1. CVE-Search
  2. CVE-2013-2416
ID CVE-2013-2416
Summary Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment.
References
Vulnerable Configurations
  • cpe:2.3:a:oracle:jre:1.7.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.7.0:update10:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.7.0:update10:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.7.0:update11:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.7.0:update11:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.7.0:update13:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.7.0:update13:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.7.0:update15:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.7.0:update15:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.7.0:update17:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.7.0:update17:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.7.0:update7:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.7.0:update7:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.7.0:update9:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.7.0:update9:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.7.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.7.0:update10:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.7.0:update10:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.7.0:update11:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.7.0:update11:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.7.0:update13:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.7.0:update13:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.7.0:update15:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.7.0:update15:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.7.0:update17:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.7.0:update17:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.7.0:update5:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.7.0:update5:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.7.0:update6:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.7.0:update6:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.7.0:update7:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.7.0:update7:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.7.0:update9:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.7.0:update9:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 19-09-2017 - 01:36)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:P/A:N
oval via4
accepted 2013-06-03T04:02:58.086-04:00
class vulnerability
contributors
name Sergey Artykhov
organization ALTX-SOFT
definition_extensions
comment Java SE Runtime Environment 7 is installed
oval oval:org.mitre.oval:def:16050
description Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment.
family windows
id oval:org.mitre.oval:def:16464
status accepted
submitted 2013-04-17T10:26:26.748+04:00
title Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before. Difficult to exploit vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some Java Runtime Environment accessible data.
version 5
redhat via4
advisories
rhsa
id RHSA-2013:0757
rpms
  • java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el5
  • java-1.7.0-oracle-1:1.7.0.21-1jpp.1.el6
  • java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el5
  • java-1.7.0-oracle-devel-1:1.7.0.21-1jpp.1.el6
  • java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el5
  • java-1.7.0-oracle-javafx-1:1.7.0.21-1jpp.1.el6
  • java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el5
  • java-1.7.0-oracle-jdbc-1:1.7.0.21-1jpp.1.el6
  • java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el5
  • java-1.7.0-oracle-plugin-1:1.7.0.21-1jpp.1.el6
  • java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el5
  • java-1.7.0-oracle-src-1:1.7.0.21-1jpp.1.el6
  • java-1.7.0-ibm-1:1.7.0.4.2-1jpp.1.el5_9
  • java-1.7.0-ibm-1:1.7.0.4.2-1jpp.1.el6_4
  • java-1.7.0-ibm-demo-1:1.7.0.4.2-1jpp.1.el5_9
  • java-1.7.0-ibm-demo-1:1.7.0.4.2-1jpp.1.el6_4
  • java-1.7.0-ibm-devel-1:1.7.0.4.2-1jpp.1.el5_9
  • java-1.7.0-ibm-devel-1:1.7.0.4.2-1jpp.1.el6_4
  • java-1.7.0-ibm-jdbc-1:1.7.0.4.2-1jpp.1.el5_9
  • java-1.7.0-ibm-jdbc-1:1.7.0.4.2-1jpp.1.el6_4
  • java-1.7.0-ibm-plugin-1:1.7.0.4.2-1jpp.1.el5_9
  • java-1.7.0-ibm-plugin-1:1.7.0.4.2-1jpp.1.el6_4
  • java-1.7.0-ibm-src-1:1.7.0.4.2-1jpp.1.el5_9
  • java-1.7.0-ibm-src-1:1.7.0.4.2-1jpp.1.el6_4
refmap via4
cert TA13-107A
confirm http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html
Last major update 19-09-2017 - 01:36
Published 17-04-2013 - 18:55
Last modified 19-09-2017 - 01:36
Back to Top