CVE-2013-2449
Published Jun 18, 2013
Last updated 7 years ago
Overview
- Description
- Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Libraries. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to GnomeFileTypeDetector and a missing check for read permissions for a path.
- Source
- secalert_us@oracle.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.3
- Impact score
- 2.9
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- NVD-CWE-noinfo
Evaluator
- Comment
- Per: http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html 'Applies to client deployment of Java only. This vulnerability can be exploited only through sandboxed Java Web Start applications and sandboxed Java applets.'
- Impact
- -
- Solution
- -
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jre:*:update21:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "42F9C9BD-C6F4-4E9B-B5BE-A776259B5A3F",
"versionEndIncluding": "1.7.0"
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5C27372B-A091-46D5-AE39-A44BBB1D9EE2"
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F4B153FD-E20B-4909-8B10-884E48F5B590"
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update10:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F21933FB-A27C-4AF3-9811-2DE28484A5A6"
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update11:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B2B20041-EB5D-4FA4-AC7D-C35E7878BCFD"
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update13:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F3C3C9C7-73AE-4B1D-AA85-C7F5330A4DE6"
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update15:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1D8BB8D7-D5EC-42D6-BEAA-CB03D1D6513E"
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update17:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "37B5B98B-0E41-4397-8AB0-C18C6F10AED1"
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CB106FA9-26CE-48C5-AEA5-FD1A5454AEE2"
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5831D70B-3854-4CB8-B88D-40F1743DAEE0"
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EEB101C9-CA38-4421-BC0C-C1AD47AA2CC9"
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BA302DF3-ABBB-4262-B206-4C0F7B5B1E91"
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F9A8EBCB-5E6A-42F0-8D07-F3A3D1C850F0"
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update7:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0CD8A54E-185B-4D34-82EF-C0C05739EC12"
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update9:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4FFC7F0D-1F32-4235-8359-277CE41382DF"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:*:update21:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E84798AA-D2D0-49C7-BB4D-A331E5FDCF49",
"versionEndIncluding": "1.7.0"
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E44FC8AF-F76F-4A8E-8D03-4F8BCA8CB031"
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6152036D-6421-4AE4-9223-766FE07B5A44"
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update10:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FE8B0935-6637-413D-B896-28E0ED7F2CEC"
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update11:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "30B480BC-0886-4B19-B0A5-57B531077F40"
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update13:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7FA1990D-BBC2-429C-872C-6150459516B1"
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update15:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8DC2887E-610B-42FE-9A96-1E2F01BF17A3"
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update17:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "130849CD-A581-4FE6-B2AA-99134F16FE65"
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D375CECB-405C-4E18-A7E8-9C5A2F97BD69"
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "52EEEA5A-E77C-43CF-A063-9D5C64EA1870"
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "003746F6-DEF0-4D0F-AD97-9E335868E301"
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update5:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CF830E0E-0169-4B6A-81FF-2E9FCD7D913B"
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update6:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6BAE3670-0938-480A-8472-DFF0B3A0D0BF"
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update7:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0EC967FF-26A6-4498-BC09-EC23B2B75CBA"
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update9:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "02781457-4E40-46A9-A5F7-945232A8C2B1"
}
],
"operator": "OR"
}
]
}
]