpenJDK: RequiredModelMBean missing access control context checks (JMX, 8000537) 906914 - CVE-2012-1541 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment) 906916 - CVE-2013-0446 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment) 906917 - CVE-2012-3342 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment) 906918 - CVE-2013-0419 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment) 906921 - CVE-2013-0423 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment) 906923 - CVE-2013-0351 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment) 906930 - CVE-2013-0430 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Install) 906933 - CVE-2013-1473 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment) 906935 - CVE-2013-0438 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment) 907207 - CVE-2013-0428 OpenJDK: reflection API incorrect checks for proxy classes (Libraries, 7197546, SE-2012-01 Issue 29) 907219 - CVE-2013-0432 OpenJDK: insufficient clipboard access premission checks (AWT, 7186952) 907223 - CVE-2012-3213 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Scripting) 907224 - CVE-2013-1481 Oracle JDK: unspecified vulnerability fixed in 6u39 (Sound) 907226 - CVE-2013-0409 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (JMX) 907340 - CVE-2013-0443 OpenJDK: insufficient Diffie-Hellman public key checks (JSSE, 7192392) 907344 - CVE-2013-0425 OpenJDK: logging insufficient access control checks (Libraries, 6664509) 907346 - CVE-2013-0426 OpenJDK: logging insufficient access control checks (Libraries, 6664528) 907453 - CVE-2013-0434 OpenJDK: loadPropertyFile missing restrictions (JAXP, 8001235) 907455 - CVE-2013-0427 OpenJDK: invalid threads subject to interrupts (Libraries, 6776941) 907456 - CVE-2013-0433 OpenJDK: InetSocketAddress serialization issue (Networking, 7201071) 907457 - CVE-2013-1476 OpenJDK: missing ValueHandlerImpl class constructor access restriction (CORBA, 8000631) 907458 - CVE-2013-0441 OpenJDK: missing serialization restriction (CORBA, 7201066) 907460 - CVE-2013-0429 OpenJDK: PresentationManager incorrectly shared (CORBA, 7141694)
- Package List:
Red Hat Enterprise Linux Desktop Supplementary (v. 5):
i386: java-1.6.0-sun-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-demo-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-jdbc-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-plugin-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-src-1.6.0.39-1jpp.4.el5_9.i586.rpm
x86_64: java-1.6.0-sun-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-1.6.0.39-1jpp.4.el5_9.x86_64.rpm java-1.6.0-sun-demo-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-demo-1.6.0.39-1jpp.4.el5_9.x86_64.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.4.el5_9.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-jdbc-1.6.0.39-1jpp.4.el5_9.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-plugin-1.6.0.39-1jpp.4.el5_9.x86_64.rpm java-1.6.0-sun-src-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-src-1.6.0.39-1jpp.4.el5_9.x86_64.rpm
Red Hat Enterprise Linux Server Supplementary (v. 5):
i386: java-1.6.0-sun-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-demo-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-jdbc-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-plugin-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-src-1.6.0.39-1jpp.4.el5_9.i586.rpm
x86_64: java-1.6.0-sun-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-1.6.0.39-1jpp.4.el5_9.x86_64.rpm java-1.6.0-sun-demo-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-demo-1.6.0.39-1jpp.4.el5_9.x86_64.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.4.el5_9.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-jdbc-1.6.0.39-1jpp.4.el5_9.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-plugin-1.6.0.39-1jpp.4.el5_9.x86_64.rpm java-1.6.0-sun-src-1.6.0.39-1jpp.4.el5_9.i586.rpm java-1.6.0-sun-src-1.6.0.39-1jpp.4.el5_9.x86_64.rpm
Red Hat Enterprise Linux Desktop Supplementary (v. 6):
i386: java-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-demo-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-jdbc-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-plugin-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-src-1.6.0.39-1jpp.1.el6_3.i686.rpm
x86_64: java-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-demo-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-src-1.6.0.39-1jpp.1.el6_3.x86_64.rpm
Red Hat Enterprise Linux HPC Node Supplementary (v. 6):
x86_64: java-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-demo-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-src-1.6.0.39-1jpp.1.el6_3.x86_64.rpm
Red Hat Enterprise Linux Server Supplementary (v. 6):
i386: java-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-demo-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-jdbc-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-plugin-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-src-1.6.0.39-1jpp.1.el6_3.i686.rpm
x86_64: java-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-demo-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-src-1.6.0.39-1jpp.1.el6_3.x86_64.rpm
Red Hat Enterprise Linux Workstation Supplementary (v. 6):
i386: java-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-demo-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-jdbc-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-plugin-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-src-1.6.0.39-1jpp.1.el6_3.i686.rpm
x86_64: java-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-demo-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.i686.rpm java-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-jdbc-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-plugin-1.6.0.39-1jpp.1.el6_3.x86_64.rpm java-1.6.0-sun-src-1.6.0.39-1jpp.1.el6_3.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2012-1541.html https://www.redhat.com/security/data/cve/CVE-2012-3213.html https://www.redhat.com/security/data/cve/CVE-2012-3342.html https://www.redhat.com/security/data/cve/CVE-2013-0351.html https://www.redhat.com/security/data/cve/CVE-2013-0409.html https://www.redhat.com/security/data/cve/CVE-2013-0419.html https://www.redhat.com/security/data/cve/CVE-2013-0423.html https://www.redhat.com/security/data/cve/CVE-2013-0424.html https://www.redhat.com/security/data/cve/CVE-2013-0425.html https://www.redhat.com/security/data/cve/CVE-2013-0426.html https://www.redhat.com/security/data/cve/CVE-2013-0427.html https://www.redhat.com/security/data/cve/CVE-2013-0428.html https://www.redhat.com/security/data/cve/CVE-2013-0429.html https://www.redhat.com/security/data/cve/CVE-2013-0430.html https://www.redhat.com/security/data/cve/CVE-2013-0432.html https://www.redhat.com/security/data/cve/CVE-2013-0433.html https://www.redhat.com/security/data/cve/CVE-2013-0434.html https://www.redhat.com/security/data/cve/CVE-2013-0435.html https://www.redhat.com/security/data/cve/CVE-2013-0438.html https://www.redhat.com/security/data/cve/CVE-2013-0440.html https://www.redhat.com/security/data/cve/CVE-2013-0441.html https://www.redhat.com/security/data/cve/CVE-2013-0442.html https://www.redhat.com/security/data/cve/CVE-2013-0443.html https://www.redhat.com/security/data/cve/CVE-2013-0445.html https://www.redhat.com/security/data/cve/CVE-2013-0446.html https://www.redhat.com/security/data/cve/CVE-2013-0450.html https://www.redhat.com/security/data/cve/CVE-2013-1473.html https://www.redhat.com/security/data/cve/CVE-2013-1475.html https://www.redhat.com/security/data/cve/CVE-2013-1476.html https://www.redhat.com/security/data/cve/CVE-2013-1478.html https://www.redhat.com/security/data/cve/CVE-2013-1480.html https://www.redhat.com/security/data/cve/CVE-2013-1481.html https://access.redhat.com/security/updates/classification/#critical http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2013 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFREE7WXlSAg2UNWIIRAuWTAJ4g2iIk0XnUEpbIXz6nDgDjaHxz7ACbBcjy gqkoqFew2BZDYA/n817qYO8= =m5pJ -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
TITLE: Oracle Java Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA52064
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/52064/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=52064
RELEASE DATE: 2013-02-02
DISCUSS ADVISORY: http://secunia.com/advisories/52064/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/52064/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=52064
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Oracle Java, which can be exploited by malicious local users to gain escalated privileges and by malicious people to disclose certain sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.
1) An unspecified error in the 2D component of the client and server deployment can be exploited to potentially execute arbitrary code.
2) An unspecified error in the 2D component of the client and server deployment can be exploited to potentially execute arbitrary code.
3) An unspecified error in the AWT component of the client deployment can be exploited to potentially execute arbitrary code.
4) An unspecified error in the AWT component of the client deployment can be exploited to potentially execute arbitrary code.
5) An unspecified error in the AWT component of the client and server deployment can be exploited to potentially execute arbitrary code.
6) An unspecified error in the CORBA component of the client deployment can be exploited to potentially execute arbitrary code.
7) An unspecified error in the CORBA component of the client deployment can be exploited to potentially execute arbitrary code.
8) An unspecified error in the CORBA component of the client deployment can be exploited to potentially execute arbitrary code.
9) An unspecified error in the Deployment component of the client deployment can be exploited to potentially execute arbitrary code.
10) An unspecified error in the Deployment component of the client deployment can be exploited to potentially execute arbitrary code.
11) An unspecified error in the Deployment component of the client deployment can be exploited to potentially execute arbitrary code.
12) An unspecified error in the JMX component of the client deployment can be exploited to potentially execute arbitrary code.
13) An unspecified error in the JavaFX component of the client deployment can be exploited to potentially execute arbitrary code.
14) An unspecified error in the Libraries component of the client deployment can be exploited to potentially execute arbitrary code.
15) An unspecified error in the Libraries component of the client deployment can be exploited to potentially execute arbitrary code.
16) An unspecified error in the Libraries component of the client deployment can be exploited to potentially execute arbitrary code.
17) An unspecified error in the Scripting component of the client deployment can be exploited to potentially execute arbitrary code.
18) An unspecified error in the Sound component of the client deployment can be exploited to potentially execute arbitrary code.
19) An unspecified error in the Beans component of the client deployment can be exploited to potentially execute arbitrary code.
20) An unspecified error in the CORBA component of the client deployment can be exploited to potentially execute arbitrary code.
21) An unspecified error in the Deployment component of the client deployment can be exploited to potentially execute arbitrary code.
22) An unspecified error in the Deployment component of the client deployment can be exploited to potentially execute arbitrary code.
23) An unspecified error in the Deployment component of the client deployment can be exploited to disclose and manipulate certain data and cause a DoS.
24) An unspecified error in the Install component of the client deployment can be exploited by a local user to gain escalated privileges.
25) An unspecified error in the AWT component of the client deployment can be exploited to disclose and manipulate certain data.
26) An unspecified error in the Deployment component of the client deployment can be exploited to disclose certain data.
27) An unspecified error in the Deployment component of the client deployment can be exploited to manipulate certain data.
28) An unspecified error in the JAX-WS component of the client deployment can be exploited to disclose certain data.
29) An unspecified error in the JAXP component of the client deployment can be exploited to disclose certain data.
30) An unspecified error in the JMX component of the client deployment can be exploited to disclose certain data.
31) An unspecified error in the JMX component of the client deployment can be exploited to disclose certain data.
32) An unspecified error in the Libraries component of the client deployment can be exploited to manipulate certain data.
33) An unspecified error in the Libraries component of the client deployment can be exploited to manipulate certain data.
34) An unspecified error in the Networking component of the client deployment can be exploited to manipulate certain data.
35) An unspecified error in the RMI component of the client deployment can be exploited to manipulate certain data.
36) An unspecified error in the JSSE component of the server deployment can be exploited via SSL/TLS to cause a DoS.
37) An unspecified error in the Deployment component of the client deployment can be exploited to disclose certain data.
38) An unspecified error in the JSSE component of the client deployment can be exploited via SSL/TLS to disclose and manipulate certain data.
The vulnerabilities are reported in the following products: * JDK and JRE 7 Update 11 and earlier. * JDK and JRE 6 Update 38 and earlier. * JDK and JRE 5.0 Update 38 and earlier. * SDK and JRE 1.4.2_40 and earlier.
