CVE-2013-2465

Scores

EPSS

0.932high93.2%

0%20%40%60%80%100%

Percentile: 93.2%

CVSS

9.8critical3.x

0246810

CVSS Score: 9.8/10

All CVSS Scores

CVSS 3.x

9.8

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS 2.0

6.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Description

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to “Incorrect image channel verification” in 2D.

Scaner-VS 7 — a modern vulnerability management solution

Uses this database for vulnerability detection. High-speed search, cross-platform, advanced configuration audit, and flexible filtering. Suitable for organizations of any size.

Learn more about Scaner-VS 7

Sources

debiannvdredhat

CWEs

CWE-693

Exploits

Exploit ID: CVE-2013-2465

Source: cisa

URL: https://www.cisa.gov/known-exploited-vulnerabilities-catalog

Exploit ID: 27705

Source: exploitdb

URL: https://www.exploit-db.com/exploits/27705

Recommendations

Source: nvd

Before applying this update, make sure all previously released erratarelevant to your system have been applied.
This update is available via the Red Hat Network. Details on how touse the Red Hat Network to apply this update are available athttps://access.redhat.com/site/articles/11258

URL: http://rhn.redhat.com/errata/RHSA-2013-1081.html

Source: nvd

Before applying this update, make sure all previously-released erratarelevant to your system have been applied.
This update is available via the Red Hat Network. Details on how touse the Red Hat Network to apply this update are available athttps://access.redhat.com/knowledge/articles/11258

URL: http://rhn.redhat.com/errata/RHSA-2013-1060.html

Source: nvd

URL: http://rhn.redhat.com/errata/RHSA-2013-1059.html

Source: nvd

URL: http://rhn.redhat.com/errata/RHSA-2013-0963.html

Vulnerable Software (25)

Type: Configuration

Product: java-1.5.0-ibm

Operating System: rhel

Trait:

{  "fixed": "1.5.0.16.3-1jpp.1.el5_9"}

Source: redhat

Type: Configuration

Product: java-1.5.0-ibm

Operating System: rhel

Trait:

{  "fixed": "1.5.0.16.3-1jpp.1.el6_4"}

Source: redhat

Type: Configuration

Product: java-1.6.0-ibm

Operating System: rhel

Trait:

{  "fixed": "1.6.0.14.0-1jpp.1.el5_9"}

Source: redhat

Type: Configuration

Product: java-1.6.0-ibm

Operating System: rhel

Trait:

{  "fixed": "1.6.0.14.0-1jpp.1.el5_9"}

Source: redhat

Type: Configuration

Product: java-1.6.0-ibm

Operating System: rhel

Trait:

{  "fixed": "1.6.0.14.0-1jpp.1.el5_9"}

Source: redhat

Type: Configuration

Product: java-1.6.0-ibm

Operating System: rhel

Trait:

{  "fixed": "1.6.0.14.0-1jpp.1.el6_4"}

Source: redhat

Type: Configuration

Product: java-1.6.0-openjdk

Operating System: rhel 5

Trait:

{  "fixed": "1.6.0.0-1.41.1.11.11.90.el5_9"}

Source: redhat

Type: Configuration

Product: java-1.6.0-openjdk

Operating System: rhel 6

Trait:

{  "fixed": "1.6.0.0-1.62.1.11.11.90.el6_4"}

Source: redhat

Type: Configuration

Product: java-1.6.0-sun

Operating System: rhel

Trait:

{  "fixed": "1.6.0.75-1jpp.3.el5_10"}

Source: redhat

Type: Configuration

Product: java-1.6.0-sun

Operating System: rhel

Trait:

{  "fixed": "1.6.0.75-1jpp.1.el6_5"}

Source: redhat

Type: Configuration

Product: java-1.7.0-ibm

Operating System: rhel

Trait:

{  "fixed": "1.7.0.5.0-1jpp.2.el5_9"}

Source: redhat

Type: Configuration

Product: java-1.7.0-ibm

Operating System: rhel

Trait:

{  "fixed": "1.7.0.5.0-1jpp.2.el6_4"}

Source: redhat

Type: Configuration

Product: java-1.7.0-openjdk

Operating System: rhel 5

Trait:

