Sign-up

ID

VAR-201306-0238


CVE

CVE-2013-2461


TITLE

Oracle Java SE of Java Runtime Environment In Libraries Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2013-003058

DESCRIPTION

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier; the Oracle JRockit component in Oracle Fusion Middleware R27.7.5 and earlier and R28.2.7 and earlier; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the June and July 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass verification of XML signatures via vectors related to a "Missing check for [a] valid DOMCanonicalizationMethod canonicalization algorithm.". (DoS) An attack may be carried out. The vulnerability can be exploited over multiple protocols. This issue affects the 'Libraries' sub-component. This vulnerability affects the following supported versions: 7 Update 21 , 6 Update 45. This updates IcedTea6 to version 1.11.12, which fixes these issues, as well as several other bugs. Additionally, this OpenJDK update causes icedtea-web, the Java browser plugin, to crash, so icedtea-web has been patched to fix this. The verification of md5 checksums and GPG signatures is performed automatically for you. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/en/support/security/advisories/ If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iD8DBQFR47+cmqjQ0CJFipgRAmnTAJ4lalit4V4VWsSE6KHeem9qtHb+9gCgmJ/U GUelRnMi6Rq7d9NhnTCwrlg= =rErU -----END PGP SIGNATURE----- . For the stable distribution (wheezy), these problems have been fixed in version 7u25-2.3.10-1~deb7u1. In addition icedtea-web needed to be updated to 1.4-3~deb7u1. For the unstable distribution (sid), these problems have been fixed in version 7u25-2.3.10-1. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201401-30 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: Oracle JRE/JDK: Multiple vulnerabilities Date: January 27, 2014 Bugs: #404071, #421073, #433094, #438706, #451206, #455174, #458444, #460360, #466212, #473830, #473980, #488210, #498148 ID: 201401-30 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in the Oracle JRE/JDK, allowing attackers to cause unspecified impact. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-java/sun-jdk <= 1.6.0.45 Vulnerable! 2 dev-java/oracle-jdk-bin < 1.7.0.51 >= 1.7.0.51 * 3 dev-java/sun-jre-bin <= 1.6.0.45 Vulnerable! 4 dev-java/oracle-jre-bin < 1.7.0.51 >= 1.7.0.51 * 5 app-emulation/emul-linux-x86-java < 1.7.0.51 >= 1.7.0.51 * ------------------------------------------------------------------- NOTE: Certain packages are still vulnerable. Users should migrate to another package if one is available or wait for the existing packages to be marked stable by their architecture maintainers. ------------------------------------------------------------------- NOTE: Packages marked with asterisks require manual intervention! ------------------------------------------------------------------- 5 affected packages Description =========== Multiple vulnerabilities have been reported in the Oracle Java implementation. Please review the CVE identifiers referenced below for details. Workaround ========== There is no known workaround at this time. Resolution ========== All Oracle JDK 1.7 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=dev-java/oracle-jdk-bin-1.7.0.51" All Oracle JRE 1.7 users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot -v ">=dev-java/oracle-jre-bin-1.7.0.51" All users of the precompiled 32-bit Oracle JRE should upgrade to the latest version: # emerge --sync # emerge -a -1 -v ">=app-emulation/emul-linux-x86-java-1.7.0.51" All Sun Microsystems JDK/JRE 1.6 users are suggested to upgrade to one of the newer Oracle packages like dev-java/oracle-jdk-bin or dev-java/oracle-jre-bin or choose another alternative we provide; eg. the IBM JDK/JRE or the open source IcedTea. References ========== [ 1 ] CVE-2011-3563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3563 [ 2 ] CVE-2011-5035 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-5035 [ 3 ] CVE-2012-0497 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0497 [ 4 ] CVE-2012-0498 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0498 [ 5 ] CVE-2012-0499 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0499 [ 6 ] CVE-2012-0500 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0500 [ 7 ] CVE-2012-0501 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0501 [ 8 ] CVE-2012-0502 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0502 [ 9 ] CVE-2012-0503 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0503 [ 10 ] CVE-2012-0504 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0504 [ 11 ] CVE-2012-0505 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0505 [ 12 ] CVE-2012-0506 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0506 [ 13 ] CVE-2012-0507 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0507 [ 14 ] CVE-2012-0547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0547 [ 15 ] CVE-2012-1531 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1531 [ 16 ] CVE-2012-1532 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1532 [ 17 ] CVE-2012-1533 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1533 [ 18 ] CVE-2012-1541 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1541 [ 19 ] CVE-2012-1682 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1682 [ 20 ] CVE-2012-1711 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1711 [ 21 ] CVE-2012-1713 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1713 [ 22 ] CVE-2012-1716 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1716 [ 23 ] CVE-2012-1717 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1717 [ 24 ] CVE-2012-1718 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1718 [ 25 ] CVE-2012-1719 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1719 [ 26 ] CVE-2012-1721 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1721 [ 27 ] CVE-2012-1722 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1722 [ 28 ] CVE-2012-1723 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1723 [ 29 ] CVE-2012-1724 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1724 [ 30 ] CVE-2012-1725 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1725 [ 31 ] CVE-2012-1726 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1726 [ 32 ] CVE-2012-3136 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3136 [ 33 ] CVE-2012-3143 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3143 [ 34 ] CVE-2012-3159 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3159 [ 35 ] CVE-2012-3174 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3174 [ 36 ] CVE-2012-3213 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3213 [ 37 ] CVE-2012-3216 