Vulnerability-Lookup

CERTA-2013-AVI-151

Vulnerability from certfr_avis - Published: 2013-02-26 - Updated: 2013-02-26

De multiples vulnérabilités ont été corrigées dans Hitachi Cosminexus. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à l'intégrité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
N/A	N/A	Hitachi Cosminexus version 6
N/A	N/A	Hitachi Cosminexus version 8
N/A	N/A	Hitachi Cosminexus version 5
N/A	N/A	Hitachi Cosminexus version 9
N/A	N/A	Hitachi Cosminexus version 7
N/A	N/A	Hitachi Cosminexus version 4
N/A	N/A	Hitachi Cosminexus version 6.7

References

Title

Publication Time

CVE-2013-1476 (GCVE-0-2013-1476)

Vulnerability from cvelistv5 – Published: 2013-02-02 00:00 – Updated: 2024-08-06 15:04

Summary

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA, a different vulnerability than CVE-2013-0441 and CVE-2013-1475. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass Java sandbox restrictions via "certain value handler constructors."

Severity

No CVSS data available.

CWE

Assigner

oracle

References

30 references

URL	Tags
https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
http://www.securityfocus.com/bid/57696	vdb-entryx_refsource_BID
http://security.gentoo.org/glsa/glsa-201406-32.xml	vendor-advisoryx_refsource_GENTOO
http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
http://marc.info/?l=bugtraq&m=136570436423916&w=2	vendor-advisoryx_refsource_HP
http://www.us-cert.gov/cas/techalerts/TA13-032A.html	third-party-advisoryx_refsource_CERT
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?…	x_refsource_CONFIRM
http://rhn.redhat.com/errata/RHSA-2013-0236.html	vendor-advisoryx_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2013-1455.html	vendor-advisoryx_refsource_REDHAT
http://www.kb.cert.org/vuls/id/858729	third-party-advisoryx_refsource_CERT-VN
http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
http://rhn.redhat.com/errata/RHSA-2013-0237.html	vendor-advisoryx_refsource_REDHAT
http://marc.info/?l=bugtraq&m=136439120408139&w=2	vendor-advisoryx_refsource_HP
http://rhn.redhat.com/errata/RHSA-2013-0247.html	vendor-advisoryx_refsource_REDHAT
http://marc.info/?l=bugtraq&m=136733161405818&w=2	vendor-advisoryx_refsource_HP
http://marc.info/?l=bugtraq&m=136439120408139&w=2	vendor-advisoryx_refsource_HP
http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
http://rhn.redhat.com/errata/RHSA-2013-0246.html	vendor-advisoryx_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2013-1456.html	vendor-advisoryx_refsource_REDHAT
http://marc.info/?l=bugtraq&m=136570436423916&w=2	vendor-advisoryx_refsource_HP
http://rhn.redhat.com/errata/RHSA-2013-0245.html	vendor-advisoryx_refsource_REDHAT
http://www.oracle.com/technetwork/topics/security…	x_refsource_CONFIRM
http://icedtea.classpath.org/hg/release/icedtea6-…	x_refsource_CONFIRM
http://icedtea.classpath.org/hg/release/icedtea7-…	x_refsource_CONFIRM
http://marc.info/?l=bugtraq&m=136733161405818&w=2	vendor-advisoryx_refsource_HP
https://wiki.mageia.org/en/Support/Advisories/MGA…	x_refsource_CONFIRM

