CVE-2013-2461
Scores
EPSS
0.000none0.0%
0%20%40%60%80%100%
Percentile: 0.0%
CVSS
7.5high2.0
0246810
CVSS Score: 7.5/10
All CVSS Scores
CVSS 2.0
7.5Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Vector Breakdown
CVSS (Common Vulnerability Scoring System) vector provides detailed metrics about vulnerability characteristics
CVSS
Attack Vector
Network (N)
Describes how the vulnerability is exploited
AV:N
Attack Complexity
Low (L)
Describes the conditions beyond the attacker's control
AC:L
Authentication
None (N)
Describes the level of privileges an attacker must possess
Au:N
Confidentiality Impact
Partial
Measures the impact to the confidentiality of information
C:P
Integrity Impact
Partial
Measures the impact to integrity of a successfully exploited vulnerability
I:P
Availability Impact
Partial
Measures the impact to the availability of the impacted component
A:P
Description
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier; the Oracle JRockit component in Oracle Fusion Middleware R27.7.5 and earlier and R28.2.7 and earlier; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the June and July 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass verification of XML signatures via vectors related to a “Missing check for [a] valid DOMCanonicalizationMethod canonicalization algorithm.”
Scaner-VS 7 — a modern vulnerability management solution
Uses this database for vulnerability detection. High-speed search, cross-platform, advanced configuration audit, and flexible filtering. Suitable for organizations of any size.
Learn more about Scaner-VS 7Sources
debiannvd
Vulnerable Software (7)
Type: Configuration
Product: openjdk-6
Operating System: debian
Trait:
{ "fixed": "6b27-1.12.6-1"}
Source: debian
Type: Configuration
Product: openjdk-7
Operating System: debian
Trait:
{ "fixed": "7u25-2.3.10-1"}
Source: debian
Type: Configuration
Vendor: oracle
Product: jdk
Operating System: * * *
Trait:
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:a:oracle:jdk:1.6.0:update22:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:oracle:jdk:1.6.0:update23:*:*:*:*:*:*",...
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:a:oracle:jdk:1.6.0:update22:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:oracle:jdk:1.6.0:update23:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:oracle:jdk:1.6.0:update24:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:oracle:jdk:1.6.0:update25:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:oracle:jdk:1.6.0:update26:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:oracle:jdk:1.6.0:update27:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:oracle:jdk:1.6.0:update29:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:oracle:jdk:1.6.0:update30:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:oracle:jdk:1.6.0:update31:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:oracle:jdk:1.6.0:update32:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:oracle:jdk:1.6.0:update33:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:oracle:jdk:1.6.0:update34:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:oracle:jdk:1.6.0:update35:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:oracle:jdk:1.6.0:update37:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:oracle:jdk:1.6.0:update38:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:oracle:jdk:1.6.0:update39:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:oracle:jdk:1.6.0:update41:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:oracle:jdk:1.6.0:update43:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:sun:jdk:1.6.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:sun:jdk:1.6.0:update_10:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:sun:jdk:1.6.0:update_11:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:sun:jdk:1.6.0:update_12:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:sun:jdk:1.6.0:update_13:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:sun:jdk:1.6.0:update_14:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:sun:jdk:1.6.0:update_15:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:sun:jdk:1.6.0:update_16:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:sun:jdk:1.6.0:update_17:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:sun:jdk:1.6.0:update_18:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:sun:jdk:1.6.0:update_19:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:sun:jdk:1.6.0:update_20:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:sun:jdk:1.6.0:update_21:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:sun:jdk:1.6.0:update_3:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:sun:jdk:1.6.0:update_4:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:sun:jdk:1.6.0:update_5:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:sun:jdk:1.6.0:update_6:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:sun:jdk:1.6.0:update_7:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:sun:jdk:1.6.0:update1:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:sun:jdk:1.6.0:update1_b06:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:sun:jdk:1.6.0:update2:*:*:*:*:*:*", "vulnerable": true } ], "operator": "OR"}
Source: nvd
Type: Configuration
Vendor: oracle
Product: jre
Operating System: * * *
Trait:
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:a:oracle:jre:1.7.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*", "...