SOLUTION: Apply updates.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: One of the vulnerabilities is reported as a 0-day. It is currently unclear who reported the remaining vulnerabilities as the Oracle Jave SE Critical Patch Update for February 2013 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information.
ORIGINAL ADVISORY: http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html http://www.oracle.com/technetwork/topics/security/javacpufeb2013verbose-1841196.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c03725347
SUPPORT COMMUNICATION - SECURITY BULLETIN
Document ID: c03725347 Version: 1
HPSBUX02864 SSRT101156 rev.1 - HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.
References: CVE-2012-1541, CVE-2012-3213, CVE-2012-3342, CVE-2013-0351, CVE-2013-0409, CVE-2013-0419, CVE-2013-0423, CVE-2013-0424, CVE-2013-0425, CVE-2013-0426, CVE-2013-0427, CVE-2013-0428, CVE-2013-0429, CVE-2013-0432, CVE-2013-0433, CVE-2013-0434, CVE-2013-0435, CVE-2013-0438, CVE-2013-0440, CVE-2013-0441, CVE-2013-0442, CVE-2013-0443, CVE-2013-0445, CVE-2013-0446, CVE-2013-0450, CVE-2013-0809, CVE-2013-1473, CVE-2013-1475, CVE-2013-1476, CVE-2013-1478, CVE-2013-1480, CVE-2013-1481, CVE-2013-1493
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.11, B.11.23, and B.11.31 running HP JDK and JRE v6.0.17 and earlier
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2012-1541 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-3213 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2012-3342 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-0351 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2013-0409 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2013-0419 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2013-0423 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2013-0424 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2013-0425 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-0426 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-0427 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2013-0428 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-0429 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2013-0432 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4 CVE-2013-0433 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2013-0434 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2013-0435 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2013-0438 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3 CVE-2013-0440 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2013-0441 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-0442 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-0443 (AV:N/AC:H/Au:N/C:P/I:P/A:N) 4.0 CVE-2013-0445 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-0446 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-0450 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-0809 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1473 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2013-1475 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1476 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1478 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1480 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1481 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1493 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided the following Java version upgrade to resolve these vulnerabilities. The upgrade is available from the following location
http://www.hp.com/java
OS Version Release Version
HP-UX B.11.11, B.11.23, B.11.31 JDK and JRE v6.0.18 or subsequent
MANUAL ACTIONS: Yes - Update For Java v6.0 update to Java v6.0.18 or subsequent
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS
HP-UX B.11.11 HP-UX B.11.23 =========== Jdk60.JDK60-COM Jdk60.JDK60-PA20 Jdk60.JDK60-PA20W Jre60.JRE60-COM Jre60.JRE60-COM-DOC Jre60.JRE60-PA20 Jre60.JRE60-PA20-HS Jre60.JRE60-PA20W Jre60.JRE60-PA20W-HS Jdk60.JDK60-IPF32 Jdk60.JDK60-IPF64 Jre60.JRE60-COM Jre60.JRE60-IPF32 Jre60.JRE60-IPF32-HS Jre60.JRE60-IPF64 Jre60.JRE60-IPF64-HS action: install revision 1.6.0.18.00 or subsequent
HP-UX B.11.23 HP-UX B.11.31 =========== Jdk60.JDK60-COM Jdk60.JDK60-IPF32 Jdk60.JDK60-IPF64 Jre60.JRE60-IPF32 Jre60.JRE60-IPF32-HS Jre60.JRE60-IPF64 Jre60.JRE60-IPF64-HS Jre60.JRE60-COM Jre60.JRE60-IPF32 Jre60.JRE60-IPF32-HS Jre60.JRE60-IPF64 Jre60.JRE60-IPF64-HS
action: install revision 1.6.0.18.00 or subsequent
END AFFECTED VERSIONS
HISTORY Version:1 (rev.1) - 3 April 2013 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin List: A list of HP Security Bulletins, updated periodically, is contained in HP Security Notice HPSN-2011-001: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c02964430
Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX
Copyright 2013 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201302-0132", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "jdk", "scope": "eq", "trust": 1.6, "vendor": "sun", "version": "1.6.0" }, { "model": "jre", "scope": "eq", "trust": 1.6, "vendor": "sun", "version": "1.6.0" }, { "model": "jdk", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "1.7.0" }, { "model": "jdk", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "1.6.0" }, { "model": "jre", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "1.7.0" }, { "model": "jre", "scope": "eq", "trust": 1.0, "vendor": "oracle", "version": "1.6.0" }, { "model": "jre 1.6.0 03", "scope": null, "trust": 0.9, "vendor": "sun", "version": null }, { "model": "jre 17", "scope": "eq", "trust": 0.9, "vendor": "sun", "version": "1.6" }, { "model": "jre 1.7.0 8", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jre 1.6.0 30", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jre 1.6.0 18", "scope": null, "trust": 0.9, "vendor": "sun", "version": null }, { "model": "jdk 1.6.0 35", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jre 1.6.0 22", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jdk 05", "scope": "eq", "trust": 0.9, "vendor": "sun", "version": "1.6" }, { "model": "jdk 1.6.0 28", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jdk 14", "scope": "eq", "trust": 0.9, "vendor": "sun", "version": "1.6" }, { "model": "jdk 1.6.0 21", "scope": null, "trust": 0.9, "vendor": "sun", "version": null }, { "model": "jdk 1.6.0 20", "scope": null, "trust": 0.9, "vendor": "sun", "version": null }, { "model": "jre 1.6.0 32", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jdk 1.6.0 38", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jre 1.6.0 25", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jdk 07", "scope": "eq", "trust": 0.9, "vendor": "sun", "version": "1.6" }, { "model": "jre 1.6.0 35", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jdk 1.6.0 18", "scope": null, "trust": 0.9, "vendor": "sun", "version": null }, { "model": "jdk 1.6.0 27", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jdk 1.6.0 19", "scope": null, "trust": 0.9, "vendor": "sun", "version": null }, { "model": "jre 1.7.0 10", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jdk 1.6.0 03", "scope": null, "trust": 0.9, "vendor": "sun", "version": null }, { "model": "jdk 17", "scope": "eq", "trust": 0.9, "vendor": "sun", "version": "1.6" }, { "model": "jre 1.7.0 2", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jre 10", "scope": "eq", "trust": 0.9, "vendor": "sun", "version": "1.6" }, { "model": "jdk 1.7.0 8", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jdk 1.7.0 2", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jre 1.6.0 14", "scope": null, "trust": 0.9, "vendor": "sun", "version": null }, { "model": "jdk 04", "scope": "eq", "trust": 0.9, "vendor": "sun", "version": "1.6" }, { "model": "jdk 1.7.0 10", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jre 04", "scope": "eq", "trust": 0.9, "vendor": "sun", "version": "1.6" }, { "model": "jdk 1.6.0 25", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jdk 1.6.0 37", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jre 1.6.0 27", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jre 1.7.0 11", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jdk 1.6.0 15", "scope": null, "trust": 0.9, "vendor": "sun", "version": null }, { "model": "jdk 1.6.0 30", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jre 12", "scope": "eq", "trust": 0.9, "vendor": "sun", "version": "1.6" }, { "model": "jre 1.7.0 7", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jdk", "scope": "eq", "trust": 0.9, "vendor": "sun", "version": "1.6" }, { "model": "jre", "scope": "eq", "trust": 0.9, "vendor": "sun", "version": "1.7" }, { "model": "jre 1.6.0 02", "scope": null, "trust": 0.9, "vendor": "sun", "version": null }, { "model": "jre", "scope": "eq", "trust": 0.9, "vendor": "sun", "version": "1.6" }, { "model": "jre 1.6.0 23", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jre 1.6.0 01", "scope": null, "trust": 0.9, "vendor": "sun", "version": null }, { "model": "jdk 1.7.0 4", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jre 1.7.0 9", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jdk 06", "scope": "eq", "trust": 0.9, "vendor": "sun", "version": "1.6" }, { "model": "jre 1.6.0 19", "scope": null, "trust": 0.9, "vendor": "sun", "version": null }, { "model": "jdk 1.7.0 9", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jre 1.6.0 38", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jre 1.6.0 15", "scope": null, "trust": 0.9, "vendor": "sun", "version": null }, { "model": "jre 07", "scope": "eq", "trust": 0.9, "vendor": "sun", "version": "1.6" }, { "model": "jdk 1.7.0 11", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jre 1.6.0 28", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jdk 1.6.0 23", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jre 1.6.0 11", "scope": null, "trust": 0.9, "vendor": "sun", "version": null }, { "model": "jre 13", "scope": "eq", "trust": 0.9, "vendor": "sun", "version": "1.6" }, { "model": "jdk 1.7.0 7", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jdk 1.6.0 32", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jdk 1.6.0 02", "scope": null, "trust": 0.9, "vendor": "sun", "version": null }, { "model": "jre 05", "scope": "eq", "trust": 0.9, "vendor": "sun", "version": "1.6" }, { "model": "jre 1.7.0 4", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jdk 1.6.0 26", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jre 1.6.0 26", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jre 1.6.0 21", "scope": null, "trust": 0.9, "vendor": "sun", "version": null }, { "model": "jre 1.6.0 24", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jre 06", "scope": "eq", "trust": 0.9, "vendor": "sun", "version": "1.6" }, { "model": "jdk 11", "scope": "eq", "trust": 0.9, "vendor": "sun", "version": "1.6" }, { "model": "jdk 10", "scope": "eq", "trust": 0.9, "vendor": "sun", "version": "1.6" }, { "model": "jdk", "scope": "eq", "trust": 0.9, "vendor": "oracle", "version": "1.7" }, { "model": "jdk 1.6.0 22", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jdk 1.6.0 24", "scope": null, "trust": 0.9, "vendor": "oracle", "version": null }, { "model": "jdk 13", "scope": "eq", "trust": 0.9, "vendor": "sun", "version": "1.6" }, { "model": null, "scope": null, "trust": 0.8, "vendor": "apple", "version": null }, { "model": null, "scope": null, "trust": 0.8, "vendor": "oracle", "version": null }, { "model": "jdk 01-b06", "scope": "eq", "trust": 0.6, "vendor": "sun", "version": "1.6" }, { "model": "jre 1.6.0 2", "scope": null, "trust": 0.6, "vendor": "sun", "version": null }, { "model": "jdk 1.6.0 01", "scope": null, "trust": 0.6, "vendor": "sun", "version": null }, { "model": "jre 1.6.0 20", "scope": null, "trust": 0.6, "vendor": "sun", "version": null }, { "model": "linux enterprise software development kit sp2", "scope": "eq", "trust": 0.6, "vendor": "suse", "version": "11" }, { "model": "java se sr13", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "6" }, { "model": "meeting exchange web conferencing server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "-6.0" }, { "model": "java sdk sr14", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5" }, { "model": "websphere mq", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.5.0.1" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2.1" }, { "model": "websphere mq", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "network satellite (for rhel", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6)5.5" }, { "model": "trio tview software", "scope": "eq", "trust": 0.3, "vendor": "schneider electric", "version": "3.27.0" }, { "model": "proactive contact", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "4.1.1" }, { "model": "cms r15", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "nonstop server h06.16.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "tivoli netcool/omnibus", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.3.1" }, { "model": "nonstop server h06.19.00", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "lotus domino", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.3" }, { "model": "java sdk sr15", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "5" }, { "model": "voice portal sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "4.1" }, { "model": "aura application enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "linux amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "11.10" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.7" }, { "model": "jdk 01", "scope": "eq", "trust": 0.3, "vendor": "sun", "version": "1.6" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.2.1" }, { "model": "maximo asset management essentials", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "nonstop server j06.08.02", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "cms r16.3", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "nonstop server h06.15.02", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "freeflow print server 81.d0.73", "scope": null, "trust": 0.3, "vendor": "xerox", "version": null }, { "model": "meeting exchange client registration server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "-6.0" }, { "model": "voice portal sp2", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "4.1" }, { "model": "linux amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.04" }, { "model": "trio tview software", "scope": "ne", "trust": 0.3, "vendor": "schneider electric", "version": "3.29.0" }, { "model": "nonstop server j06.06.02", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "1.1" }, { "model": "nonstop server j06.14", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "call management system r16.1", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "java se sr2", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7" }, { "model": "websphere cast iron cloud integration", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1" }, { "model": "linux i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.04" }, { "model": "aura system manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.3" }, { "model": "java sdk sr4", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.0.1" }, { "model": "tivoli netcool/omnibus fix pack", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "7.3.16" }, { "model": "nonstop server j06.09.03", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "nonstop server h06.26", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "aura system manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.2.3" }, { "model": "nonstop server j06.04.02", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "lotus notes", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.2.6" }, { "model": "tivoli business service manager", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "6.1.10" }, { "model": "network satellite (for rhel", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "5)5.5" }, { "model": "service manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "7.11" }, { "model": "java se sr5", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "6.0.1" }, { "model": "nonstop server j06.13", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "aura session manager sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "aura communication manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.1" }, { "model": "linux amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "12.10" }, { "model": "linux enterprise server sp4", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "10" }, { "model": "linux sparc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.04" }, { "model": "nonstop server j06.09.04", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "linux enterprise server sp2", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11" }, { "model": "voice portal", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.1.2" }, { "model": "lotus notes", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.1.5" }, { "model": "linux i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "12.10" }, { "model": "aura application server sip core", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "53002.0" }, { "model": "freeflow print server 82.d2.24", "scope": null, "trust": 0.3, "vendor": "xerox", "version": null }, { "model": "websphere mq", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.0.2" }, { "model": "voice portal", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.0" }, { "model": "freeflow print server 90.d3.06", "scope": null, "trust": 0.3, "vendor": "xerox", "version": null }, { "model": "call management system r16.2", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "ip office application server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "8.0" }, { "model": "aura sip enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.0" }, { "model": "nonstop server h06.18.00", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "freeflow print server 73.d4.31b", "scope": null, "trust": 0.3, "vendor": "xerox", "version": null }, { "model": "java sdk sr3", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.0.1" }, { "model": "nonstop server j06.15.