Date Public

2013-02-01 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T15:04:48.784Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "oval:org.mitre.oval:def:19466",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19466"
          },
          {
            "name": "57696",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/57696"
          },
          {
            "name": "GLSA-201406-32",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
          },
          {
            "name": "MDVSA-2013:095",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:095"
          },
          {
            "name": "SSRT101156",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=136570436423916\u0026w=2"
          },
          {
            "name": "TA13-032A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA13-032A.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=907457"
          },
          {
            "name": "RHSA-2013:0236",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-0236.html"
          },
          {
            "name": "RHSA-2013:1455",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
          },
          {
            "name": "VU#858729",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/858729"
          },
          {
            "name": "SUSE-SU-2013:0478",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00034.html"
          },
          {
            "name": "RHSA-2013:0237",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-0237.html"
          },
          {
            "name": "HPSBUX02857",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=136439120408139\u0026w=2"
          },
          {
            "name": "RHSA-2013:0247",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-0247.html"
          },
          {
            "name": "HPSBMU02874",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=136733161405818\u0026w=2"
          },
          {
            "name": "SSRT101103",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=136439120408139\u0026w=2"
          },
          {
            "name": "openSUSE-SU-2013:0312",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00014.html"
          },
          {
            "name": "openSUSE-SU-2013:0377",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00001.html"
          },
          {
            "name": "oval:org.mitre.oval:def:16652",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16652"
          },
          {
            "name": "oval:org.mitre.oval:def:19475",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19475"
          },
          {
            "name": "oval:org.mitre.oval:def:19507",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19507"
          },
          {
            "name": "RHSA-2013:0246",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-0246.html"
          },
          {
            "name": "RHSA-2013:1456",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
          },
          {
            "name": "HPSBUX02864",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=136570436423916\u0026w=2"
          },
          {
            "name": "RHSA-2013:0245",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-0245.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://icedtea.classpath.org/hg/release/icedtea6-1.11/file/icedtea6-1.11.6/NEWS"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/corba/rev/5116fe321210"
          },
          {
            "name": "SSRT101184",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=136733161405818\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0056"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-02-01T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA, a different vulnerability than CVE-2013-0441 and CVE-2013-1475.  NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass Java sandbox restrictions via \"certain value handler constructors.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01.000Z",
        "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "shortName": "oracle"
      },
      "references": [
        {
          "name": "oval:org.mitre.oval:def:19466",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19466"
        },
        {
          "name": "57696",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/57696"
        },
        {
          "name": "GLSA-201406-32",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
        },
        {
          "name": "MDVSA-2013:095",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:095"
        },
        {
          "name": "SSRT101156",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=136570436423916\u0026w=2"
        },
        {
          "name": "TA13-032A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA13-032A.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=907457"
        },
        {
          "name": "RHSA-2013:0236",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-0236.html"
        },
        {
          "name": "RHSA-2013:1455",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
        },
        {
          "name": "VU#858729",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/858729"
        },
        {
          "name": "SUSE-SU-2013:0478",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00034.html"
        },
        {
          "name": "RHSA-2013:0237",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-0237.html"
        },
        {
          "name": "HPSBUX02857",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=136439120408139\u0026w=2"
        },
        {
          "name": "RHSA-2013:0247",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-0247.html"
        },
        {
          "name": "HPSBMU02874",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=136733161405818\u0026w=2"
        },
        {
          "name": "SSRT101103",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=136439120408139\u0026w=2"
        },
        {
          "name": "openSUSE-SU-2013:0312",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00014.html"
        },
        {
          "name": "openSUSE-SU-2013:0377",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00001.html"
        },
        {
          "name": "oval:org.mitre.oval:def:16652",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16652"
        },
        {
          "name": "oval:org.mitre.oval:def:19475",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19475"
        },
        {
          "name": "oval:org.mitre.oval:def:19507",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19507"
        },
        {
          "name": "RHSA-2013:0246",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-0246.html"
        },
        {
          "name": "RHSA-2013:1456",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
        },
        {
          "name": "HPSBUX02864",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=136570436423916\u0026w=2"
        },
        {
          "name": "RHSA-2013:0245",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-0245.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://icedtea.classpath.org/hg/release/icedtea6-1.11/file/icedtea6-1.11.6/NEWS"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/corba/rev/5116fe321210"
        },
        {
          "name": "SSRT101184",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=136733161405818\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0056"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert_us@oracle.com",
          "ID": "CVE-2013-1476",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA, a different vulnerability than CVE-2013-0441 and CVE-2013-1475.  NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass Java sandbox restrictions via \"certain value handler constructors.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "oval:org.mitre.oval:def:19466",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19466"
            },
            {
              "name": "57696",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/57696"
            },
            {
              "name": "GLSA-201406-32",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
            },
            {
              "name": "MDVSA-2013:095",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:095"
            },
            {
              "name": "SSRT101156",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=136570436423916\u0026w=2"
            },
            {
              "name": "TA13-032A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA13-032A.html"
            },
            {
              "name": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=907457",
              "refsource": "CONFIRM",
              "url": "http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=907457"
            },
            {
              "name": "RHSA-2013:0236",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-0236.html"
            },
            {
              "name": "RHSA-2013:1455",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
            },
            {
              "name": "VU#858729",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/858729"
            },
            {
              "name": "SUSE-SU-2013:0478",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00034.html"
            },
            {
              "name": "RHSA-2013:0237",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-0237.html"
            },
            {
              "name": "HPSBUX02857",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=136439120408139\u0026w=2"
            },
            {
              "name": "RHSA-2013:0247",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-0247.html"
            },
            {
              "name": "HPSBMU02874",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=136733161405818\u0026w=2"
            },
            {
              "name": "SSRT101103",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=136439120408139\u0026w=2"
            },
            {
              "name": "openSUSE-SU-2013:0312",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00014.html"
            },
            {
              "name": "openSUSE-SU-2013:0377",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00001.html"
            },
            {
              "name": "oval:org.mitre.oval:def:16652",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16652"
            },
            {
              "name": "oval:org.mitre.oval:def:19475",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19475"
            },
            {
              "name": "oval:org.mitre.oval:def:19507",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19507"
            },
            {
              "name": "RHSA-2013:0246",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-0246.html"
            },
            {
              "name": "RHSA-2013:1456",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
            },
            {
              "name": "HPSBUX02864",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=136570436423916\u0026w=2"
            },
            {
              "name": "RHSA-2013:0245",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-0245.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html"
            },
            {
              "name": "http://icedtea.classpath.org/hg/release/icedtea6-1.11/file/icedtea6-1.11.6/NEWS",
              "refsource": "CONFIRM",
              "url": "http://icedtea.classpath.org/hg/release/icedtea6-1.11/file/icedtea6-1.11.6/NEWS"
            },
            {
              "name": "http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/corba/rev/5116fe321210",
              "refsource": "CONFIRM",
              "url": "http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/corba/rev/5116fe321210"
            },
            {
              "name": "SSRT101184",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=136733161405818\u0026w=2"
            },
            {
              "name": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0056",
              "refsource": "CONFIRM",
              "url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0056"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
    "assignerShortName": "oracle",
    "cveId": "CVE-2013-1476",
    "datePublished": "2013-02-02T00:00:00.000Z",
    "dateReserved": "2013-01-30T00:00:00.000Z",
    "dateUpdated": "2024-08-06T15:04:48.784Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2013-1478 (GCVE-0-2013-1478)

Vulnerability from cvelistv5 – Published: 2013-02-02 00:00 – Updated: 2024-08-06 15:04

Summary

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient validation of raster parameters" that can trigger an integer overflow and memory corruption.