{  "fixed": "1.7.0.25-2.3.10.4.el5_9"}

Source: redhat

Type: Configuration

Product: java-1.7.0-openjdk

Operating System: rhel 6

Trait:

{  "fixed": "1.7.0.25-2.3.10.3.el6_4"}

Source: redhat

Type: Configuration

Product: java-1.7.0-oracle

Operating System: rhel

Trait:

{  "fixed": "1.7.0.25-1jpp.1.el5_9"}

Source: redhat

Type: Configuration

Product: java-1.7.0-oracle

Operating System: rhel

Trait:

{  "fixed": "1.7.0.25-1jpp.1.el6_4"}

Source: redhat

Type: Configuration

Product: openjdk-6

Operating System: debian

Trait:

{  "fixed": "6b27-1.12.6-1"}

Source: debian

Type: Configuration

Product: openjdk-7

Operating System: debian

Trait:

{  "fixed": "7u25-2.3.10-1"}

Source: debian

Type: Configuration

Vendor: *

Product: jre

Operating System: * * *

Trait:

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:a:oracle:jre:1.7.0:-:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*",      "...

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:a:oracle:jre:1.7.0:-:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:jre:1.7.0:update10:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:jre:1.7.0:update11:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:jre:1.7.0:update13:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:jre:1.7.0:update15:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:jre:1.7.0:update17:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:jre:1.7.0:update21:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:jre:1.7.0:update7:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:jre:1.7.0:update9:*:*:*:*:*:*",      "vulnerable": true    }  ],  "operator": "OR"}

Source: nvd

Type: Configuration

Vendor: *

Product: jre

Operating System: * * *

Trait:

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:a:oracle:jre:1.5.0:-:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:jre:1.5.0:update36:*:*:*:*:*:*",      ...

{  "cpe_match": [    {      "cpe23uri": "cpe:2.3:a:oracle:jre:1.5.0:-:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:jre:1.5.0:update36:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:jre:1.5.0:update38:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:jre:1.5.0:update39:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:jre:1.5.0:update40:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:jre:1.5.0:update41:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:oracle:jre:1.5.0:update45:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:sun:jre:1.5.0:update1:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:sun:jre:1.5.0:update10:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:sun:jre:1.5.0:update11:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:sun:jre:1.5.0:update12:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:sun:jre:1.5.0:update13:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:sun:jre:1.5.0:update14:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:sun:jre:1.5.0:update15:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:sun:jre:1.5.0:update16:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:sun:jre:1.5.0:update17:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:sun:jre:1.5.0:update18:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:sun:jre:1.5.0:update19:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:sun:jre:1.5.0:update2:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:sun:jre:1.5.0:update20:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:sun:jre:1.5.0:update21:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:sun:jre:1.5.0:update22:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:sun:jre:1.5.0:update23:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:sun:jre:1.5.0:update24:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:sun:jre:1.5.0:update25:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:sun:jre:1.5.0:update26:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:sun:jre:1.5.0:update27:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:sun:jre:1.5.0:update28:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:sun:jre:1.5.0:update29:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:sun:jre:1.5.0:update3:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:sun:jre:1.5.0:update31:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:sun:jre:1.5.0:update33:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:sun:jre:1.5.0:update4:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:sun:jre:1.5.0:update5:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:sun:jre:1.5.0:update6:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:sun:jre:1.5.0:update7:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:sun:jre:1.5.0:update8:*:*:*:*:*:*",      "vulnerable": true    },    {      "cpe23uri": "cpe:2.3:a:sun:jre:1.5.0:update9:*:*:*:*:*:*",      "vulnerable": true    }  ],  "operator": "OR"}

Source: nvd

Russian Vulnerability Scanner Database

CVE-2013-2465

Scores

EPSS

CVSS

All CVSS Scores

Vector Breakdown

CVSS

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact

Vector Breakdown

CVSS

Attack Vector

Attack Complexity

Authentication

Confidentiality Impact

Integrity Impact

Availability Impact

Description

Scaner-VS 7 — a modern vulnerability management solution

Sources

CWEs

Exploits

Recommendations

Vulnerable Software (25)