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "nonstop server h06.22.00", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "websphere cast iron cloud integration physical applian", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.3" }, { "model": "lotus domino", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.2.1" }, { "model": "tivoli netcool/omnibus fix pack", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "7.311" }, { "model": "nonstop server j06.12.00", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "ir", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "4.0" }, { "model": "java se sr4", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "7" }, { "model": "aura application enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2.4" }, { "model": "aura messaging", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.2" }, { "model": "tivoli system automation for integrated operations management", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "2.1" }, { "model": "aura system manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "nonstop server j06.05.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "nonstop server j06.08.00", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "nonstop server j06.09.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "maximo asset management", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.5" }, { "model": "websphere message broker", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1.0.11" }, { "model": "aura system manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.1" }, { "model": "nonstop server j06.16", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "java sdk sr3", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7" }, { "model": "websphere operational decision management", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.5.0.0" }, { "model": "nonstop server j6.0.14.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "rational host on-demand", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "11.0.7" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.3" }, { "model": "freeflow print server 73.c0.41", "scope": null, "trust": 0.3, "vendor": "xerox", "version": null }, { "model": "tivoli netcool/omnibus", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.2.1" }, { "model": "proactive contact", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "4.2.2" }, { "model": "enterprise linux desktop supplementary", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "aura messaging", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.2" }, { "model": "message networking", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2.3" }, { "model": "enterprise linux supplementary server", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "5" }, { "model": "lotus domino", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.0.1" }, { "model": "voice portal sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.0" }, { "model": "voice portal", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.1" }, { "model": "linux enterprise server sp3 ltss", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "10" }, { "model": "websphere cast iron cloud integration live saas offeri", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.3" }, { "model": "aura sip enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.1" }, { "model": "lotus notes", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.2.2" }, { "model": "websphere mq", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.5" }, { "model": "voice portal sp2", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.0" }, { "model": "java sdk sr13", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "6" }, { "model": "smart analytics system", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "56009.7" }, { "model": "java sdk sr1", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7" }, { "model": "interactive service manager web tier", "scope": "eq", "trust": 0.3, "vendor": "mercury", "version": "9.30" }, { "model": "java sdk sr4", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "7" }, { "model": "lotus domino", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.2.4" }, { "model": "lotus domino", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.0" }, { "model": "nonstop server j06.07.02", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "java sdk sr5", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "6.0.1" }, { "model": "nonstop server j06.09.00", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "nonstop server j06.10.02", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "aura messaging", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0.1" }, { "model": "service manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "9.31" }, { "model": "freeflow print server 82.c5.24", "scope": null, "trust": 0.3, "vendor": "xerox", "version": null }, { "model": "nonstop server j06.06.00", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.6" }, { "model": "lotus domino", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.2.3" }, { "model": "aura session manager sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "aura sip enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "nonstop server h06.24.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "iq", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0.1" }, { "model": "aura presence services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "lotus domino", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.2" }, { "model": "aura presence services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.2" }, { "model": "aura system manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.5" }, { "model": "nonstop server h06.25", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "websphere ilog jrules", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1.1" }, { "model": "lotus notes", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0" }, { "model": "lotus notes", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.1" }, { "model": "nonstop server h06.15.00", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "aura application enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.2" }, { "model": "conferencing standard edition", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0.1" }, { "model": "cms r17", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "voice portal sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.1" }, { "model": "java se sr11", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6" }, { "model": "voice portal sp2", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.1" }, { "model": "call management system r", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "15" }, { "model": "interactive service manager web tier", "scope": "eq", "trust": 0.3, "vendor": "mercury", "version": "7.11" }, { "model": "linux arm", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.04" }, { "model": "lotus domino", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.2" }, { "model": "linux lts amd64", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "12.04" }, { "model": "websphere cast iron cloud integration", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.0" }, { "model": "aura sip enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2.1" }, { "model": "hp-ux b.11.11", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "websphere cast iron cloud integration virtual applianc", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.3" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.6" }, { "model": "nonstop server j06.07.00", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "linux enterprise server for vmware sp2", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11" }, { "model": "aura application enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.2" }, { "model": "lotus domino", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.1.1" }, { "model": "nonstop server j06.08.04", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "nonstop server j06.08.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "freeflow print server 82.d1.44", "scope": null, "trust": 0.3, "vendor": "xerox", "version": null }, { "model": "aura system manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "proactive contact", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "4.0" }, { "model": "aura system manager sp2", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "linux enterprise server sp1 for vmware lt", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11" }, { "model": "java se sr1", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7" }, { "model": "aura communication manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.3" }, { "model": "aura session manager sp2", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "nonstop server h06.15.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "nonstop server h06.24", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "ip office server edition", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "8.1" }, { "model": "tivoli netcool/omnibus fix pack", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "7.2.113" }, { "model": "nonstop server h06.16.00", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "nonstop server h06.18.02", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "nonstop server h06.20.03", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "proactive contact", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "4.2" }, { "model": "call management system r16.3", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "freeflow print server 73.c5.11", "scope": null, "trust": 0.3, "vendor": "xerox", "version": null }, { "model": "voice portal sp3", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.1" }, { "model": "enterprise linux server supplementary", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "tivoli endpoint manager for remote control", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.0" }, { "model": "lotus notes", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.2.3" }, { "model": "nonstop server j06.13.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "iq", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.1.1" }, { "model": "nonstop server h06.23", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "tivoli system automation for integrated operations management", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "2.1.1.4" }, { "model": "aura application enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2.3" }, { "model": "tivoli business service manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.2" }, { "model": "lotus notes", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.2.3" }, { "model": "meeting exchange streaming server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "-6.0" }, { "model": "nonstop server h06.19.02", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "proactive contact", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "4.1" }, { "model": "call management system r", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "16" }, { "model": "java sdk sr2", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7" }, { "model": "iq", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "4.0" }, { "model": "lotus notes", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.2" }, { "model": "lotus notes", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.2.5" }, { "model": "communication server 1000m", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "lotus notes", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.3" }, { "model": "enterprise linux workstation supplementary", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "servicecenter web tier", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "6.2.8" }, { "model": "nonstop server h06.22.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.8" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.2" }, { "model": "message networking", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2.2" }, { "model": "iq", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "4.2" }, { "model": "tivoli netcool/omnibus", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.3" }, { "model": "communication server 1000m signaling server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "lotus domino", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5" }, { "model": "aura messaging", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.1" }, { "model": "meeting exchange recording server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "-6.0" }, { "model": "communication server 1000e", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "message networking", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2.1" }, { "model": "lotus notes", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.2.2" }, { "model": "lotus notes", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.2.1" }, { "model": "nonstop server h06.19.03", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "interactive service manager web tier", "scope": "eq", "trust": 0.3, "vendor": "mercury", "version": "9.31" }, { "model": "websphere message broker", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.0.0.5" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.1" }, { "model": "iq", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "4.1" }, { "model": "aura experience portal", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0.2" }, { "model": "maximo asset management", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.1" }, { "model": "lotus notes", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.2" }, { "model": "maximo asset management essentials", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.5" }, { "model": "aura sip enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "3.1.1" }, { "model": "linux lts i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "12.04" }, { "model": "proactive contact", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "4.2.1" }, { "model": "nonstop server j06.11.