Severity

No CVSS data available.

CWE

Assigner

oracle

References

30 references

URL	Tags
https://bugzilla.redhat.com/show_bug.cgi?id=906894	x_refsource_CONFIRM
http://security.gentoo.org/glsa/glsa-201406-32.xml	vendor-advisoryx_refsource_GENTOO
http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
http://marc.info/?l=bugtraq&m=136570436423916&w=2	vendor-advisoryx_refsource_HP
http://www.us-cert.gov/cas/techalerts/TA13-032A.html	third-party-advisoryx_refsource_CERT
http://icedtea.classpath.org/hg/release/icedtea7-…	x_refsource_CONFIRM
http://rhn.redhat.com/errata/RHSA-2013-0236.html	vendor-advisoryx_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2013-1455.html	vendor-advisoryx_refsource_REDHAT
http://www.kb.cert.org/vuls/id/858729	third-party-advisoryx_refsource_CERT-VN
http://www-01.ibm.com/support/docview.wss?uid=swg…	x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
http://rhn.redhat.com/errata/RHSA-2013-0237.html	vendor-advisoryx_refsource_REDHAT
http://marc.info/?l=bugtraq&m=136439120408139&w=2	vendor-advisoryx_refsource_HP
http://rhn.redhat.com/errata/RHSA-2013-0247.html	vendor-advisoryx_refsource_REDHAT
http://www.securityfocus.com/bid/57686	vdb-entryx_refsource_BID
http://marc.info/?l=bugtraq&m=136733161405818&w=2	vendor-advisoryx_refsource_HP
https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
http://marc.info/?l=bugtraq&m=136439120408139&w=2	vendor-advisoryx_refsource_HP
https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
http://rhn.redhat.com/errata/RHSA-2013-0246.html	vendor-advisoryx_refsource_REDHAT
https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
http://rhn.redhat.com/errata/RHSA-2013-1456.html	vendor-advisoryx_refsource_REDHAT
http://marc.info/?l=bugtraq&m=136570436423916&w=2	vendor-advisoryx_refsource_HP
http://rhn.redhat.com/errata/RHSA-2013-0245.html	vendor-advisoryx_refsource_REDHAT
http://www.oracle.com/technetwork/topics/security…	x_refsource_CONFIRM
http://icedtea.classpath.org/hg/release/icedtea6-…	x_refsource_CONFIRM
http://marc.info/?l=bugtraq&m=136733161405818&w=2	vendor-advisoryx_refsource_HP
https://wiki.mageia.org/en/Support/Advisories/MGA…	x_refsource_CONFIRM

