CVSS: 3.5EPSS: 0%CPEs: 227EXPL: 0CVE-2013-5797 – OpenJDK: insufficient escaping of window title string (Javadoc, 8016675)
https://notcve.org/view.php?id=CVE-2013-5797
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and JavaFX 2.2.40 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Javadoc. Vulnerablidad sin especificar en Oracle Java SE 7u40 y anteriores, Java SE 6u60 y anteriores, Java SE 5.0u51 y anteriores, JRockit R28.2.8 y anteriores, JRockit R27.7.6 y anteriores, y JavaFX 2.2.40 y anteriores permite la autenticación remota de usuarios con la correspondiente afección de integridad a través de vectores desconocidos relacionados con Javadoc. • http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html http://marc.info/?l=bugtraq&m=138674031212883&w=2 http://marc.info/?l=bugtraq&m=138674073720143&w=2 http://rhn.redhat.com/errata/RHSA-2013-1440.html http://rhn.redhat.com/errata/RHSA-2013-1447. •
CVSS: 7.5EPSS: 10%CPEs: 216EXPL: 0CVE-2013-5802 – OpenJDK: javax.xml.transform.TransformerFactory does not properly honor XMLConstants.FEATURE_SECURE_PROCESSING (JAXP, 8012425)
https://notcve.org/view.php?id=CVE-2013-5802
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAXP. Vulnerabilidad sin especificar en Oracle Java SE 7u40 y anteriores, Java SE 6u60 y anteriores, Java SE 5.0u51 y anteriores, JRockit R28.2.8 y anteriores, JRockit R27.7.6 y anteriores, y Java SE Embedded 7u40 y anteriores permite a atacantes remotos afectar la confidenciallidad, integridad y disponibilidad a través de vectores relacionados con JAXP. • http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=1019130 http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html http://marc.info/?l=bugtraq&m=138674031212883&w=2 http://marc.info/?l=bugtraq&m=138674073720143&w=2 http://rhn.redhat.com/errata/RHSA-20 •
CVSS: 2.6EPSS: 5%CPEs: 216EXPL: 0CVE-2013-5803 – OpenJDK: insufficient checks of KDC replies (JGSS, 8014341)
https://notcve.org/view.php?id=CVE-2013-5803
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via vectors related to JGSS. Vulnerabilidad sin especificar en Oracle Java SE 7u40 y anteriores, Java SE 6u60 y anteriores, Java SE 5.0u51 y anteriores, JRockit R28.2.8 y anteriores, JRockit R27.7.6 y anteriores, and Java SE Embedded 7u40 y anteriores permite a atacantes remotos afectar la disponibilidad a través de vectores relacionados con JGSS. • http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html http://marc.info/?l=bugtraq&m=138674031212883&w=2 http://marc.info/?l=bugtraq&m=138674073720143&w=2 http://rhn.redhat.com/errata/RHSA-2013-1440.html http://rhn.redhat.com/errata/RHSA-2013-1447. •
CVSS: 6.4EPSS: 0%CPEs: 199EXPL: 0CVE-2013-5804 – OpenJDK: javac does not ignore certain ignorable characters (Javadoc, 8016653)
https://notcve.org/view.php?id=CVE-2013-5804
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, and JRockit R27.7.6 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Javadoc. Vulnerabilidad no especificada en Oracle Java SE 7u40 y anteriores, Java SE 6u60 y anteriores, Java SE 5.0u51 y anteriores, JRockit R28.2.8 y anteriores, y JRockit R27.7.6 y anteriores que permite a atacantes remotos afectar la confidencialidad y la integridad a través de vectores desconocidos relacionados con Javadoc. • http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html http://marc.info/?l=bugtraq&m=138674031212883&w=2 http://marc.info/?l=bugtraq&m=138674073720143&w=2 http://rhn.redhat.com/errata/RHSA-2013-1440.html http://rhn.redhat.com/errata/RHSA-2013-1447. •
CVSS: 5.0EPSS: 5%CPEs: 138EXPL: 0CVE-2013-5823 – OpenJDK: com.sun.org.apache.xml.internal.security.utils.UnsyncByteArrayOutputStream Denial of Service (Security, 8021290)
https://notcve.org/view.php?id=CVE-2013-5823
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect availability via unknown vectors related to Security. Vulnerabilidad no especificada en Oracle Java SE y anteriores, Java SE 6u60 y anteriores, JRockit R28.2.8 y anteriores, JRockit R27.7.6 y anteriores, y Java SE Embedded 7u40 y anteriores permite a atacantes remotos afectar la disponibilidad a través de vectores relacionados con Security. • http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html http://marc.info/?l=bugtraq&m=138674031212883&w=2 http://marc.info/?l=bugtraq&m=138674073720143&w=2 http://rhn.redhat.com/errata/RHSA-2013-1440.html http://rhn.redhat.com/errata/RHSA-2013-1447. •