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "aura sip enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "3.1" }, { "model": "freeflow print server 73.d4.31", "scope": null, "trust": 0.3, "vendor": "xerox", "version": null }, { "model": "nonstop server j06.15", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "tivoli business service manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1.1" }, { "model": "aura experience portal sp2", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "freeflow print server 81.c3.31", "scope": null, "trust": 0.3, "vendor": "xerox", "version": null }, { "model": "nonstop server h06.21.02", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "tivoli business service manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "4.2.1" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.6.8" }, { "model": "nonstop server h06.20.00", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "aura presence services sp2", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "aura presence services sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "aura system manager sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "tivoli netcool/omnibus fix pack", "scope": "ne", "trust": 0.3, "vendor": "ibm", "version": "7.41" }, { "model": "websphere operational decision management", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.1" }, { "model": "aura system manager sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "hp-ux b.11.31", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "lotus notes", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.2.1" }, { "model": "communication server 1000m signaling server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "7.0" }, { "model": "aura experience portal", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "lotus domino", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.4" }, { "model": "nonstop server j06.05.02", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "communication server 1000e", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "7.0" }, { "model": "nonstop server j06.07.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.2.2" }, { "model": "nonstop server h06.21.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "aura session manager sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "nonstop server h06.19.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "freeflow print server 93.e0.21c", "scope": null, "trust": 0.3, "vendor": "xerox", "version": null }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.5" }, { "model": "lotus notes", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.1.4" }, { "model": "lotus domino", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.2.2" }, { "model": "proactive contact", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "4.1.2" }, { "model": "linux i386", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "11.10" }, { "model": "aura session manager sp2", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "lotus domino", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.1" }, { "model": "nonstop server j06.11.00", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "nonstop server h06.26.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "aura presence services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.1" }, { "model": "linux enterprise server sp1 ltss", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11" }, { "model": "proactive contact", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.0" }, { "model": "ip office application server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "8.1" }, { "model": "messaging application server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2.1" }, { "model": "aura application enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "linux enterprise java sp2", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "11" }, { "model": "lotus notes", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.1.2" }, { "model": "nonstop server j06.04.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "websphere cast iron cloud integration studio", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.3" }, { "model": "aura conferencing sp1 standard", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "lotus notes", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.1.3" }, { "model": "aura system manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.2" }, { "model": "nonstop server j06.04.00", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "nonstop server j06.06.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "aura application enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.1" }, { "model": "lotus notes", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.0.1" }, { "model": "aura session manager sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.2" }, { "model": "mac os", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.6.8" }, { "model": "aura system manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "nonstop server h06.21.00", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "lotus notes", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5" }, { "model": "aura application server sip core", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "53003.0" }, { "model": "nonstop server j06.06.03", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "lotus notes", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.2.4" }, { "model": "nonstop server h06.17.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "lotus notes", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "9.0" }, { "model": "lotus domino", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0" }, { "model": "voice portal", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.1.1" }, { "model": "aura experience portal", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0.1" }, { "model": "lotus domino", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.5.1" }, { "model": "aura experience portal sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "message networking", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2.5" }, { "model": "communication server 1000e signaling server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "aura system manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.3" }, { "model": "aura messaging", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "cms r16", "scope": null, "trust": 0.3, "vendor": "avaya", "version": null }, { "model": "aura system manager sp3", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.2" }, { "model": "voice portal", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "4.0" }, { "model": "aura sip enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "4.0" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "aura application enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2.2" }, { "model": "jdk 1.6.0 01-b06", "scope": null, "trust": 0.3, "vendor": "sun", "version": null }, { "model": "aura conferencing", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "7.0" }, { "model": "nonstop server h06.20.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "aura system manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.2" }, { "model": "conferencing standard edition", "scope": "ne", "trust": 0.3, "vendor": "avaya", "version": "7.0" }, { "model": "meeting exchange webportal", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "-6.0" }, { "model": "nonstop server j06.10.00", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "aura application enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2.1" }, { "model": "websphere message broker", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "8.0.0.2" }, { "model": "nonstop server h06.17.03", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "proactive contact", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.1" }, { "model": "enterprise linux hpc node supplementary", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "6" }, { "model": "enterprise linux desktop supplementary client", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "5" }, { "model": "linux", "scope": null, "trust": 0.3, "vendor": "gentoo", "version": null }, { "model": "linux powerpc", "scope": "eq", "trust": 0.3, "vendor": "ubuntu", "version": "10.04" }, { "model": "maximo asset management", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.2" }, { "model": "nonstop server h06.16.02", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "message networking", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2.4" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "communication server 1000e signaling server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "7.5" }, { "model": "aura communication manager utility services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.0.9.8" }, { "model": "tivoli business service manager", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6.1" }, { "model": "nonstop server j06.05.00", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "voice portal", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.1.3" }, { "model": "mac os server", "scope": "eq", "trust": 0.3, "vendor": "apple", "version": "x10.7" }, { "model": "linux enterprise java sp4", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "10" }, { "model": "voice portal", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "4.1" }, { "model": "rational host on-demand", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "11.0" }, { "model": "java se sr12", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "6" }, { "model": "nonstop server h06.20.02", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "service manager p2", "scope": "ne", "trust": 0.3, "vendor": "hp", "version": "9.31.2004" }, { "model": "iq", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5" }, { "model": "websphere mq", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.11" }, { "model": "aura sip enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "3.0" }, { "model": "communication server 1000m", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "7.5" }, { "model": "communication server 1000e signaling server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "7.0" }, { "model": "nonstop server j06.09.02", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "proactive contact", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "4.0.1" }, { "model": "tivoli netcool/omnibus", "scope": "eq", "trust": 0.3, "vendor": "ibm", "version": "7.4" }, { "model": "nonstop server h06.17.02", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "freeflow print server 73.d2.33", "scope": null, "trust": 0.3, "vendor": "xerox", "version": null }, { "model": "nonstop server j06.08.03", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "iq", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.1" }, { "model": "aura conferencing standard", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "nonstop server j06.10.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "communication server 1000m signaling server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "7.5" }, { "model": "nonstop server h06.25.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "nonstop server h06.18.01", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "aura application server sip core", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "53002.1" }, { "model": "communication server 1000e", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "7.5" }, { "model": "nonstop server h06.27", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "nonstop server h06.17.00", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "service manager", "scope": "eq", "trust": 0.3, "vendor": "hp", "version": "9.30" }, { "model": "nonstop server j06.14.02", "scope": null, "trust": 0.3, "vendor": "hp", "version": null }, { "model": "communication server 1000m", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "7.0" } ], "sources": [ { "db": "CERT/CC", "id": "VU#858729" }, { "db": "BID", "id": "57714" }, { "db": "CNNVD", "id": "CNNVD-201302-009" }, { "db": "NVD", "id": "CVE-2013-0419" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update9:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update10:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update11:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update7:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update6:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update5:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update7:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update11:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update9:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update10:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_5:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_13:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_16:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_20:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_15:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_6:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_19:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update32:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update22:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_14:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update30:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_21:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_12:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_11:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update35:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update27:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update26:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_18:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_10:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_9:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update33:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update25:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update24:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_17:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jre:1.6.0:update_7:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update31:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update23:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update29:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update38:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update37:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update34:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_7:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_19:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_13:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_11:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_10:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_14:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_17:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update27:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update25:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_18:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update33:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update24:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update23:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_16:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_15:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_6:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_5:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update32:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update31:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update22:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_21:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update29:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_20:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update_12:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update1_b06:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:sun:jdk:1.6.0:update1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update37:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update35:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update26:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update34:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update38:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update30:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2013-0419" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Oracle", "sources": [ { "db": "BID", "id": "57714" } ], "trust": 0.3 }, "cve": "CVE-2013-0419", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "COMPLETE", "baseScore": 7.6, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 4.9, "impactScore": 10.0, "integrityImpact": "COMPLETE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "NVD", "id": "CVE-2013-0419", "trust": 1.0, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-201302-009", "trust": 0.6, "value": "HIGH" } ] } ], "sources": [ { "db": "CNNVD", "id": "CNNVD-201302-009" }, { "db": "NVD", "id": "CVE-2013-0419" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than other CVEs listed in the February 2013 CPU. Java 7 Update 11, Java 6 Update 38, and earlier versions of Java contain vulnerabilities that can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. \nThe vulnerability can be exploited over multiple protocols. This issue affects the \u0027Deployment\u0027 sub-component. \nThis vulnerability affects the following supported versions:\n7 Update 11 and prior, 6 Update 38 and prior, 5.0 Update 38 and prior\nNote: This issue was previously discussed in BID 57670 (Oracle Java Runtime Environment Multiple Security Vulnerabilities) but has been given its own record to better document it. In a typical operating environment, these are of low security risk as\nthe runtime is not used on untrusted applets. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nAPPLE-SA-2013-02-19-1 Java for OS X 2013-001 and Mac OS X v10.6\nUpdate 13\n\nJava for OS X 2013-001 and Mac OS X v10.6 Update 13 is now available\nand addresses the following:\n\nJava\nAvailable for: OS X Lion v10.7 or later,\nOS X Lion Server v10.7 or later, OS X Mountain Lion 10.8 or later\nImpact: Multiple vulnerabilities in Java 1.6.0_37\nDescription: Multiple vulnerabilities existed in Java 1.6.0_37, the\nmost serious of which may allow an untrusted Java applet to execute\narbitrary code outside the Java sandbox. Visiting a web page\ncontaining a maliciously crafted untrusted Java applet may lead to\narbitrary code execution with the privileges of the current user. \nThese issues were addressed by updating to Java version 1.6.0_41. For\nMac OS X v10.6 systems, these issues were addressed in Java for Mac\nOS X v10.6 Update 13. Further information is available via the Java\nwebsite at http://www.oracle.com/technetwork/java/javase/\nreleasenotes-136954.html\nCVE-ID\nCVE-2012-3213\nCVE-2012-3342\nCVE-2013-0351\nCVE-2013-0409\nCVE-2013-0419\nCVE-2013-0423\nCVE-2013-0424\nCVE-2013-0425\nCVE-2013-0426\nCVE-2013-0427\nCVE-2013-0428\nCVE-2013-0429\nCVE-2013-0432\nCVE-2013-0433\nCVE-2013-0434\nCVE-2013-0435\nCVE-2013-0438\nCVE-2013-0440\nCVE-2013-0441\nCVE-2013-0442\nCVE-2013-0443\nCVE-2013-0445\nCVE-2013-0446\nCVE-2013-0450\nCVE-2013-1473\nCVE-2013-1475\nCVE-2013-1476\nCVE-2013-1478\nCVE-2013-1480\nCVE-2013-1481\n\nJava\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7 or later, OS X Lion Server v10.7 or later,\nOS X Mountain Lion 10.8 or later\nImpact: Multiple vulnerabilities in Java\nDescription: Multiple vulnerabilities existed in Java, the most\nserious of which may allow an untrusted Java applet to execute\narbitrary code outside the Java sandbox. Visiting a web page\ncontaining a maliciously crafted untrusted Java applet may lead to\narbitrary code execution with the privileges of the current user. \nThese issues were addressed by updating to Java version 1.6.0_41. \nFurther information is available via the Java website at http://www.o\nracle.com/technetwork/java/javase/releasenotes-136954.html\nCVE-ID\nCVE-2013-1486\nCVE-2013-1487\nCVE-2013-1488\n\nMalware removal\nAvailable for: Mac OS X v10.6.8, Mac OS X Server v10.6.8,\nOS X Lion v10.7 or later, OS X Lion Server v10.7 or later,\nOS X Mountain Lion 10.8 or later\nDescription: This update runs a malware removal tool that will\nremove the most common variants of malware. If malware is found, it\npresents a dialog notifying the user that malware was removed. There\nis no indication to the user if malware is not found. \n\n\nJava for OS X 2013-001 and Java for Mac OS X 10.6 Update 13\nmay be obtained from the Software Update pane in System Preferences,\nMac App Store, or Apple\u0027s Software Downloads web site:\nhttp://www.apple.com/support/downloads/\n\nFor Mac OS X v10.6 systems\nThe download file is named: JavaForMacOSX10.6.Update13.dmg\nIts SHA-1 digest is: 5327984bc0b300c237fe69cecf69513624f56b0e\n\nFor OS X Lion and Mountain Lion systems\nThe download file is named: JavaForOSX2013-001.dmg\nIts SHA-1 digest is: 145d74354241cf2f567d2768bbd0a7185e7d308a\n\nInformation will also be posted to the Apple Security Updates\nweb site: http://support.apple.com/kb/HT1222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG/MacGPG2 v2.0.17 (Darwin)\nComment: GPGTools - http://gpgtools.org\n\niQIcBAEBAgAGBQJRI/A/AAoJEPefwLHPlZEwDp4QAKz9nfo397KaudpFDey26bsb\nGNR8HQ3Z5Ln0ArgwBcc2XabzIYXsjmY7nPdZgq1m0sWgFGWtfQ7qslRooUyNLOsB\nWUddu+hQYvPn3CJOZsaPfTA2mfK6Qk9LeyqzUUkZrRNltHnIFMO7uXLEIdrFdnnx\nexFMPjbIq+xM5UZgvd/2grtF4DaZHnbcK+t/tDwH09/hGRQ+l+3a/3FB2S1Av85c\nFSuiieyrz2NNnDwFCj5NeSFQuK7hr52TiSOEPYI2eiTepyBHrUy03wAe8uwIzQII\nRjkY3Nbc8AZt0Q6lq5TgsQbH+vrwVE07nty36uMKmE2vJXyOAIZjfrrwv9SetLwd\nQnU5NYMbeHAHmSN5JQfuvDxEfL15/7Jafw2noJGotdrMzs6XQACFIHKqLORdwNkp\nsltj3LwykpcyoCR8Dq7NPafqhp2wySaHX8DFSohcq1aa1w+SLDgPCZUAzknwokCL\nf/hVQzP6hD0uHP/2jsLjh5g6TgHmCRdR+CKCs7QZaYAUketelRX9YOcgcXzqf5sy\nEcbDvJ+rd3KsQ9gIByGwVhHD87NSZDJAyG0ROjMMS9w/7l7nhGxedzGzlyK3oNl/\nVpewgZ8FpUrvY80HOPz5XyFmX+HQoSnJ8er6OI5AvHBPn+Z1yHDLS5zpLeDD/wO9\nrmbzMJjZUnlCDXoLEVQ9\n=qlVo\n-----END PGP SIGNATURE-----\n. ============================================================================\nUbuntu Security Notice USN-1724-1\nFebruary 14, 2013\n\nopenjdk-6, openjdk-7 vulnerabilities\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 12.10\n- Ubuntu 12.04 LTS\n- Ubuntu 11.10\n- Ubuntu 10.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in OpenJDK. \n\nSoftware Description:\n- openjdk-7: Open Source Java implementation\n- openjdk-6: Open Source Java implementation\n\nDetails:\n\nSeveral vulnerabilities were discovered in the OpenJDK JRE related to\ninformation disclosure and data integrity. An attacker could exploit these\nto cause a denial of service. (CVE-2012-1541, CVE-2012-3342, CVE-2013-0351,\nCVE-2013-0419, CVE-2013-0423, CVE-2013-0446, CVE-2012-3213, CVE-2013-0425,\nCVE-2013-0426, CVE-2013-0428, CVE-2013-0429, CVE-2013-0430, CVE-2013-0441,\nCVE-2013-0442, CVE-2013-0445, CVE-2013-0450, CVE-2013-1475, CVE-2013-1476,\nCVE-2013-1478, CVE-2013-1480)\n\nVulnerabilities were discovered in the OpenJDK JRE related to information\ndisclosure. (CVE-2013-0409, CVE-2013-0434, CVE-2013-0438)\n\nSeveral data integrity vulnerabilities were discovered in the OpenJDK JRE. \n(CVE-2013-0424, CVE-2013-0427, CVE-2013-0433, CVE-2013-1473)\n\nSeveral vulnerabilities were discovered in the OpenJDK JRE related to\ninformation disclosure and data integrity. (CVE-2013-0432, CVE-2013-0435,\nCVE-2013-0443)\n\nA vulnerability was discovered in the OpenJDK JRE related to availability. \nAn attacker could exploit this to cause a denial of service. \n(CVE-2013-0440)\n\nA vulnerability was discovered in the OpenJDK JRE related to information\ndisclosure and data integrity. An attacker could exploit this to cause a\ndenial of service. This issue only affected Ubuntu 12.10. (CVE-2013-0444)\n\nA data integrity vulnerability was discovered in the OpenJDK JRE. This\nissue only affected Ubuntu 12.10. (CVE-2013-0448)\n\nAn information disclosure vulnerability was discovered in the OpenJDK JRE. \nThis issue only affected Ubuntu 12.10. (CVE-2013-0449)\n\nA vulnerability was discovered in the OpenJDK JRE related to information\ndisclosure and data integrity. An attacker could exploit this to cause a\ndenial of service. (CVE-2013-1481)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 12.10:\n icedtea-7-jre-jamvm 7u13-2.3.6-0ubuntu0.12.10.1\n openjdk-7-jre 7u13-2.3.6-0ubuntu0.12.10.1\n openjdk-7-jre-headless 7u13-2.3.6-0ubuntu0.12.10.1\n openjdk-7-jre-lib 7u13-2.3.6-0ubuntu0.12.10.1\n openjdk-7-jre-zero 7u13-2.3.6-0ubuntu0.12.10.1\n\nUbuntu 12.04 LTS:\n icedtea-6-jre-cacao 6b27-1.12.1-2ubuntu0.12.04.2\n icedtea-6-jre-jamvm 6b27-1.12.1-2ubuntu0.12.04.2\n openjdk-6-jre 6b27-1.12.1-2ubuntu0.12.04.2\n openjdk-6-jre-headless 6b27-1.12.1-2ubuntu0.12.04.2\n openjdk-6-jre-lib 6b27-1.12.1-2ubuntu0.12.04.2\n openjdk-6-jre-zero 6b27-1.12.1-2ubuntu0.12.04.2\n\nUbuntu 11.10:\n icedtea-6-jre-cacao 6b27-1.12.1-2ubuntu0.11.10.2\n icedtea-6-jre-jamvm 6b27-1.12.1-2ubuntu0.11.10.2\n openjdk-6-jre 6b27-1.12.1-2ubuntu0.11.10.2\n openjdk-6-jre-headless 6b27-1.12.1-2ubuntu0.11.10.2\n openjdk-6-jre-lib 6b27-1.12.1-2ubuntu0.11.10.2\n openjdk-6-jre-zero 6b27-1.12.1-2ubuntu0.11.10.2\n\nUbuntu 10.04 LTS:\n icedtea-6-jre-cacao 6b27-1.12.1-2ubuntu0.10.04.2\n openjdk-6-jre 6b27-1.12.1-2ubuntu0.10.04.2\n openjdk-6-jre-headless 6b27-1.12.1-2ubuntu0.10.04.2\n openjdk-6-jre-lib 6b27-1.12.1-2ubuntu0.10.04.2\n openjdk-6-jre-zero 6b27-1.12.1-2ubuntu0.10.04.2\n\nThis update uses a new upstream release which includes additional bug\nfixes. After a standard system update you need to restart any Java\napplications or applets to make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: java-1.6.0-sun security update\nAdvisory ID: RHSA-2013:0236-01\nProduct: Red Hat Enterprise Linux Extras\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2013-0236.html\nIssue date: 2013-02-04\nCVE Names: CVE-2012-1541 CVE-2012-3213 CVE-2012-3342 \n CVE-2013-0351 CVE-2013-0409 CVE-2013-0419 \n CVE-2013-0423 CVE-2013-0424 CVE-2013-0425 \n CVE-2013-0426 CVE-2013-0427 CVE-2013-0428 \n CVE-2013-0429 CVE-2013-0430 CVE-2013-0432 \n CVE-2013-0433 CVE-2013-0434 CVE-2013-0435 \n CVE-2013-0438 CVE-2013-0440 CVE-2013-0441 \n CVE-2013-0442 CVE-2013-0443 CVE-2013-0445 \n CVE-2013-0446 CVE-2013-0450 CVE-2013-1473 \n CVE-2013-1475 CVE-2013-1476 CVE-2013-1478 \n CVE-2013-1480 CVE-2013-1481 \n=====================================================================\n\n1. Summary:\n\nUpdated java-1.6.0-sun packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 5 and 6 Supplementary. \n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Desktop Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux HPC Node Supplementary (v. 6) - x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 5) - i386, x86_64\nRed Hat Enterprise Linux Server Supplementary (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Workstation Supplementary (v. 6) - i386, x86_64\n\n3. \n(CVE-2012-1541, CVE-2012-3213, CVE-2012-3342, CVE-2013-0351, CVE-2013-0409,\nCVE-2013-0419, CVE-2013-0423, CVE-2013-0424, CVE-2013-0425, CVE-2013-0426,\nCVE-2013-0427, CVE-2013-0428, CVE-2013-0429, CVE-2013-0430, CVE-2013-0432,\nCVE-2013-0433, CVE-2013-0434, CVE-2013-0435, CVE-2013-0438, CVE-2013-0440,\nCVE-2013-0441, CVE-2013-0442, CVE-2013-0443, CVE-2013-0445, CVE-2013-0446,\nCVE-2013-0450, CVE-2013-1473, CVE-2013-1475, CVE-2013-1476, CVE-2013-1478,\nCVE-2013-1480, CVE-2013-1481)\n\nAll users of java-1.6.0-sun are advised to upgrade to these updated\npackages, which provide Oracle Java 6 Update 39. All running instances of\nOracle Java must be restarted for the update to take effect. \n\n4. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/knowledge/articles/11258\n\n5. Bugs fixed (http://bugzilla.redhat.com/):\n\n859140 - CVE-2013-0440 OpenJDK: CPU consumption DoS via repeated SSL ClientHello packets (JSSE, 7192393)\n860652 - CVE-2013-1475 OpenJDK: IIOP type reuse sandbox bypass (CORBA, 8000540, SE-2012-01 Issue 50)\n906813 - CVE-2013-0424 OpenJDK: RMI CGIHandler XSS issue (RMI, 6563318)\n906892 - CVE-2013-0435 OpenJDK: com.sun.xml.internal.* not restricted packages (JAX-WS, 7201068)\n906894 - CVE-2013-1478 OpenJDK: image parser insufficient raster parameter checks (2D, 8001972)\n906899 - CVE-2013-0442 OpenJDK: insufficient privilege checking issue (AWT, 7192977)\n906900 - CVE-2013-0445 OpenJDK: insufficient privilege checking issue (AWT, 8001057)\n906904 - CVE-2013-1480 OpenJDK: image parser insufficient raster parameter checks (AWT, 8002325)\n906911 - CVE-2013-0450 OpenJDK: RequiredModelMBean missing access control context checks (JMX, 8000537)\n906914 - CVE-2012-1541 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment)\n906916 - CVE-2013-0446 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment)\n906917 - CVE-2012-3342 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment)\n906918 - CVE-2013-0419 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment)\n906921 - CVE-2013-0423 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment)\n906923 - CVE-2013-0351 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment)\n906930 - CVE-2013-0430 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Install)\n906933 - CVE-2013-1473 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment)\n906935 - CVE-2013-0438 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Deployment)\n907207 - CVE-2013-0428 OpenJDK: reflection API incorrect checks for proxy classes (Libraries, 7197546, SE-2012-01 Issue 29)\n907219 - CVE-2013-0432 OpenJDK: insufficient clipboard access premission checks (AWT, 7186952)\n907223 - CVE-2012-3213 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (Scripting)\n907224 - CVE-2013-1481 Oracle JDK: unspecified vulnerability fixed in 6u39 (Sound)\n907226 - CVE-2013-0409 Oracle JDK: unspecified vulnerability fixed in 6u39 and 7u13 (JMX)\n907340 - CVE-2013-0443 OpenJDK: insufficient Diffie-Hellman public key checks (JSSE, 7192392)\n907344 - CVE-2013-0425 OpenJDK: logging insufficient access control checks (Libraries, 6664509)\n907346 - CVE-2013-0426 OpenJDK: logging insufficient access control checks (Libraries, 6664528)\n907453 - CVE-2013-0434 OpenJDK: loadPropertyFile missing restrictions (JAXP, 8001235)\n907455 - CVE-2013-0427 OpenJDK: invalid threads subject to interrupts (Libraries, 6776941)\n907456 - CVE-2013-0433 OpenJDK: InetSocketAddress serialization issue (Networking, 7201071)\n907457 - CVE-2013-1476 OpenJDK: missing ValueHandlerImpl class constructor access restriction (CORBA, 8000631)\n907458 - CVE-2013-0441 OpenJDK: missing serialization restriction (CORBA, 7201066)\n907460 - CVE-2013-0429 OpenJDK: PresentationManager incorrectly shared (CORBA, 7141694)\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 5):\n\ni386:\njava-1.6.0-sun-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-demo-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-devel-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-jdbc-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-plugin-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-src-1.6.0.39-1jpp.4.el5_9.i586.rpm\n\nx86_64:\njava-1.6.0-sun-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-1.6.0.39-1jpp.4.el5_9.x86_64.rpm\njava-1.6.0-sun-demo-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-demo-1.6.0.39-1jpp.4.el5_9.x86_64.rpm\njava-1.6.0-sun-devel-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-devel-1.6.0.39-1jpp.4.el5_9.x86_64.rpm\njava-1.6.0-sun-jdbc-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-jdbc-1.6.0.39-1jpp.4.el5_9.x86_64.rpm\njava-1.6.0-sun-plugin-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-plugin-1.6.0.39-1jpp.4.el5_9.x86_64.rpm\njava-1.6.0-sun-src-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-src-1.6.0.39-1jpp.4.el5_9.x86_64.