Date Public

2013-02-01 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T15:04:48.678Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=906894"
          },
          {
            "name": "GLSA-201406-32",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
          },
          {
            "name": "MDVSA-2013:095",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:095"
          },
          {
            "name": "SSRT101156",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=136570436423916\u0026w=2"
          },
          {
            "name": "TA13-032A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA13-032A.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk/rev/d89bd26ac435"
          },
          {
            "name": "RHSA-2013:0236",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-0236.html"
          },
          {
            "name": "RHSA-2013:1455",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
          },
          {
            "name": "VU#858729",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/858729"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21645566"
          },
          {
            "name": "SUSE-SU-2013:0478",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00034.html"
          },
          {
            "name": "RHSA-2013:0237",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-0237.html"
          },
          {
            "name": "HPSBUX02857",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=136439120408139\u0026w=2"
          },
          {
            "name": "RHSA-2013:0247",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-0247.html"
          },
          {
            "name": "57686",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/57686"
          },
          {
            "name": "HPSBMU02874",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=136733161405818\u0026w=2"
          },
          {
            "name": "oval:org.mitre.oval:def:15733",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15733"
          },
          {
            "name": "SSRT101103",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=136439120408139\u0026w=2"
          },
          {
            "name": "oval:org.mitre.oval:def:19529",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19529"
          },
          {
            "name": "openSUSE-SU-2013:0377",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00001.html"
          },
          {
            "name": "oval:org.mitre.oval:def:19454",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19454"
          },
          {
            "name": "RHSA-2013:0246",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-0246.html"
          },
          {
            "name": "oval:org.mitre.oval:def:19429",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19429"
          },
          {
            "name": "RHSA-2013:1456",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
          },
          {
            "name": "HPSBUX02864",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=136570436423916\u0026w=2"
          },
          {
            "name": "RHSA-2013:0245",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-0245.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://icedtea.classpath.org/hg/release/icedtea6-1.11/file/icedtea6-1.11.6/NEWS"
          },
          {
            "name": "SSRT101184",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=136733161405818\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0056"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-02-01T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.  NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to \"insufficient validation of raster parameters\" that can trigger an integer overflow and memory corruption."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01.000Z",
        "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "shortName": "oracle"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=906894"
        },
        {
          "name": "GLSA-201406-32",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
        },
        {
          "name": "MDVSA-2013:095",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:095"
        },
        {
          "name": "SSRT101156",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=136570436423916\u0026w=2"
        },
        {
          "name": "TA13-032A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA13-032A.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk/rev/d89bd26ac435"
        },
        {
          "name": "RHSA-2013:0236",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-0236.html"
        },
        {
          "name": "RHSA-2013:1455",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
        },
        {
          "name": "VU#858729",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/858729"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21645566"
        },
        {
          "name": "SUSE-SU-2013:0478",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00034.html"
        },
        {
          "name": "RHSA-2013:0237",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-0237.html"
        },
        {
          "name": "HPSBUX02857",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=136439120408139\u0026w=2"
        },
        {
          "name": "RHSA-2013:0247",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-0247.html"
        },
        {
          "name": "57686",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/57686"
        },
        {
          "name": "HPSBMU02874",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=136733161405818\u0026w=2"
        },
        {
          "name": "oval:org.mitre.oval:def:15733",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15733"
        },
        {
          "name": "SSRT101103",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=136439120408139\u0026w=2"
        },
        {
          "name": "oval:org.mitre.oval:def:19529",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19529"
        },
        {
          "name": "openSUSE-SU-2013:0377",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00001.html"
        },
        {
          "name": "oval:org.mitre.oval:def:19454",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19454"
        },
        {
          "name": "RHSA-2013:0246",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-0246.html"
        },
        {
          "name": "oval:org.mitre.oval:def:19429",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19429"
        },
        {
          "name": "RHSA-2013:1456",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
        },
        {
          "name": "HPSBUX02864",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=136570436423916\u0026w=2"
        },
        {
          "name": "RHSA-2013:0245",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-0245.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://icedtea.classpath.org/hg/release/icedtea6-1.11/file/icedtea6-1.11.6/NEWS"
        },
        {
          "name": "SSRT101184",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=136733161405818\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0056"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert_us@oracle.com",
          "ID": "CVE-2013-1478",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.  NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to \"insufficient validation of raster parameters\" that can trigger an integer overflow and memory corruption."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=906894",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=906894"
            },
            {
              "name": "GLSA-201406-32",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
            },
            {
              "name": "MDVSA-2013:095",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:095"
            },
            {
              "name": "SSRT101156",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=136570436423916\u0026w=2"
            },
            {
              "name": "TA13-032A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA13-032A.html"
            },
            {
              "name": "http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk/rev/d89bd26ac435",
              "refsource": "CONFIRM",
              "url": "http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk/rev/d89bd26ac435"
            },
            {
              "name": "RHSA-2013:0236",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-0236.html"
            },
            {
              "name": "RHSA-2013:1455",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
            },
            {
              "name": "VU#858729",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/858729"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21645566",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21645566"
            },
            {
              "name": "SUSE-SU-2013:0478",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00034.html"
            },
            {
              "name": "RHSA-2013:0237",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-0237.html"
            },
            {
              "name": "HPSBUX02857",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=136439120408139\u0026w=2"
            },
            {
              "name": "RHSA-2013:0247",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-0247.html"
            },
            {
              "name": "57686",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/57686"
            },
            {
              "name": "HPSBMU02874",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=136733161405818\u0026w=2"
            },
            {
              "name": "oval:org.mitre.oval:def:15733",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15733"
            },
            {
              "name": "SSRT101103",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=136439120408139\u0026w=2"
            },
            {
              "name": "oval:org.mitre.oval:def:19529",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19529"
            },
            {
              "name": "openSUSE-SU-2013:0377",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00001.html"
            },
            {
              "name": "oval:org.mitre.oval:def:19454",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19454"
            },
            {
              "name": "RHSA-2013:0246",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-0246.html"
            },
            {
              "name": "oval:org.mitre.oval:def:19429",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19429"
            },
            {
              "name": "RHSA-2013:1456",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
            },
            {
              "name": "HPSBUX02864",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=136570436423916\u0026w=2"
            },
            {
              "name": "RHSA-2013:0245",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-0245.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html"
            },
            {
              "name": "http://icedtea.classpath.org/hg/release/icedtea6-1.11/file/icedtea6-1.11.6/NEWS",
              "refsource": "CONFIRM",
              "url": "http://icedtea.classpath.org/hg/release/icedtea6-1.11/file/icedtea6-1.11.6/NEWS"
            },
            {
              "name": "SSRT101184",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=136733161405818\u0026w=2"
            },
            {
              "name": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0056",
              "refsource": "CONFIRM",
              "url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0056"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
    "assignerShortName": "oracle",
    "cveId": "CVE-2013-1478",
    "datePublished": "2013-02-02T00:00:00.000Z",
    "dateReserved": "2013-01-30T00:00:00.000Z",
    "dateUpdated": "2024-08-06T15:04:48.678Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2013-1480 (GCVE-0-2013-1480)

Vulnerability from cvelistv5 – Published: 2013-02-02 00:00 – Updated: 2024-08-06 15:04

Summary

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient validation of raster parameters" in awt_parseImage.c, which triggers memory corruption.

Severity

No CVSS data available.

