CVSS: 5.0EPSS: 0%CPEs: 30EXPL: 0CVE-2013-2400 – JDK: unspecified vulnerability fixed in 7u25 (Deployment)
https://notcve.org/view.php?id=CVE-2013-2400
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-3744. Vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Oracle Java SE 7 Update 21 y anteriores permite a atacantes remotos afectar a la integridad mediante vectores relacionados con Deployment, una vulnerabilidad diferente a CVE-2013-3744. • http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html http://marc.info/?l=bugtraq&m=137545505800971&w=2 http://rhn.redhat.com/errata/RHSA-2013-0963.html http://rhn.redhat.com/errata/RHSA-2013-1060.html http://secunia.com/advisories/54154 http://www-01.ibm.com/support/docview.wss?uid=swg21642336 http://www-01.ibm.com/support/docview.wss?uid=swg21644197 http://www.oracle.com/tech •
CVSS: 6.9EPSS: 0%CPEs: 78EXPL: 0CVE-2013-2467
https://notcve.org/view.php?id=CVE-2013-2467
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 5.0 Update 45 and earlier allows local users to affect confidentiality, integrity, and availability via unknown vectors related to the Java installer. Vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Oracle Java SE v5.0 Update 45 y anteriores permite a atacantes remotos afectar a la integridad, confidencialidad y disponibilidad mediante vectores relacionados con el instalador Java. • http://marc.info/?l=bugtraq&m=137545505800971&w=2 http://secunia.com/advisories/54154 http://www-01.ibm.com/support/docview.wss?uid=swg21644197 http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html http://www.us-cert.gov/ncas/alerts/TA13-169A https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17014 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19512 •
CVSS: 10.0EPSS: 94%CPEs: 188EXPL: 0CVE-2013-2471 – Oracle Java IntegerComponentRaster Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-2471
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect IntegerComponentRaster size checks." Vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Oracle Java SE 7 Update 21 y versiones anteriores, 6 Update 45 y versiones anteriores y 5.0 Update 45 y versiones anteriores y OpenJDK 7, permite a atacantes remotos afectar la confidencialidad, la integridad y la disponibilidad a través de vectores desconocidos relacionados con 2D. NOTA: la información previa es de Junio 2013 CPU. • http://advisories.mageia.org/MGASA-2013-0185.html http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880 http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/4c3d38927a26 http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html http:/&#x •
CVSS: 4.3EPSS: 0%CPEs: 30EXPL: 0CVE-2013-2449 – OpenJDK: GnomeFileTypeDetector path access check (Libraries, 8004288)
https://notcve.org/view.php?id=CVE-2013-2449
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Libraries. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to GnomeFileTypeDetector and a missing check for read permissions for a path. La vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Java SE versión 7 Update 21 y anteriores, y OpenJDK versión 7 de Oracle, permite a los atacantes remotos afectar a la confidencialidad por medio de vectores desconocidos relacionados con Libraries. NOTA: la información previa es de la CPU de junio de 2013. • http://advisories.mageia.org/MGASA-2013-0185.html http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/b1a2b9ac9714 http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html http://marc.info/?l=bugtraq&m=137545505800971&w=2 http://rhn.redhat.com/errata/RHSA-2013-0963.html http://rhn.redhat.com/errata/RHSA-2013-1060.html http://secunia.com/advisories/54154 http://security.gentoo.org/glsa/glsa-201406-32.xml http://www-01.ibm.com/support/docview.wss?uid& •
CVSS: 10.0EPSS: 88%CPEs: 188EXPL: 1CVE-2013-2470 – Oracle Java AWT Memory Corruption Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-2470
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "ImagingLib byte lookup processing." Vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Java SE versión 7 Update 21 y anteriores, versión 6 Update 45 y anteriores, y versión 5.0 Update 45 y anteriores, y OpenJDK versión 7 de Oracle, permite a los atacantes remotos afectar la confidencialidad, integridad y disponibilidad por medio de vectores desconocidos relacionados con 2D. NOTA: la información previa es de la CPU de junio de 2013. • https://www.exploit-db.com/exploits/28050 http://advisories.mageia.org/MGASA-2013-0185.html http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880 http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/89d9ec9e80c1 http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html http://lists.opensuse.org/opensuse-se •