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 5):\n\ni386:\njava-1.6.0-sun-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-demo-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-devel-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-jdbc-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-plugin-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-src-1.6.0.39-1jpp.4.el5_9.i586.rpm\n\nx86_64:\njava-1.6.0-sun-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-1.6.0.39-1jpp.4.el5_9.x86_64.rpm\njava-1.6.0-sun-demo-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-demo-1.6.0.39-1jpp.4.el5_9.x86_64.rpm\njava-1.6.0-sun-devel-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-devel-1.6.0.39-1jpp.4.el5_9.x86_64.rpm\njava-1.6.0-sun-jdbc-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-jdbc-1.6.0.39-1jpp.4.el5_9.x86_64.rpm\njava-1.6.0-sun-plugin-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-plugin-1.6.0.39-1jpp.4.el5_9.x86_64.rpm\njava-1.6.0-sun-src-1.6.0.39-1jpp.4.el5_9.i586.rpm\njava-1.6.0-sun-src-1.6.0.39-1jpp.4.el5_9.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Supplementary (v. 6):\n\ni386:\njava-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-demo-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-jdbc-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-plugin-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-src-1.6.0.39-1jpp.1.el6_3.i686.rpm\n\nx86_64:\njava-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\njava-1.6.0-sun-demo-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\njava-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\njava-1.6.0-sun-jdbc-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\njava-1.6.0-sun-plugin-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\njava-1.6.0-sun-src-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Supplementary (v. 6):\n\nx86_64:\njava-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\njava-1.6.0-sun-demo-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\njava-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\njava-1.6.0-sun-src-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\n\nRed Hat Enterprise Linux Server Supplementary (v. 6):\n\ni386:\njava-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-demo-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-jdbc-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-plugin-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-src-1.6.0.39-1jpp.1.el6_3.i686.rpm\n\nx86_64:\njava-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\njava-1.6.0-sun-demo-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\njava-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\njava-1.6.0-sun-jdbc-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\njava-1.6.0-sun-plugin-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\njava-1.6.0-sun-src-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Supplementary (v. 6):\n\ni386:\njava-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-demo-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-jdbc-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-plugin-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-src-1.6.0.39-1jpp.1.el6_3.i686.rpm\n\nx86_64:\njava-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\njava-1.6.0-sun-demo-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\njava-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.i686.rpm\njava-1.6.0-sun-devel-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\njava-1.6.0-sun-jdbc-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\njava-1.6.0-sun-plugin-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\njava-1.6.0-sun-src-1.6.0.39-1jpp.1.el6_3.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2012-1541.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-3213.html\nhttps://www.redhat.com/security/data/cve/CVE-2012-3342.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0351.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0409.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0419.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0423.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0424.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0425.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0426.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0427.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0428.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0429.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0430.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0432.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0433.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0434.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0435.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0438.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0440.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0441.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0442.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0443.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0445.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0446.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-0450.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1473.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1475.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1476.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1478.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1480.html\nhttps://www.redhat.com/security/data/cve/CVE-2013-1481.html\nhttps://access.redhat.com/security/updates/classification/#critical\nhttp://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2013 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFREE7WXlSAg2UNWIIRAuWTAJ4g2iIk0XnUEpbIXz6nDgDjaHxz7ACbBcjy\ngqkoqFew2BZDYA/n817qYO8=\n=m5pJ\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nOracle Java Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA52064\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/52064/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52064\n\nRELEASE DATE:\n2013-02-02\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/52064/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/52064/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52064\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Oracle Java, which can\nbe exploited by malicious local users to gain escalated privileges and\nby malicious people to disclose certain sensitive information,\nmanipulate certain data, cause a DoS (Denial of Service), and\ncompromise a vulnerable system. \n\n1) An unspecified error in the 2D component of the client and server\ndeployment can be exploited to potentially execute arbitrary code. \n\n2) An unspecified error in the 2D component of the client and server\ndeployment can be exploited to potentially execute arbitrary code. \n\n3) An unspecified error in the AWT component of the client deployment\ncan be exploited to potentially execute arbitrary code. \n\n4) An unspecified error in the AWT component of the client deployment\ncan be exploited to potentially execute arbitrary code. \n\n5) An unspecified error in the AWT component of the client and server\ndeployment can be exploited to potentially execute arbitrary code. \n\n6) An unspecified error in the CORBA component of the client\ndeployment can be exploited to potentially execute arbitrary code. \n\n7) An unspecified error in the CORBA component of the client\ndeployment can be exploited to potentially execute arbitrary code. \n\n8) An unspecified error in the CORBA component of the client\ndeployment can be exploited to potentially execute arbitrary code. \n\n9) An unspecified error in the Deployment component of the client\ndeployment can be exploited to potentially execute arbitrary code. \n\n10) An unspecified error in the Deployment component of the client\ndeployment can be exploited to potentially execute arbitrary code. \n\n11) An unspecified error in the Deployment component of the client\ndeployment can be exploited to potentially execute arbitrary code. \n\n12) An unspecified error in the JMX component of the client\ndeployment can be exploited to potentially execute arbitrary code. \n\n13) An unspecified error in the JavaFX component of the client\ndeployment can be exploited to potentially execute arbitrary code. \n\n14) An unspecified error in the Libraries component of the client\ndeployment can be exploited to potentially execute arbitrary code. \n\n15) An unspecified error in the Libraries component of the client\ndeployment can be exploited to potentially execute arbitrary code. \n\n16) An unspecified error in the Libraries component of the client\ndeployment can be exploited to potentially execute arbitrary code. \n\n17) An unspecified error in the Scripting component of the client\ndeployment can be exploited to potentially execute arbitrary code. \n\n18) An unspecified error in the Sound component of the client\ndeployment can be exploited to potentially execute arbitrary code. \n\n19) An unspecified error in the Beans component of the client\ndeployment can be exploited to potentially execute arbitrary code. \n\n20) An unspecified error in the CORBA component of the client\ndeployment can be exploited to potentially execute arbitrary code. \n\n21) An unspecified error in the Deployment component of the client\ndeployment can be exploited to potentially execute arbitrary code. \n\n22) An unspecified error in the Deployment component of the client\ndeployment can be exploited to potentially execute arbitrary code. \n\n23) An unspecified error in the Deployment component of the client\ndeployment can be exploited to disclose and manipulate certain data\nand cause a DoS. \n\n24) An unspecified error in the Install component of the client\ndeployment can be exploited by a local user to gain escalated\nprivileges. \n\n25) An unspecified error in the AWT component of the client\ndeployment can be exploited to disclose and manipulate certain data. \n\n26) An unspecified error in the Deployment component of the client\ndeployment can be exploited to disclose certain data. \n\n27) An unspecified error in the Deployment component of the client\ndeployment can be exploited to manipulate certain data. \n\n28) An unspecified error in the JAX-WS component of the client\ndeployment can be exploited to disclose certain data. \n\n29) An unspecified error in the JAXP component of the client\ndeployment can be exploited to disclose certain data. \n\n30) An unspecified error in the JMX component of the client\ndeployment can be exploited to disclose certain data. \n\n31) An unspecified error in the JMX component of the client\ndeployment can be exploited to disclose certain data. \n\n32) An unspecified error in the Libraries component of the client\ndeployment can be exploited to manipulate certain data. \n\n33) An unspecified error in the Libraries component of the client\ndeployment can be exploited to manipulate certain data. \n\n34) An unspecified error in the Networking component of the client\ndeployment can be exploited to manipulate certain data. \n\n35) An unspecified error in the RMI component of the client\ndeployment can be exploited to manipulate certain data. \n\n36) An unspecified error in the JSSE component of the server\ndeployment can be exploited via SSL/TLS to cause a DoS. \n\n37) An unspecified error in the Deployment component of the client\ndeployment can be exploited to disclose certain data. \n\n38) An unspecified error in the JSSE component of the client\ndeployment can be exploited via SSL/TLS to disclose and manipulate\ncertain data. \n\nThe vulnerabilities are reported in the following products:\n* JDK and JRE 7 Update 11 and earlier. \n* JDK and JRE 6 Update 38 and earlier. \n* JDK and JRE 5.0 Update 38 and earlier. \n* SDK and JRE 1.4.2_40 and earlier. \n\nSOLUTION:\nApply updates. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\nOne of the vulnerabilities is reported as a 0-day. It is currently\nunclear who reported the remaining vulnerabilities as the Oracle Jave\nSE Critical Patch Update for February 2013 only provides a bundled\nlist of credits. This section will be updated when/if the original\nreporter provides more information. \n\nORIGINAL ADVISORY:\nhttp://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html\nhttp://www.oracle.com/technetwork/topics/security/javacpufeb2013verbose-1841196.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nNote: the current version of the following document is available here:\nhttps://h20566.www2.hp.com/portal/site/hpsc/public/kb/\ndocDisplay?docId=emr_na-c03725347\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c03725347\nVersion: 1\n\nHPSBUX02864 SSRT101156 rev.1 - HP-UX Running Java, Remote Unauthorized\nAccess, Disclosure of Information, and Other Vulnerabilities\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nReferences: CVE-2012-1541, CVE-2012-3213, CVE-2012-3342, CVE-2013-0351,\nCVE-2013-0409, CVE-2013-0419, CVE-2013-0423, CVE-2013-0424, CVE-2013-0425,\nCVE-2013-0426, CVE-2013-0427, CVE-2013-0428, CVE-2013-0429, CVE-2013-0432,\nCVE-2013-0433, CVE-2013-0434, CVE-2013-0435, CVE-2013-0438, CVE-2013-0440,\nCVE-2013-0441, CVE-2013-0442, CVE-2013-0443, CVE-2013-0445, CVE-2013-0446,\nCVE-2013-0450, CVE-2013-0809, CVE-2013-1473, CVE-2013-1475, CVE-2013-1476,\nCVE-2013-1478, CVE-2013-1480, CVE-2013-1481, CVE-2013-1493\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.11, B.11.23, and B.11.31 running HP JDK and JRE v6.0.17 and\nearlier\n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2012-1541 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2012-3213 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2012-3342 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-0351 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5\nCVE-2013-0409 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\nCVE-2013-0419 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6\nCVE-2013-0423 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6\nCVE-2013-0424 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2013-0425 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-0426 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-0427 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2013-0428 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-0429 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6\nCVE-2013-0432 (AV:N/AC:L/Au:N/C:P/I:P/A:N) 6.4\nCVE-2013-0433 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2013-0434 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\nCVE-2013-0435 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0\nCVE-2013-0438 (AV:N/AC:M/Au:N/C:P/I:N/A:N) 4.3\nCVE-2013-0440 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0\nCVE-2013-0441 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-0442 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-0443 (AV:N/AC:H/Au:N/C:P/I:P/A:N) 4.0\nCVE-2013-0445 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-0446 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-0450 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-0809 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-1473 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0\nCVE-2013-1475 