CWE

Assigner

oracle

References

29 references

URL	Tags
https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
http://security.gentoo.org/glsa/glsa-201406-32.xml	vendor-advisoryx_refsource_GENTOO
http://www.securityfocus.com/bid/57691	vdb-entryx_refsource_BID
http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
http://icedtea.classpath.org/hg/release/icedtea7-…	x_refsource_CONFIRM
http://marc.info/?l=bugtraq&m=136570436423916&w=2	vendor-advisoryx_refsource_HP
http://www.us-cert.gov/cas/techalerts/TA13-032A.html	third-party-advisoryx_refsource_CERT
http://rhn.redhat.com/errata/RHSA-2013-0236.html	vendor-advisoryx_refsource_REDHAT
https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
http://rhn.redhat.com/errata/RHSA-2013-1455.html	vendor-advisoryx_refsource_REDHAT
http://www.kb.cert.org/vuls/id/858729	third-party-advisoryx_refsource_CERT-VN
http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
http://rhn.redhat.com/errata/RHSA-2013-0237.html	vendor-advisoryx_refsource_REDHAT
http://marc.info/?l=bugtraq&m=136439120408139&w=2	vendor-advisoryx_refsource_HP
http://rhn.redhat.com/errata/RHSA-2013-0247.html	vendor-advisoryx_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=906904	x_refsource_CONFIRM
http://marc.info/?l=bugtraq&m=136733161405818&w=2	vendor-advisoryx_refsource_HP
http://marc.info/?l=bugtraq&m=136439120408139&w=2	vendor-advisoryx_refsource_HP
http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
http://rhn.redhat.com/errata/RHSA-2013-0246.html	vendor-advisoryx_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2013-1456.html	vendor-advisoryx_refsource_REDHAT
http://marc.info/?l=bugtraq&m=136570436423916&w=2	vendor-advisoryx_refsource_HP
http://rhn.redhat.com/errata/RHSA-2013-0245.html	vendor-advisoryx_refsource_REDHAT
http://www.oracle.com/technetwork/topics/security…	x_refsource_CONFIRM
http://icedtea.classpath.org/hg/release/icedtea6-…	x_refsource_CONFIRM
http://marc.info/?l=bugtraq&m=136733161405818&w=2	vendor-advisoryx_refsource_HP
https://wiki.mageia.org/en/Support/Advisories/MGA…	x_refsource_CONFIRM

