CVE-2013-5804

Published Oct 16, 2013

Last updated 3 years ago

Overview

Description
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, and JRockit R27.7.6 and earlier allows remote attackers to affect confidentiality and integrity via unknown vectors related to Javadoc.
Source
secalert_us@oracle.com
NVD status
Modified

Social media

Hype score
Not currently trending

Risk scores

CVSS 2.0

Type
Primary
Base score
6.4
Impact score
4.9
Exploitability score
10
Vector string
AV:N/AC:L/Au:N/C:P/I:P/A:N

Weaknesses

nvd@nist.gov
NVD-CWE-noinfo

Evaluator

Comment
Per http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html 'Applies to sites that run the Javadoc tool as a service and then host the resulting documentation. It is recommended that sites filter HTML where it is not explicitly allowed for javadocs.'
Impact
-
Solution
-

Configurations