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-1476 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-1478 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-1480 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-1481 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\nCVE-2013-1493 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has provided the following Java version upgrade to resolve these\nvulnerabilities. \nThe upgrade is available from the following location\n\nhttp://www.hp.com/java\n\nOS Version\n Release Version\n\nHP-UX B.11.11, B.11.23, B.11.31\n JDK and JRE v6.0.18 or subsequent\n\nMANUAL ACTIONS: Yes - Update\nFor Java v6.0 update to Java v6.0.18 or subsequent\n\nPRODUCT SPECIFIC INFORMATION\n\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application\nthat replaces HP-UX Security Patch Check. It analyzes all Security Bulletins\nissued by HP and lists recommended actions that may apply to a specific HP-UX\nsystem. It can also download patches and create a depot automatically. For\nmore information see https://www.hp.com/go/swa\n\nThe following text is for use by the HP-UX Software Assistant. \n\nAFFECTED VERSIONS\n\nHP-UX B.11.11\nHP-UX B.11.23\n===========\nJdk60.JDK60-COM\nJdk60.JDK60-PA20\nJdk60.JDK60-PA20W\nJre60.JRE60-COM\nJre60.JRE60-COM-DOC\nJre60.JRE60-PA20\nJre60.JRE60-PA20-HS\nJre60.JRE60-PA20W\nJre60.JRE60-PA20W-HS\nJdk60.JDK60-IPF32\nJdk60.JDK60-IPF64\nJre60.JRE60-COM\nJre60.JRE60-IPF32\nJre60.JRE60-IPF32-HS\nJre60.JRE60-IPF64\nJre60.JRE60-IPF64-HS\naction: install revision 1.6.0.18.00 or subsequent\n\nHP-UX B.11.23\nHP-UX B.11.31\n===========\nJdk60.JDK60-COM\nJdk60.JDK60-IPF32\nJdk60.JDK60-IPF64\nJre60.JRE60-IPF32\nJre60.JRE60-IPF32-HS\nJre60.JRE60-IPF64\nJre60.JRE60-IPF64-HS\nJre60.JRE60-COM\nJre60.JRE60-IPF32\nJre60.JRE60-IPF32-HS\nJre60.JRE60-IPF64\nJre60.JRE60-IPF64-HS\n\naction: install revision 1.6.0.18.00 or subsequent\n\nEND AFFECTED VERSIONS\n\nHISTORY\nVersion:1 (rev.1) - 3 April 2013 Initial release\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running HP software products should be applied in\naccordance with the customer\u0027s patch management policy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HP Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nReport: To report a potential security vulnerability with any HP supported\nproduct, send Email to: security-alert@hp.com\n\nSubscribe: To initiate a subscription to receive future HP Security Bulletin\nalerts via Email:\nhttp://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins\n\nSecurity Bulletin List: A list of HP Security Bulletins, updated\nperiodically, is contained in HP Security Notice HPSN-2011-001:\nhttps://h20566.www2.hp.com/portal/site/hpsc/public/kb/\ndocDisplay?docId=emr_na-c02964430\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here:\nhttp://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HP General Software\nHF = HP Hardware and Firmware\nMP = MPE/iX\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPI = Printing and Imaging\nPV = ProCurve\nST = Storage Software\nTU = Tru64 UNIX\nUX = HP-UX\n\nCopyright 2013 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors\nor omissions contained herein. The information provided is provided \"as is\"\nwithout warranty of any kind. To the extent permitted by law, neither HP or\nits affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits;damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. \nHewlett-Packard Company and the names of Hewlett-Packard products referenced\nherein are trademarks of Hewlett-Packard Company in the United States and\nother countries. Other product and company names mentioned herein may be\ntrademarks of their respective owners", "sources": [ { "db": "NVD", "id": "CVE-2013-0419" }, { "db": "CERT/CC", "id": "VU#858729" }, { "db": "BID", "id": "57714" }, { "db": "PACKETSTORM", "id": "123734" }, { "db": "PACKETSTORM", "id": "120419" }, { "db": "PACKETSTORM", "id": "120036" }, { "db": "PACKETSTORM", "id": "120334" }, { "db": "PACKETSTORM", "id": "120030" }, { "db": "PACKETSTORM", "id": "120009" }, { "db": "PACKETSTORM", "id": "121286" }, { "db": "PACKETSTORM", "id": "120031" } ], "trust": 2.61 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "CERT/CC", "id": "VU#858729", "trust": 2.7 }, { "db": "NVD", "id": "CVE-2013-0419", "trust": 2.6 }, { "db": "BID", "id": "57714", "trust": 1.9 }, { "db": "USCERT", "id": "TA13-032A", "trust": 1.6 }, { "db": "CNNVD", "id": "CNNVD-201302-009", "trust": 0.6 }, { "db": "ICS CERT", "id": "ICSA-17-213-02", "trust": 0.3 }, { "db": "PACKETSTORM", "id": "123734", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "120419", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "120036", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "120334", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "120030", "trust": 0.1 }, { "db": "SECUNIA", "id": "52064", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "120009", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "121286", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "120031", "trust": 0.1 } ], "sources": [ { "db": "CERT/CC", "id": "VU#858729" }, { "db": "BID", "id": "57714" }, { "db": "PACKETSTORM", "id": "123734" }, { "db": "PACKETSTORM", "id": "120419" }, { "db": "PACKETSTORM", "id": "120036" }, { "db": "PACKETSTORM", "id": "120334" }, { "db": "PACKETSTORM", "id": "120030" }, { "db": "PACKETSTORM", "id": "120009" }, { "db": "PACKETSTORM", "id": "121286" }, { "db": "PACKETSTORM", "id": "120031" }, { "db": "CNNVD", "id": "CNNVD-201302-009" }, { "db": "NVD", "id": "CVE-2013-0419" } ] }, "id": "VAR-201302-0132", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 1.0 }, "last_update_date": "2024-07-23T21:53:51.971000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "jre-7u13-windows-i586-iftw", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45164" }, { "title": "jre-6u39-linux-i586", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45168" }, { "title": "jre-6u39-solaris-sparcv9", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45172" }, { "title": "jre-6u39-linux-ia64", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45176" }, { "title": "jre-7u13-windows-x64", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45167" }, { "title": "jre-7u13-windows-i586", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45166" }, { "title": "jre-6u39-solaris-i586", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45170" }, { "title": "jre-6u39-windows-i586-iftw-k", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45174" }, { "title": "jre-7u13-windows-i586", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45165" }, { "title": "jre-6u39-linux-x64", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45169" }, { "title": "jre-6u39-solaris-x64", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45173" }, { "title": "jre-6u39-windows-ia64", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45177" }, { "title": "jre-7u13-solaris-sparcv9", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45163" }, { "title": "jre-6u39-solaris-sparc", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45171" }, { "title": "jre-6u39-windows-x64", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45175" }, { "title": "jre-7u13-solaris-sparc", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45162" } ], "sources": [ { "db": "CNNVD", "id": "CNNVD-201302-009" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "NVD-CWE-noinfo", "trust": 1.0 } ], "sources": [ { "db": "NVD", "id": "CVE-2013-0419" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 3.0, "url": "http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html" }, { "trust": 1.9, "url": "http://www.kb.cert.org/vuls/id/858729" }, { "trust": 1.7, "url": "http://rhn.redhat.com/errata/rhsa-2013-1455.html" }, { "trust": 1.7, "url": "http://rhn.redhat.com/errata/rhsa-2013-0236.html" }, { "trust": 1.7, "url": "http://rhn.redhat.com/errata/rhsa-2013-0237.html" }, { "trust": 1.6, "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a19501" }, { "trust": 1.6, "url": "http://rhn.redhat.com/errata/rhsa-2013-1456.html" }, { "trust": 1.6, "url": "http://marc.info/?l=bugtraq\u0026m=136733161405818\u0026w=2" }, { "trust": 1.6, "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a19097" }, { "trust": 1.6, "url": "http://www.securityfocus.com/bid/57714" }, { "trust": 1.6, "url": "http://www.us-cert.gov/cas/techalerts/ta13-032a.html" }, { "trust": 1.6, "url": "http://marc.info/?l=bugtraq\u0026m=136439120408139\u0026w=2" }, { "trust": 1.6, "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a16247" }, { "trust": 1.6, "url": "http://marc.info/?l=bugtraq\u0026m=136570436423916\u0026w=2" }, { "trust": 0.9, "url": "http://www.oracle.com/technetwork/topics/security/javacpufeb2013verbose-1841196.html" }, { "trust": 0.8, "url": "http://taosecurity.blogspot.com/2012/11/do-devs-care-about-java-insecurity.html?showcomment=1353874245992#c4794680666510382012" }, { "trust": 0.8, "url": "http://codeascraft.etsy.com/2013/03/18/java-not-even-once/" }, { "trust": 0.8, "url": "http://blogs.technet.com/b/srd/archive/2013/05/29/java-when-you-cannot-let-go.aspx" }, { "trust": 0.6, "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21650822" }, { "trust": 0.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0429" }, { "trust": 0.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3342" }, { "trust": 0.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0428" }, { "trust": 0.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0442" }, { "trust": 0.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0446" }, { "trust": 0.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0351" }, { "trust": 0.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0409" }, { "trust": 0.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0441" }, { "trust": 0.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0419" }, { "trust": 0.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-3213" }, { "trust": 0.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0426" }, { "trust": 0.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0440" }, { "trust": 0.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0443" }, { "trust": 0.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0423" }, { "trust": 0.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0425" }, { "trust": 0.6, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0445" }, { "trust": 0.5, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0450" }, { "trust": 0.5, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1475" }, { "trust": 0.5, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0433" }, { "trust": 0.5, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0435" }, { "trust": 0.5, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0438" }, { "trust": 0.5, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0434" }, { "trust": 0.5, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0432" }, { "trust": 0.5, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0427" }, { "trust": 0.5, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0424" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1473" }, { "trust": 0.4, "url": "https://nvd.nist.gov/vuln/detail/cve-2012-1541" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21650623" }, { "trust": 0.3, "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c03748879" }, { "trust": 0.3, "url": "http://www.ibm.com/developerworks/java/jdk/alerts/" }, { "trust": 0.3, "url": "http://www.oracle.com/technetwork/java/index.html" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644918" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24033920" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24033922" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24031555" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24034621" }, { "trust": 0.3, "url": "http://www.xerox.com/download/security/security-bulletin/1683f-4d960e4b16bb2/cert_xrx13-004_v1.01.pdf" }, { "trust": 0.3, "url": "http://www.xerox.com/download/security/security-bulletin/b2f13-4fbfcf66f7822/cert_xrx14-004_v1-01.pdf" }, { "trust": 0.3, "url": "http://support.apple.com/kb/ht5666" }, { "trust": 0.3, "url": "https://ics-cert.us-cert.gov/advisories/icsa-17-213-02" }, { "trust": 0.3, "url": "http://prod.lists.apple.com/archives/security-announce/2013/feb/msg00000.html" }, { "trust": 0.3, "url": "https://downloads.avaya.com/css/p8/documents/100171276" }, { "trust": 0.3, "url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c03748879" }, { "trust": 0.3, "url": "http://h20566.www2.hp.com/portal/site/hpsc/template.page/public/kb/docdisplay/?docid=emr_na-c03909126-1" }, { "trust": 0.3, "url": "" }, { "trust": 0.3, "url": "http://h20566.www2.hp.com/portal/site/hpsc/template.page/public/kb/docdisplay/?javax.portlet.endcachetok=com.vignette.cachetoken\u0026javax.portlet.prp_ba847bafb2a2d782fcbb0710b053ce01=wsrp-navigationalsta" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21643544" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg24034507" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21634069" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21635160" }, { "trust": 0.3, "url": "https://downloads.avaya.com/css/p8/documents/100169783" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21633170" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21635864" }, { "trust": 0.3, "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21643697" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21642358" }, { "trust": 0.3, "url": "https://www-304.ibm.com/support/docview.wss?uid=swg21628927" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21628250" }, { "trust": 0.3, "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21633669" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2013-1476.html" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2013-0428.html" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2013-1480.html" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2013-0425.html" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2013-0419.html" }, { "trust": 0.3, "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2013-0409.html" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2013-0423.html" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2013-0443.html" }, { "trust": 0.3, "url": "https://access.redhat.com/security/team/key/#package" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2013-0351.html" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2013-0427.html" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2013-0433.html" }, { "trust": 0.3, "url": "https://access.redhat.com/security/team/contact/" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2012-1541.html" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2012-3213.html" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2013-0441.html" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2013-0432.html" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2013-0446.html" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2013-0450.html" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2013-1473.html" }, { "trust": 0.3, "url": "http://bugzilla.redhat.com/):" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2012-3342.html" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2013-0426.html" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2013-0440.html" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2013-0445.html" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2013-0442.html" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2013-0424.html" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2013-0438.html" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2013-1478.html" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2013-0435.html" }, { "trust": 0.3, "url": "https://www.redhat.com/security/data/cve/cve-2013-0434.html" }, { "trust": 0.3, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1478" }, { "trust": 0.3, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1476" }, { "trust": 0.3, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0430" }, { "trust": 0.2, "url": "https://www.redhat.com/security/data/cve/cve-2013-1481.html" }, { "trust": 0.2, "url": "http://support.apple.com/kb/ht1222" }, { "trust": 0.2, "url": "http://www.apple.com/support/downloads/" }, { "trust": 0.2, "url": "https://www.apple.com/support/security/pgp/" }, { "trust": 0.2, "url": "http://www.o" }, { "trust": 0.2, "url": "http://gpgtools.org" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0444" }, { "trust": 0.2, "url": "https://www.redhat.com/security/data/cve/cve-2013-0430.html" }, { "trust": 0.2, "url": "https://www.redhat.com/security/data/cve/cve-2013-1475.html" }, { "trust": 0.2, "url": "https://access.redhat.com/security/updates/classification/#critical" }, { "trust": 0.2, "url": "https://www.redhat.com/security/data/cve/cve-2013-0429.html" }, { "trust": 0.2, "url": "https://access.redhat.com/knowledge/articles/11258" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-2468.