Date Public

2013-02-01 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T15:04:48.673Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "oval:org.mitre.oval:def:16045",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16045"
          },
          {
            "name": "GLSA-201406-32",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
          },
          {
            "name": "57691",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/57691"
          },
          {
            "name": "MDVSA-2013:095",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:095"
          },
          {
            "name": "oval:org.mitre.oval:def:18845",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18845"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk/rev/50e268c1fb1f"
          },
          {
            "name": "SSRT101156",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=136570436423916\u0026w=2"
          },
          {
            "name": "TA13-032A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA13-032A.html"
          },
          {
            "name": "RHSA-2013:0236",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-0236.html"
          },
          {
            "name": "oval:org.mitre.oval:def:19351",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19351"
          },
          {
            "name": "oval:org.mitre.oval:def:19504",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19504"
          },
          {
            "name": "RHSA-2013:1455",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
          },
          {
            "name": "VU#858729",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/858729"
          },
          {
            "name": "SUSE-SU-2013:0478",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00034.html"
          },
          {
            "name": "RHSA-2013:0237",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-0237.html"
          },
          {
            "name": "HPSBUX02857",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=136439120408139\u0026w=2"
          },
          {
            "name": "RHSA-2013:0247",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-0247.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=906904"
          },
          {
            "name": "HPSBMU02874",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=136733161405818\u0026w=2"
          },
          {
            "name": "SSRT101103",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=136439120408139\u0026w=2"
          },
          {
            "name": "openSUSE-SU-2013:0377",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00001.html"
          },
          {
            "name": "RHSA-2013:0246",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-0246.html"
          },
          {
            "name": "RHSA-2013:1456",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
          },
          {
            "name": "HPSBUX02864",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=136570436423916\u0026w=2"
          },
          {
            "name": "RHSA-2013:0245",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-0245.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://icedtea.classpath.org/hg/release/icedtea6-1.11/file/icedtea6-1.11.6/NEWS"
          },
          {
            "name": "SSRT101184",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=136733161405818\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0056"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-02-01T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT.  NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to \"insufficient validation of raster parameters\" in awt_parseImage.c, which triggers memory corruption."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01.000Z",
        "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "shortName": "oracle"
      },
      "references": [
        {
          "name": "oval:org.mitre.oval:def:16045",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16045"
        },
        {
          "name": "GLSA-201406-32",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
        },
        {
          "name": "57691",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/57691"
        },
        {
          "name": "MDVSA-2013:095",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:095"
        },
        {
          "name": "oval:org.mitre.oval:def:18845",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18845"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk/rev/50e268c1fb1f"
        },
        {
          "name": "SSRT101156",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=136570436423916\u0026w=2"
        },
        {
          "name": "TA13-032A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA13-032A.html"
        },
        {
          "name": "RHSA-2013:0236",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-0236.html"
        },
        {
          "name": "oval:org.mitre.oval:def:19351",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19351"
        },
        {
          "name": "oval:org.mitre.oval:def:19504",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19504"
        },
        {
          "name": "RHSA-2013:1455",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
        },
        {
          "name": "VU#858729",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/858729"
        },
        {
          "name": "SUSE-SU-2013:0478",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00034.html"
        },
        {
          "name": "RHSA-2013:0237",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-0237.html"
        },
        {
          "name": "HPSBUX02857",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=136439120408139\u0026w=2"
        },
        {
          "name": "RHSA-2013:0247",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-0247.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=906904"
        },
        {
          "name": "HPSBMU02874",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=136733161405818\u0026w=2"
        },
        {
          "name": "SSRT101103",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=136439120408139\u0026w=2"
        },
        {
          "name": "openSUSE-SU-2013:0377",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00001.html"
        },
        {
          "name": "RHSA-2013:0246",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-0246.html"
        },
        {
          "name": "RHSA-2013:1456",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
        },
        {
          "name": "HPSBUX02864",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=136570436423916\u0026w=2"
        },
        {
          "name": "RHSA-2013:0245",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-0245.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://icedtea.classpath.org/hg/release/icedtea6-1.11/file/icedtea6-1.11.6/NEWS"
        },
        {
          "name": "SSRT101184",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=136733161405818\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0056"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert_us@oracle.com",
          "ID": "CVE-2013-1480",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT.  NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to \"insufficient validation of raster parameters\" in awt_parseImage.c, which triggers memory corruption."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "oval:org.mitre.oval:def:16045",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16045"
            },
            {
              "name": "GLSA-201406-32",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
            },
            {
              "name": "57691",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/57691"
            },
            {
              "name": "MDVSA-2013:095",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:095"
            },
            {
              "name": "oval:org.mitre.oval:def:18845",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18845"
            },
            {
              "name": "http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk/rev/50e268c1fb1f",
              "refsource": "CONFIRM",
              "url": "http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk/rev/50e268c1fb1f"
            },
            {
              "name": "SSRT101156",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=136570436423916\u0026w=2"
            },
            {
              "name": "TA13-032A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA13-032A.html"
            },
            {
              "name": "RHSA-2013:0236",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-0236.html"
            },
            {
              "name": "oval:org.mitre.oval:def:19351",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19351"
            },
            {
              "name": "oval:org.mitre.oval:def:19504",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19504"
            },
            {
              "name": "RHSA-2013:1455",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
            },
            {
              "name": "VU#858729",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/858729"
            },
            {
              "name": "SUSE-SU-2013:0478",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00034.html"
            },
            {
              "name": "RHSA-2013:0237",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-0237.html"
            },
            {
              "name": "HPSBUX02857",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=136439120408139\u0026w=2"
            },
            {
              "name": "RHSA-2013:0247",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-0247.html"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=906904",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=906904"
            },
            {
              "name": "HPSBMU02874",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=136733161405818\u0026w=2"
            },
            {
              "name": "SSRT101103",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=136439120408139\u0026w=2"
            },
            {
              "name": "openSUSE-SU-2013:0377",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00001.html"
            },
            {
              "name": "RHSA-2013:0246",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-0246.html"
            },
            {
              "name": "RHSA-2013:1456",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
            },
            {
              "name": "HPSBUX02864",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=136570436423916\u0026w=2"
            },
            {
              "name": "RHSA-2013:0245",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-0245.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html"
            },
            {
              "name": "http://icedtea.classpath.org/hg/release/icedtea6-1.11/file/icedtea6-1.11.6/NEWS",
              "refsource": "CONFIRM",
              "url": "http://icedtea.classpath.org/hg/release/icedtea6-1.11/file/icedtea6-1.11.6/NEWS"
            },
            {
              "name": "SSRT101184",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=136733161405818\u0026w=2"
            },
            {
              "name": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0056",
              "refsource": "CONFIRM",
              "url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0056"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
    "assignerShortName": "oracle",
    "cveId": "CVE-2013-1480",
    "datePublished": "2013-02-02T00:00:00.000Z",
    "dateReserved": "2013-01-30T00:00:00.000Z",
    "dateUpdated": "2024-08-06T15:04:48.673Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2013-1481 (GCVE-0-2013-1481)

Vulnerability from cvelistv5 – Published: 2013-02-02 00:00 – Updated: 2024-08-06 15:04

Summary

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound.

Severity

No CVSS data available.

CWE

Assigner

oracle

References

15 references

URL	Tags
http://marc.info/?l=bugtraq&m=136570436423916&w=2	vendor-advisoryx_refsource_HP
http://www.us-cert.gov/cas/techalerts/TA13-032A.html	third-party-advisoryx_refsource_CERT
http://rhn.redhat.com/errata/RHSA-2013-0236.html	vendor-advisoryx_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2013-1455.html	vendor-advisoryx_refsource_REDHAT
http://www.kb.cert.org/vuls/id/858729	third-party-advisoryx_refsource_CERT-VN
https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
http://marc.info/?l=bugtraq&m=136733161405818&w=2	vendor-advisoryx_refsource_HP
http://www.securityfocus.com/bid/57718	vdb-entryx_refsource_BID
https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
http://rhn.redhat.com/errata/RHSA-2013-1456.html	vendor-advisoryx_refsource_REDHAT
http://marc.info/?l=bugtraq&m=136570436423916&w=2	vendor-advisoryx_refsource_HP
http://www.oracle.com/technetwork/topics/security…	x_refsource_CONFIRM
http://marc.info/?l=bugtraq&m=136733161405818&w=2	vendor-advisoryx_refsource_HP
https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL