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3216 [ 38 ] CVE-2012-3342 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3342 [ 39 ] CVE-2012-4416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4416 [ 40 ] CVE-2012-4681 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4681 [ 41 ] CVE-2012-5067 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5067 [ 42 ] CVE-2012-5068 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5068 [ 43 ] CVE-2012-5069 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5069 [ 44 ] CVE-2012-5070 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5070 [ 45 ] CVE-2012-5071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5071 [ 46 ] CVE-2012-5072 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5072 [ 47 ] CVE-2012-5073 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5073 [ 48 ] CVE-2012-5074 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5074 [ 49 ] CVE-2012-5075 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5075 [ 50 ] CVE-2012-5076 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5076 [ 51 ] CVE-2012-5077 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5077 [ 52 ] CVE-2012-5079 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5079 [ 53 ] CVE-2012-5081 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5081 [ 54 ] CVE-2012-5083 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5083 [ 55 ] CVE-2012-5084 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5084 [ 56 ] CVE-2012-5085 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5085 [ 57 ] CVE-2012-5086 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5086 [ 58 ] CVE-2012-5087 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5087 [ 59 ] CVE-2012-5088 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5088 [ 60 ] CVE-2012-5089 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5089 [ 61 ] CVE-2013-0169 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0169 [ 62 ] CVE-2013-0351 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0351 [ 63 ] CVE-2013-0401 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0401 [ 64 ] CVE-2013-0402 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0402 [ 65 ] CVE-2013-0409 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0409 [ 66 ] CVE-2013-0419 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0419 [ 67 ] CVE-2013-0422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0422 [ 68 ] CVE-2013-0423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0423 [ 69 ] CVE-2013-0430 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0430 [ 70 ] CVE-2013-0437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0437 [ 71 ] CVE-2013-0438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0438 [ 72 ] CVE-2013-0445 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0445 [ 73 ] CVE-2013-0446 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0446 [ 74 ] CVE-2013-0448 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0448 [ 75 ] CVE-2013-0449 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0449 [ 76 ] CVE-2013-0809 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0809 [ 77 ] CVE-2013-1473 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1473 [ 78 ] CVE-2013-1479 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1479 [ 79 ] CVE-2013-1481 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1481 [ 80 ] CVE-2013-1484 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1484 [ 81 ] CVE-2013-1485 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1485 [ 82 ] CVE-2013-1486 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1486 [ 83 ] CVE-2013-1487 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1487 [ 84 ] CVE-2013-1488 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1488 [ 85 ] CVE-2013-1491 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1491 [ 86 ] CVE-2013-1493 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1493 [ 87 ] CVE-2013-1500 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1500 [ 88 ] CVE-2013-1518 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1518 [ 89 ] CVE-2013-1537 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1537 [ 90 ] CVE-2013-1540 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1540 [ 91 ] CVE-2013-1557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1557 [ 92 ] CVE-2013-1558 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1558 [ 93 ] CVE-2013-1561 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1561 [ 94 ] CVE-2013-1563 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1563 [ 95 ] CVE-2013-1564 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1564 [ 96 ] CVE-2013-1569 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1569 [ 97 ] CVE-2013-1571 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1571 [ 98 ] CVE-2013-2383 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2383 [ 99 ] CVE-2013-2384 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2384 [ 100 ] CVE-2013-2394 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2394 [ 101 ] CVE-2013-2400 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2400 [ 102 ] CVE-2013-2407 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2407 [ 103 ] CVE-2013-2412 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2412 [ 104 ] CVE-2013-2414 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2414 [ 105 ] CVE-2013-2415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2415 [ 106 ] CVE-2013-2416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2416 [ 107 ] CVE-2013-2417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2417 [ 108 ] CVE-2013-2418 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2418 [ 109 ] CVE-2013-2419 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2419 [ 110 ] CVE-2013-2420 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2420 [ 111 ] CVE-2013-2421 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2421 [ 112 ] CVE-2013-2422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2422 [ 113 ] CVE-2013-2423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2423 [ 114 ] CVE-2013-2424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2424 [ 115 ] CVE-2013-2425 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2425 [ 116 ] CVE-2013-2426 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2426 [ 117 ] CVE-2013-2427 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2427 [ 118 ] CVE-2013-2428 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2428 [ 119 ] CVE-2013-2429 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2429 [ 120 ] CVE-2013-2430 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2430 [ 121 ] CVE-2013-2431 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2431 [ 122 ] CVE-2013-2432 