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2011-0873.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2011-3548.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-1540.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-2463.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-2446.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3521" }, { "trust": 0.1, "url": "https://access.redhat.com/site/articles/11258" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-1500.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2011-3556.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-2419.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2011-3563.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3546" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-0401.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-2444.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-2454.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2012-5089.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2011-3551.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2012-1722.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2012-5079.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2012-0497.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2012-0500.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2011-3389.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-2422.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2011-3561.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2012-1721.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2012-5081.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2012-5071.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2011-0863.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2012-1532.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2012-3216.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2012-5069.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2012-0499.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0862" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2011-0867.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2012-5084.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2012-0507.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-2451.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2011-3552.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-0809.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-1487.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2011-0814.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2011-3547.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2012-4820.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3549" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2012-0503.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-1493.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-1569.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2012-5073.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2011-3554.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2012-4823.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-2435.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-2456.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-3743.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2011-3549.html" }, { "trust": 0.1, "url": "https://access.redhat.com/security/updates/classification/#low" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-2407.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3553" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2011-3516.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2011-0871.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3554" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-2470.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2012-5068.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2011-0868.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3389" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2012-4822.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0873" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2012-3159.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-1557.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2012-5075.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-2471.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-2429.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3548" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2011-3521.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3551" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-2443.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2012-1713.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3547" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-2457.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-2412.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2012-5072.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2011-3553.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2012-1718.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-1537.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2012-1717.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3545" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2012-1531.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-2432.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-2447.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2011-0802.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-2452.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2011-0865.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3516" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2011-3545.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-1491.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-2464.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2011-0862.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-1571.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-2383.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-2418.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3561" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3556" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2012-0547.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-1563.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-2465.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-2472.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-2466.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-2424.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-2453.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2011-3544.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0867" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-2473.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-2433.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-2437.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2012-1716.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2012-0506.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2012-5083.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2012-0501.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2012-1533.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0869" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-2450.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2011-3560.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3550" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2011-3557.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2012-3143.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2012-1725.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0865" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2012-0502.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-2417.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-2394.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-2455.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2012-0498.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2012-1682.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-2442.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-2459.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-2430.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3560" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2011-3546.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2012-0551.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3552" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3544" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2011-0869.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-2448.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0863" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2012-1719.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2011-3550.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-1486.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2011-5035.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-3557" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-2384.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-0169.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2012-0505.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-2469.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0871" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0868" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0802" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0814" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-2420.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-2440.html" }, { "trust": 0.1, "url": "http://www.oracle.com/technetwork/java/javase/" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1481" }, { "trust": 0.1, "url": "http://www.ubuntu.com/usn/usn-1724-1" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/openjdk-6/6b27-1.12.1-2ubuntu0.12.04.2" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0448" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/openjdk-6/6b27-1.12.1-2ubuntu0.10.04.2" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/openjdk-6/6b27-1.12.1-2ubuntu0.11.10.2" }, { "trust": 0.1, "url": "https://launchpad.net/ubuntu/+source/openjdk-7/7u13-2.3.6-0ubuntu0.12.10.1" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-1480" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0449" }, { "trust": 0.1, "url": "http://secunia.com/advisories/52064/#comments" }, { "trust": 0.1, "url": "http://secunia.com/vulnerability_intelligence/" }, { "trust": 0.1, "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=52064" }, { "trust": 0.1, "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/" }, { "trust": 0.1, "url": "http://secunia.com/advisories/secunia_security_advisories/" }, { "trust": 0.1, "url": "http://secunia.com/advisories/52064/" }, { "trust": 0.1, "url": "http://secunia.com/vulnerability_scanning/personal/" }, { "trust": 0.1, "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org" }, { "trust": 0.1, "url": "http://secunia.com/blog/325/" }, { "trust": 0.1, "url": "http://secunia.com/advisories/about_secunia_advisories/" }, { "trust": 0.1, "url": "http://www.hp.com/java" }, { "trust": 0.1, "url": "http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/" }, { "trust": 0.1, "url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins" }, { "trust": 0.1, "url": "https://www.hp.com/go/swa" }, { "trust": 0.1, "url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0809" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-1489.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-0431.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-0448.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-0437.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0437" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-0444.html" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-1479.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2013-0431" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2013-0449.html" } ], "sources": [ { "db": "CERT/CC", "id": "VU#858729" }, { "db": "BID", "id": "57714" }, { "db": "PACKETSTORM", "id": "123734" }, { "db": "PACKETSTORM", "id": "120419" }, { "db": "PACKETSTORM", "id": "120036" }, { "db": "PACKETSTORM", "id": "120334" }, { "db": "PACKETSTORM", "id": "120030" }, { "db": "PACKETSTORM", "id": "120009" }, { "db": "PACKETSTORM", "id": "121286" }, { "db": "PACKETSTORM", "id": "120031" }, { "db": "CNNVD", "id": "CNNVD-201302-009" }, { "db": "NVD", "id": "CVE-2013-0419" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CERT/CC", "id": "VU#858729" }, { "db": "BID", "id": "57714" }, { "db": "PACKETSTORM", "id": "123734" }, { "db": "PACKETSTORM", "id": "120419" }, { "db": "PACKETSTORM", "id": "120036" }, { "db": "PACKETSTORM", "id": "120334" }, { "db": "PACKETSTORM", "id": "120030" }, { "db": "PACKETSTORM", "id": "120009" }, { "db": "PACKETSTORM", "id": "121286" }, { "db": "PACKETSTORM", "id": "120031" }, { "db": "CNNVD", "id": "CNNVD-201302-009" }, { "db": "NVD", "id": "CVE-2013-0419" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2013-02-01T00:00:00", "db": "CERT/CC", "id": "VU#858729" }, { "date": "2013-02-01T00:00:00", "db": "BID", "id": "57714" }, { "date": "2013-10-23T22:57:57", "db": "PACKETSTORM", "id": "123734" }, { "date": "2013-02-20T19:22:22", "db": "PACKETSTORM", "id": "120419" }, { "date": "2013-02-02T19:22:22", "db": "PACKETSTORM", "id": "120036" }, { "date": "2013-02-15T05:00:41", "db": "PACKETSTORM", "id": "120334" }, { "date": "2013-02-05T01:09:08", "db": "PACKETSTORM", "id": "120030" }, { "date": "2013-02-04T10:48:27", "db": "PACKETSTORM", "id": "120009" }, { "date": "2013-04-12T00:36:44", "db": "PACKETSTORM", "id": "121286" }, { "date": "2013-02-05T01:09:24", "db": "PACKETSTORM", "id": "120031" }, { "date": "2013-02-04T00:00:00", "db": "CNNVD", "id": "CNNVD-201302-009" }, { "date": "2013-02-02T00:55:01.473000", "db": "NVD", "id": "CVE-2013-0419" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2013-06-14T00:00:00", "db": "CERT/CC", "id": "VU#858729" }, { "date": "2017-08-03T22:09:00", "db": "BID", "id": "57714" }, { "date": "2022-05-16T00:00:00", "db": "CNNVD", "id": "CNNVD-201302-009" }, { "date": "2022-05-13T14:52:56.670000", "db": "NVD", "id": "CVE-2013-0419" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "PACKETSTORM", "id": "121286" }, { "db": "CNNVD", "id": "CNNVD-201302-009" } ], "trust": 0.7 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Oracle Java contains multiple vulnerabilities", "sources": [ { "db": "CERT/CC", "id": "VU#858729" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Unknown", "sources": [ { "db": "BID", "id": "57714" } ], "trust": 0.3 } }
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.