Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2013-2416 — Oracle JDK vulnerability

6 documents6 sources

Severity

4.3MEDIUMNVD

EPSS

37.6%

top 2.79%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Oracle JDK Oracle JRE

Timeline

PublishedApr 17

Latest updateMay 17

Description

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages2 packages

▶NVDoracle/jdk1.7.0+1

▶NVDoracle/jre1.7.0+1

🔴Vulnerability Details

GHSA

GHSA-jqx5-64jc-mg47: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier allows remote attackers to affect↗2022-05-17

▶

VulnCheck

Oracle Java SE 7 Update 17 and earlier Java Runtime Environment (JRE) Vulnerability↗2013

▶

💥Exploits & PoCs

Exploit-DB

Java Web Start Launcher ActiveX Control - Memory Corruption↗2013-04-18

▶

📋Vendor Advisories

Red Hat

JDK: unspecified vulnerability fixed in 7u21 (Deployment)↗2013-04-16

▶

💬Community

Bugzilla

CVE-2013-2416 Oracle JDK: unspecified vulnerability fixed in 7u21 (Deployment)↗2013-04-17

▶