CVE-2013-2443Oracle JDK vulnerability

9 documents6 sources
Severity
5.0MEDIUMNVD
EPSS
3.9%
top 11.78%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Oracle JDKOracle JRESUN JDK+1 more
Timeline
PublishedJun 18
Latest updateMay 14

Description

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Libraries, a different vulnerability than CVE-2013-2452 and CVE-2013-2455. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is due to an incorrect "che

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages4 packages

NVDoracle/jdk1.7.0+5
NVDoracle/jre1.7.0+5
NVDsun/jdk1.5.0, 1.6.0+1
NVDsun/jre1.5.0, 1.6.0+1

🔴Vulnerability Details

2
GHSA
GHSA-x452-rm6w-q6xw: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 52022-05-14
CVEList
CVE-2013-2443: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 52013-06-18

📋Vendor Advisories

5
Ubuntu
OpenJDK 6 vulnerabilities2013-07-23
Ubuntu
OpenJDK 7 vulnerabilities2013-07-16
Red Hat
OpenJDK: AccessControlContext check order issue (Libraries, 8001330)2013-06-18
Red Hat
OpenJDK: Unique VMIDs (Libraries, 8001033)2013-06-18
Red Hat
OpenJDK: getEnclosing* checks (Libraries, 8007812)2013-06-18

💬Community

1
Bugzilla
CVE-2013-2443 OpenJDK: AccessControlContext check order issue (Libraries, 8001330)2013-06-17
CVE-2013-2443 — Oracle JDK vulnerability | cvebase