CVSS: 5.0EPSS: 9%CPEs: 198EXPL: 0CVE-2013-2444 – OpenJDK: Resource denial of service (AWT, 8001038)
https://notcve.org/view.php?id=CVE-2013-2444
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier; JavaFX 2.2.21 and earlier; and OpenJDK 7 allows remote attackers to affect availability via vectors related to AWT. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue does not "properly manage and restrict certain resources related to the processing of fonts," possibly involving temporary files. Vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Java SE versión 7 Update 21 y anteriores, versión 6 Update 45 y anteriores, y versión 5.0 Update 45 y anteriores; JavaFX versión 2.2.21 y anteriores; y OpenJDK versión 7 de Oracle, permite a los atacantes remotos afectar a la disponibilidad por medio de vectores relacionados con AWT. NOTA: la información previa es de la CPU de junio de 2013. • http://advisories.mageia.org/MGASA-2013-0185.html http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880 http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/09c14ca57ff0 http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html http:/&#x •
CVSS: 6.8EPSS: 0%CPEs: 37EXPL: 0CVE-2013-1561 – JDK: multiple unspecified JavaFX vulnerabilities fixed in 7u21 (JavaFX)
https://notcve.org/view.php?id=CVE-2013-1561
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality via unknown vectors related to JavaFX. Vulnerabilidad no especificada en el componente Java Runtime Environment (JRE) en Oracle Java SE 7 Update 17 y anteriores, y en JavaFX 2.2.7 y anteriores, permite a atacantes remotos comprometer la confidencialidad a través de vectores no especificados que involucran a JavaFX. • http://rhn.redhat.com/errata/RHSA-2013-0757.html http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html http://www.us-cert.gov/ncas/alerts/TA13-107A https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16481 https://access.redhat.com/security/cve/CVE-2013-1561 https://bugzilla.redhat.com/show_bug.cgi?id=953135 •
CVSS: 7.6EPSS: 1%CPEs: 115EXPL: 0CVE-2013-1563 – JDK: unspecified vulnerability fixed in 7u21 and 6u45 (Install)
https://notcve.org/view.php?id=CVE-2013-1563
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install. Vulnerabilidad no especificada en Java Runtime Environment (JRE) componente de Oracle Java SE v7 Update v17 y anteriores, v6 Update v43 y anteriores, y JavaFX v2.2.7 y anteriores, la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con "Install". • http://lists.apple.com/archives/security-announce/2013/Apr/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00013.html http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00001.html http://marc.info/?l=bugtraq&m=137283787217316&w=2 http://rhn.redhat.com/errata/RHSA-2013-0757.html http://rhn.redhat.com/errata/RHSA-2013-0758.html http://rhn.redhat.com/errata/RHSA-2013-1455.html http://rhn.redhat.com/errata/RHSA-2013-1456.html http:/ •
CVSS: 6.8EPSS: 0%CPEs: 37EXPL: 0CVE-2013-1564 – JDK: multiple unspecified JavaFX vulnerabilities fixed in 7u21 (JavaFX)
https://notcve.org/view.php?id=CVE-2013-1564
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect integrity via unknown vectors related to JavaFX. Vulnerabilidad no especificada en Java Runtime Environment (JRE) componente de Oracle Java SE v7 Update v17 y anteriores y JavaFX v2.2.7 y anteriores, permite a atacantes remotos afectar la integridad a través de vectores desconocidos relacionados con JavaFX. • http://rhn.redhat.com/errata/RHSA-2013-0757.html http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html http://www.us-cert.gov/ncas/alerts/TA13-107A https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16147 https://access.redhat.com/security/cve/CVE-2013-1564 https://bugzilla.redhat.com/show_bug.cgi?id=953135 •
CVSS: 9.3EPSS: 4%CPEs: 189EXPL: 0CVE-2013-2394 – Oracle Java t2k Type1 Subroutine Indexing Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2013-2394
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5.0 Update 41 and earlier, and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-2432 and CVE-2013-1491. Vulnerabilidad no especificada en Java Runtime Environment (JRE) componente de Oracle Java SE v7 Update v17 y anteriores, v6 Update v43 y anteriores, y v5.0 Update v41 y anteriores, y JavaFX v2.2.7 y anteriores, permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos relacionados con 2D, una vulnerabilidad diferente de CVE-2013-2432 y CVE-2013-1491. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Type1 fonts in t2k.dll. A file parsing vulnerability can occur by controlling a value placed after the "/Subrs" keyword in the eexec portion of the file which defines a size of an array. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880 http://lists.apple.com/archives/security-announce/2013/Apr/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00013.html http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00007.html http://marc.info/?l=bugtraq&m=137283787217316&w=2 http://rhn.redhat.com/errata/RHSA-2013-0757.html http://rhn.redhat& •