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:a:oracle:jre:1.7.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:oracle:jre:1.7.0:update10:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:oracle:jre:1.7.0:update11:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:oracle:jre:1.7.0:update13:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:oracle:jre:1.7.0:update15:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:oracle:jre:1.7.0:update17:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:oracle:jre:1.7.0:update7:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:oracle:jre:1.7.0:update9:*:*:*:*:*:*", "vulnerable": true } ], "operator": "OR"}
Source: nvd
Type: Configuration
Vendor: oracle
Product: jrockit
Operating System: * * *
Trait:
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:a:oracle:jrockit:*:*:*:*:*:*:*:*", "versionEndIncluding": "r27.7.5", "versionStartIncluding": "r27.7.1", "vulnerable": true },...
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:a:oracle:jrockit:*:*:*:*:*:*:*:*", "versionEndIncluding": "r27.7.5", "versionStartIncluding": "r27.7.1", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:oracle:jrockit:*:*:*:*:*:*:*:*", "versionEndIncluding": "r28.2.7", "versionStartIncluding": "r28.0.0", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:oracle:openjdk:1.7.0:*:*:*:*:*:*:*", "vulnerable": true } ], "operator": "OR"}
Source: nvd
Type: Configuration
Vendor: oracle
Product: openjdk
Operating System: * * *
Trait:
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:a:oracle:jrockit:*:*:*:*:*:*:*:*", "versionEndIncluding": "r27.7.5", "versionStartIncluding": "r27.7.1", "vulnerable": true },...
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:a:oracle:jrockit:*:*:*:*:*:*:*:*", "versionEndIncluding": "r27.7.5", "versionStartIncluding": "r27.7.1", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:oracle:jrockit:*:*:*:*:*:*:*:*", "versionEndIncluding": "r28.2.7", "versionStartIncluding": "r28.0.0", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:oracle:openjdk:1.7.0:*:*:*:*:*:*:*", "vulnerable": true } ], "operator": "OR"}
Source: nvd
Type: Configuration
Vendor: sun
Product: jdk
Operating System: * * *
Trait:
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:a:oracle:jdk:1.6.0:update22:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:oracle:jdk:1.6.0:update23:*:*:*:*:*:*",...
{ "cpe_match": [ { "cpe23uri": "cpe:2.3:a:oracle:jdk:1.6.0:update22:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:oracle:jdk:1.6.0:update23:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:oracle:jdk:1.6.0:update24:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:oracle:jdk:1.6.0:update25:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:oracle:jdk:1.6.0:update26:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:oracle:jdk:1.6.0:update27:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:oracle:jdk:1.6.0:update29:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:oracle:jdk:1.6.0:update30:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:oracle:jdk:1.6.0:update31:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:oracle:jdk:1.6.0:update32:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:oracle:jdk:1.6.0:update33:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:oracle:jdk:1.6.0:update34:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:oracle:jdk:1.6.0:update35:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:oracle:jdk:1.6.0:update37:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:oracle:jdk:1.6.0:update38:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:oracle:jdk:1.6.0:update39:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:oracle:jdk:1.6.0:update41:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:oracle:jdk:1.6.0:update43:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:sun:jdk:1.6.0:*:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:sun:jdk:1.6.0:update_10:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:sun:jdk:1.6.0:update_11:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:sun:jdk:1.6.0:update_12:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:sun:jdk:1.6.0:update_13:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:sun:jdk:1.6.0:update_14:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:sun:jdk:1.6.0:update_15:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:sun:jdk:1.6.0:update_16:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:sun:jdk:1.6.0:update_17:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:sun:jdk:1.6.0:update_18:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:sun:jdk:1.6.0:update_19:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:sun:jdk:1.6.0:update_20:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:sun:jdk:1.6.0:update_21:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:sun:jdk:1.6.0:update_3:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:sun:jdk:1.6.0:update_4:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:sun:jdk:1.6.0:update_5:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:sun:jdk:1.6.0:update_6:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:sun:jdk:1.6.0:update_7:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:sun:jdk:1.6.0:update1:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:sun:jdk:1.6.0:update1_b06:*:*:*:*:*:*", "vulnerable": true }, { "cpe23uri": "cpe:2.3:a:sun:jdk:1.6.0:update2:*:*:*:*:*:*", "vulnerable": true } ], "operator": "OR"}
Source: nvd