V
Scaner-VS
ENRU
HomeCatalogSourcesCWECAPECATT&CKMitigationsProductsVendorsDocs
Back to catalog
CVE-2013-2471
ANC
Medium

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlie…

CVSS
6.8
Medium
EPSS
0.15
p96
Published
2013-01-01
Updated
2013-01-01
Description

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect IntegerComponentRaster size checks."

Affected products
Java-1.5.0-ibmJava-1.5.0-ibmJava-1.6.0-ibmJava-1.6.0-ibmJava-1.6.0-ibmJava-1.6.0-ibmJava-1.6.0-openjdkJava-1.6.0-openjdkJava-1.6.0-sunJava-1.6.0-sunJava-1.7.0-ibmJava-1.7.0-ibmJava-1.7.0-openjdkJava-1.7.0-openjdkJava-1.7.0-oracleJava-1.7.0-oracleOpenjdk-6Openjdk-7
CVSS vector
AV:N/AC:M/Au:N/C:P/I:P/A:P
Timeline
2013-01-01
Published
2013-01-01
Updated
CVSS 3.1 breakdown
Attack Vector
AV: N
Network (N)
Attack Complexity
AC: M
Medium
Authentication
Au: N
None (N)
Confidentiality Impact
C: P
Partial
Integrity Impact
I: P
Partial
Availability Impact
A: P
Partial
Exploit indicators
EPSS
0.146 · p96
Known exploited (KEV)
No
Known exploits — Сканер-ВС
No Сканер-ВС checks registered for this vulnerability yet.
Affected products
Debian
Openjdk-6Openjdk-7
Red Hat
Java-1.6.0-sunJava-1.6.0-ibmJava-1.7.0-oracleJava-1.7.0-ibmJava-1.7.0-openjdkJava-1.5.0-ibmJava-1.6.0-openjdk
Oracle
JreJdkJava SeOpenjdk
Sun
JreJdkJava SeJavaOpenjdk
ProductVendorStatus
Tracked
Tracked
java-1.5.0-ibmTracked
java-1.5.0-ibmTracked
java-1.6.0-ibmTracked
java-1.6.0-ibmTracked
java-1.6.0-ibmTracked
java-1.6.0-ibmTracked
java-1.6.0-openjdkTracked
java-1.6.0-openjdkTracked
java-1.6.0-sunTracked
java-1.6.0-sunTracked
java-1.7.0-ibmTracked
java-1.7.0-ibmTracked
java-1.7.0-openjdkTracked
java-1.7.0-openjdkTracked
java-1.7.0-oracleTracked
java-1.7.0-oracleTracked
openjdk-6Tracked
openjdk-7Tracked
Showing first 20 of 26
Source databases
ANC
DEB
CVE
RED