Date Public

2013-02-01 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T15:04:48.838Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "SSRT101156",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=136570436423916\u0026w=2"
          },
          {
            "name": "TA13-032A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA13-032A.html"
          },
          {
            "name": "RHSA-2013:0236",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-0236.html"
          },
          {
            "name": "RHSA-2013:1455",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
          },
          {
            "name": "VU#858729",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/858729"
          },
          {
            "name": "oval:org.mitre.oval:def:19170",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19170"
          },
          {
            "name": "SUSE-SU-2013:0478",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00034.html"
          },
          {
            "name": "HPSBMU02874",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=136733161405818\u0026w=2"
          },
          {
            "name": "57718",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/57718"
          },
          {
            "name": "oval:org.mitre.oval:def:16430",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16430"
          },
          {
            "name": "RHSA-2013:1456",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
          },
          {
            "name": "HPSBUX02864",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=136570436423916\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html"
          },
          {
            "name": "SSRT101184",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=136733161405818\u0026w=2"
          },
          {
            "name": "oval:org.mitre.oval:def:19268",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19268"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-02-01T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01.000Z",
        "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "shortName": "oracle"
      },
      "references": [
        {
          "name": "SSRT101156",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=136570436423916\u0026w=2"
        },
        {
          "name": "TA13-032A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA13-032A.html"
        },
        {
          "name": "RHSA-2013:0236",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-0236.html"
        },
        {
          "name": "RHSA-2013:1455",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
        },
        {
          "name": "VU#858729",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/858729"
        },
        {
          "name": "oval:org.mitre.oval:def:19170",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19170"
        },
        {
          "name": "SUSE-SU-2013:0478",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00034.html"
        },
        {
          "name": "HPSBMU02874",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=136733161405818\u0026w=2"
        },
        {
          "name": "57718",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/57718"
        },
        {
          "name": "oval:org.mitre.oval:def:16430",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16430"
        },
        {
          "name": "RHSA-2013:1456",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
        },
        {
          "name": "HPSBUX02864",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=136570436423916\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html"
        },
        {
          "name": "SSRT101184",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=136733161405818\u0026w=2"
        },
        {
          "name": "oval:org.mitre.oval:def:19268",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19268"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert_us@oracle.com",
          "ID": "CVE-2013-1481",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "SSRT101156",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=136570436423916\u0026w=2"
            },
            {
              "name": "TA13-032A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA13-032A.html"
            },
            {
              "name": "RHSA-2013:0236",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-0236.html"
            },
            {
              "name": "RHSA-2013:1455",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
            },
            {
              "name": "VU#858729",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/858729"
            },
            {
              "name": "oval:org.mitre.oval:def:19170",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19170"
            },
            {
              "name": "SUSE-SU-2013:0478",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00034.html"
            },
            {
              "name": "HPSBMU02874",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=136733161405818\u0026w=2"
            },
            {
              "name": "57718",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/57718"
            },
            {
              "name": "oval:org.mitre.oval:def:16430",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16430"
            },
            {
              "name": "RHSA-2013:1456",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
            },
            {
              "name": "HPSBUX02864",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=136570436423916\u0026w=2"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html"
            },
            {
              "name": "SSRT101184",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=136733161405818\u0026w=2"
            },
            {
              "name": "oval:org.mitre.oval:def:19268",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19268"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
    "assignerShortName": "oracle",
    "cveId": "CVE-2013-1481",
    "datePublished": "2013-02-02T00:00:00.000Z",
    "dateReserved": "2013-01-30T00:00:00.000Z",
    "dateUpdated": "2024-08-06T15:04:48.838Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2013-1486 (GCVE-0-2013-1486)

Vulnerability from cvelistv5 – Published: 2013-02-20 21:00 – Updated: 2024-08-06 15:04

Summary

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier, 6 Update 39 and earlier, and 5.0 Update 39 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.

Severity

No CVSS data available.

CWE

Assigner

oracle

References

19 references

URL	Tags
http://security.gentoo.org/glsa/glsa-201406-32.xml	vendor-advisoryx_refsource_GENTOO
http://www.us-cert.gov/cas/techalerts/TA13-051A.html	third-party-advisoryx_refsource_CERT
http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
http://blog.fuseyism.com/index.php/2013/02/20/sec…	x_refsource_MISC
https://wiki.mageia.org/en/Support/Advisories/MGA…	x_refsource_CONFIRM
http://www.oracle.com/technetwork/topics/security…	x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
http://rhn.redhat.com/errata/RHSA-2013-1455.html	vendor-advisoryx_refsource_REDHAT
http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
http://www.ubuntu.com/usn/USN-1735-1	vendor-advisoryx_refsource_UBUNTU
http://marc.info/?l=bugtraq&m=136439120408139&w=2	vendor-advisoryx_refsource_HP
https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
http://marc.info/?l=bugtraq&m=136733161405818&w=2	vendor-advisoryx_refsource_HP
http://marc.info/?l=bugtraq&m=136439120408139&w=2	vendor-advisoryx_refsource_HP
http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
http://rhn.redhat.com/errata/RHSA-2013-1456.html	vendor-advisoryx_refsource_REDHAT
https://oval.cisecurity.org/repository/search/def…	vdb-entrysignaturex_refsource_OVAL
http://www.securityfocus.com/bid/58029	vdb-entryx_refsource_BID
http://marc.info/?l=bugtraq&m=136733161405818&w=2	vendor-advisoryx_refsource_HP

