CVSS: 9.8EPSS: 3%CPEs: 62EXPL: 0CVE-2013-3009 – JDK: Unspecified security fixes (July 2013)
https://notcve.org/view.php?id=CVE-2013-3009
23 Jul 2013 — The com.ibm.CORBA.iiop.ClientDelegate class in IBM Java 1.4.2 before 1.4.2 SR13-FP18, 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 improperly exposes the invoke method of the java.lang.reflect.Method class, which allows remote attackers to call setSecurityManager and bypass a sandbox protection mechanism via vectors related to the AccessController doPrivileged block. La clase com.ibm.CORBA.iiop.ClientDelegate en IBM Java 1.4.2 en vesiones anteriores a 1.4.2 SR13-FP18,... • http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html •
CVSS: 9.8EPSS: 7%CPEs: 62EXPL: 0CVE-2013-3011 – JDK: Unspecified security fixes (July 2013)
https://notcve.org/view.php?id=CVE-2013-3011
23 Jul 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 1.4.2 before 1.4.2 SR13-FP18, 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3009 and CVE-2013-3012. Vulnerabilidad sin especificar en Java Runtime Environment (JRE) en IBM Java 1.4.2 anterior a 1.4.2 SR13-FP18, 5.0 anterior a 5.0 SR16-FP3, 6 anterior a 6 SR... • http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html •
CVSS: 9.8EPSS: 2%CPEs: 8EXPL: 0CVE-2013-3007 – JDK: Unspecified security fixes (July 2013)
https://notcve.org/view.php?id=CVE-2013-3007
23 Jul 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 6.0.1 before 6.0.1 SR6 and 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3006. Vulnerabilidad sin especificar en Java Runtime Environment (JRE) en IBM Java 6.0.1 anterior a 6.0.1 SR6, y 7 anterior a 7 SR5, permite a atacantes remotos comprometer la disponibilidad, confidencialidad e integridad a través de vectores no especifi... • http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html •
CVSS: 9.8EPSS: 7%CPEs: 62EXPL: 0CVE-2013-3012 – JDK: Unspecified security fixes (July 2013)
https://notcve.org/view.php?id=CVE-2013-3012
23 Jul 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 1.4.2 before 1.4.2 SR13-FP18, 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3009 and CVE-2013-3011. Vulnerabilidad sin especificar en Java Runtime Environment (JRE) en IBM Java 1.4.2 anterior a 1.4.2 SR13-FP18, 5.0 anterior a 5.0 SR16-FP3, 6 anterior a 6 SR... • http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html •
CVSS: 9.8EPSS: 3%CPEs: 7EXPL: 0CVE-2013-3006 – JDK: Unspecified security fixes (July 2013)
https://notcve.org/view.php?id=CVE-2013-3006
23 Jul 2013 — Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3008. Vulnerabilidad sin especificar en Java Runtime Environment (JRE) en IBM Java 7 anterior a 7 SR5, permite a atacantes remotos comprometer la disponibilidad, confidencialidad e integridad a través de vectores no especificados. Vulnerabilidad distinta de CVE-2013-3008. • http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html •
CVSS: 7.1EPSS: 1%CPEs: 101EXPL: 1CVE-2013-4002 – OpenJDK: XML parsing Denial of Service (JAXP, 8017298)
https://notcve.org/view.php?id=CVE-2013-4002
23 Jul 2013 — XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment (JRE) in IBM Java 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 as well as Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, Java SE Embedded 7u40 and earlier, and possibly other products allows remote attackers to cause a denial of service via vectors related to XML attribute... • https://github.com/tafamace/CVE-2013-4002 • CWE-20: Improper Input Validation •