Vulnerability Details CVE-2013-1486
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier, 6 Update 39 and earlier, and 5.0 Update 39 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 73.3%
CVSS Severity
CVSS v2 Score 10.0
References
- http://blog.fuseyism.com/index.php/2013/02/20/security-icedtea-2-1-6-2-2-6-2-3-7-for-openjdk-7-released/
- http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00020.html
- http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00000.html
- http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00002.html
- http://marc.info/?l=bugtraq&m=136439120408139&w=2
- http://marc.info/?l=bugtraq&m=136439120408139&w=2
- http://marc.info/?l=bugtraq&m=136733161405818&w=2
- http://marc.info/?l=bugtraq&m=136733161405818&w=2
- http://rhn.redhat.com/errata/RHSA-2013-1455.html
- http://rhn.redhat.com/errata/RHSA-2013-1456.html
- http://security.gentoo.org/glsa/glsa-201406-32.xml
- http://www.mandriva.com/security/advisories?name=MDVSA-2013:095
- http://www.oracle.com/technetwork/topics/security/javacpufeb2013update-1905892.html
- http://www.securityfocus.com/bid/58029
- http://www.ubuntu.com/usn/USN-1735-1
- http://www.us-cert.gov/cas/techalerts/TA13-051A.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19402
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19469
- https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0084
- http://blog.fuseyism.com/index.php/2013/02/20/security-icedtea-2-1-6-2-2-6-2-3-7-for-openjdk-7-released/
- http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00020.html
- http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00000.html
- http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00002.html
- http://marc.info/?l=bugtraq&m=136439120408139&w=2
- http://marc.info/?l=bugtraq&m=136439120408139&w=2
- http://marc.info/?l=bugtraq&m=136733161405818&w=2
- http://marc.info/?l=bugtraq&m=136733161405818&w=2
- http://rhn.redhat.com/errata/RHSA-2013-1455.html
- http://rhn.redhat.com/errata/RHSA-2013-1456.html
- http://security.gentoo.org/glsa/glsa-201406-32.xml
- http://www.mandriva.com/security/advisories?name=MDVSA-2013:095
- http://www.oracle.com/technetwork/topics/security/javacpufeb2013update-1905892.html
- http://www.securityfocus.com/bid/58029
- http://www.ubuntu.com/usn/USN-1735-1
- http://www.us-cert.gov/cas/techalerts/TA13-051A.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19402
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19469
- https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0084
Products affected by CVE-2013-1486
-
cpe:2.3:a:oracle:jdk:1.5.0
-
cpe:2.3:a:oracle:jdk:1.6.0
-
cpe:2.3:a:oracle:jdk:1.7.0
-
cpe:2.3:a:oracle:jre:1.5.0
-
cpe:2.3:a:oracle:jre:1.6.0
-
cpe:2.3:a:oracle:jre:1.7.0
-
cpe:2.3:a:sun:jdk:1.5.0
-
cpe:2.3:a:sun:jdk:1.6.0
-
cpe:2.3:a:sun:jre:1.5.0
-
cpe:2.3:a:sun:jre:1.6.0