Date Public

2013-02-19 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T15:04:48.838Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "GLSA-201406-32",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
          },
          {
            "name": "TA13-051A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA13-051A.html"
          },
          {
            "name": "MDVSA-2013:095",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:095"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://blog.fuseyism.com/index.php/2013/02/20/security-icedtea-2-1-6-2-2-6-2-3-7-for-openjdk-7-released/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0084"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/javacpufeb2013update-1905892.html"
          },
          {
            "name": "openSUSE-SU-2013:0378",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00002.html"
          },
          {
            "name": "RHSA-2013:1455",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
          },
          {
            "name": "SUSE-SU-2013:0328",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00020.html"
          },
          {
            "name": "USN-1735-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1735-1"
          },
          {
            "name": "HPSBUX02857",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=136439120408139\u0026w=2"
          },
          {
            "name": "oval:org.mitre.oval:def:19402",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19402"
          },
          {
            "name": "HPSBMU02874",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=136733161405818\u0026w=2"
          },
          {
            "name": "SSRT101103",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=136439120408139\u0026w=2"
          },
          {
            "name": "openSUSE-SU-2013:0375",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00000.html"
          },
          {
            "name": "RHSA-2013:1456",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
          },
          {
            "name": "oval:org.mitre.oval:def:19469",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19469"
          },
          {
            "name": "58029",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/58029"
          },
          {
            "name": "SSRT101184",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=136733161405818\u0026w=2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-02-19T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier, 6 Update 39 and earlier, and 5.0 Update 39 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-09-18T12:57:01.000Z",
        "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "shortName": "oracle"
      },
      "references": [
        {
          "name": "GLSA-201406-32",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
        },
        {
          "name": "TA13-051A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA13-051A.html"
        },
        {
          "name": "MDVSA-2013:095",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:095"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://blog.fuseyism.com/index.php/2013/02/20/security-icedtea-2-1-6-2-2-6-2-3-7-for-openjdk-7-released/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0084"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/javacpufeb2013update-1905892.html"
        },
        {
          "name": "openSUSE-SU-2013:0378",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00002.html"
        },
        {
          "name": "RHSA-2013:1455",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
        },
        {
          "name": "SUSE-SU-2013:0328",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00020.html"
        },
        {
          "name": "USN-1735-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1735-1"
        },
        {
          "name": "HPSBUX02857",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=136439120408139\u0026w=2"
        },
        {
          "name": "oval:org.mitre.oval:def:19402",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19402"
        },
        {
          "name": "HPSBMU02874",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=136733161405818\u0026w=2"
        },
        {
          "name": "SSRT101103",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=136439120408139\u0026w=2"
        },
        {
          "name": "openSUSE-SU-2013:0375",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00000.html"
        },
        {
          "name": "RHSA-2013:1456",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
        },
        {
          "name": "oval:org.mitre.oval:def:19469",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19469"
        },
        {
          "name": "58029",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/58029"
        },
        {
          "name": "SSRT101184",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=136733161405818\u0026w=2"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert_us@oracle.com",
          "ID": "CVE-2013-1486",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 13 and earlier, 6 Update 39 and earlier, and 5.0 Update 39 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "GLSA-201406-32",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
            },
            {
              "name": "TA13-051A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA13-051A.html"
            },
            {
              "name": "MDVSA-2013:095",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:095"
            },
            {
              "name": "http://blog.fuseyism.com/index.php/2013/02/20/security-icedtea-2-1-6-2-2-6-2-3-7-for-openjdk-7-released/",
              "refsource": "MISC",
              "url": "http://blog.fuseyism.com/index.php/2013/02/20/security-icedtea-2-1-6-2-2-6-2-3-7-for-openjdk-7-released/"
            },
            {
              "name": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0084",
              "refsource": "CONFIRM",
              "url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0084"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/javacpufeb2013update-1905892.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/javacpufeb2013update-1905892.html"
            },
            {
              "name": "openSUSE-SU-2013:0378",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00002.html"
            },
            {
              "name": "RHSA-2013:1455",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
            },
            {
              "name": "SUSE-SU-2013:0328",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00020.html"
            },
            {
              "name": "USN-1735-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1735-1"
            },
            {
              "name": "HPSBUX02857",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=136439120408139\u0026w=2"
            },
            {
              "name": "oval:org.mitre.oval:def:19402",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19402"
            },
            {
              "name": "HPSBMU02874",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=136733161405818\u0026w=2"
            },
            {
              "name": "SSRT101103",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=136439120408139\u0026w=2"
            },
            {
              "name": "openSUSE-SU-2013:0375",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00000.html"
            },
            {
              "name": "RHSA-2013:1456",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
            },
            {
              "name": "oval:org.mitre.oval:def:19469",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19469"
            },
            {
              "name": "58029",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/58029"
            },
            {
              "name": "SSRT101184",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=136733161405818\u0026w=2"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
    "assignerShortName": "oracle",
    "cveId": "CVE-2013-1486",
    "datePublished": "2013-02-20T21:00:00.000Z",
    "dateReserved": "2013-01-30T00:00:00.000Z",
    "dateUpdated": "2024-08-06T15:04:48.838Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CERTA-2013-AVI-151

Solution

CVE-2013-1476 (GCVE-0-2013-1476)

CVE-2013-1478 (GCVE-0-2013-1478)

CVE-2013-1480 (GCVE-0-2013-1480)

CVE-2013-1481 (GCVE-0-2013-1481)

CVE-2013-1486 (GCVE-0-2013-1486)

Tags

Sightings

Nomenclature