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2432 [ 123 ] CVE-2013-2433 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2433 [ 124 ] CVE-2013-2434 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2434 [ 125 ] CVE-2013-2435 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2435 [ 126 ] CVE-2013-2436 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2436 [ 127 ] CVE-2013-2437 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2437 [ 128 ] CVE-2013-2438 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2438 [ 129 ] CVE-2013-2439 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2439 [ 130 ] CVE-2013-2440 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2440 [ 131 ] CVE-2013-2442 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2442 [ 132 ] CVE-2013-2443 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2443 [ 133 ] CVE-2013-2444 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2444 [ 134 ] CVE-2013-2445 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2445 [ 135 ] CVE-2013-2446 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2446 [ 136 ] CVE-2013-2447 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2447 [ 137 ] CVE-2013-2448 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2448 [ 138 ] CVE-2013-2449 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2449 [ 139 ] CVE-2013-2450 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2450 [ 140 ] CVE-2013-2451 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2451 [ 141 ] CVE-2013-2452 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2452 [ 142 ] CVE-2013-2453 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2453 [ 143 ] CVE-2013-2454 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2454 [ 144 ] CVE-2013-2455 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2455 [ 145 ] CVE-2013-2456 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2456 [ 146 ] CVE-2013-2457 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2457 [ 147 ] CVE-2013-2458 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2458 [ 148 ] CVE-2013-2459 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2459 [ 149 ] CVE-2013-2460 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2460 [ 150 ] CVE-2013-2461 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2461 [ 151 ] CVE-2013-2462 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2462 [ 152 ] CVE-2013-2463 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2463 [ 153 ] CVE-2013-2464 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2464 [ 154 ] CVE-2013-2465 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2465 [ 155 ] CVE-2013-2466 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2466 [ 156 ] CVE-2013-2467 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2467 [ 157 ] CVE-2013-2468 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2468 [ 158 ] CVE-2013-2469 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2469 [ 159 ] CVE-2013-2470 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2470 [ 160 ] CVE-2013-2471 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2471 [ 161 ] CVE-2013-2472 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2472 [ 162 ] CVE-2013-2473 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2473 [ 163 ] CVE-2013-3743 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3743 [ 164 ] CVE-2013-3744 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3744 [ 165 ] CVE-2013-3829 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-3829 [ 166 ] CVE-2013-5772 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5772 [ 167 ] CVE-2013-5774 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5774 [ 168 ] CVE-2013-5775 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5775 [ 169 ] CVE-2013-5776 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5776 [ 170 ] CVE-2013-5777 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5777 [ 171 ] CVE-2013-5778 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5778 [ 172 ] CVE-2013-5780 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5780 [ 173 ] CVE-2013-5782 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5782 [ 174 ] CVE-2013-5783 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5783 [ 175 ] CVE-2013-5784 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5784 [ 176 ] CVE-2013-5787 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5787 [ 177 ] CVE-2013-5788 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5788 [ 178 ] CVE-2013-5789 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5789 [ 179 ] CVE-2013-5790 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5790 [ 180 ] CVE-2013-5797 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5797 [ 181 ] CVE-2013-5800 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5800 [ 182 ] CVE-2013-5801 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5801 [ 183 ] CVE-2013-5802 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5802 [ 184 ] CVE-2013-5803 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5803 [ 185 ] CVE-2013-5804 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5804 [ 186 ] CVE-2013-5805 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5805 [ 187 ] CVE-2013-5806 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5806 [ 188 ] CVE-2013-5809 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5809 [ 189 ] CVE-2013-5810 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5810 [ 190 ] CVE-2013-5812 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5812 [ 191 ] CVE-2013-5814 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5814 [ 192 ] CVE-2013-5817 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5817 [ 193 ] CVE-2013-5818 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5818 [ 194 ] CVE-2013-5819 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5819 [ 195 ] CVE-2013-5820 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5820 [ 196 ] CVE-2013-5823 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5823 [ 197 ] CVE-2013-5824 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5824 [ 198 ] CVE-2013-5825 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5825 [ 199 ] CVE-2013-5829 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5829 [ 200 ] CVE-2013-5830 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5830 [ 201 ] CVE-2013-5831 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5831 [ 202 ] CVE-2013-5832 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5832 [ 203 ] CVE-2013-5838 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5838 [ 204 ] CVE-2013-5840 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5840 [ 205 ] CVE-2013-5842 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5842 [ 206 ] CVE-2013-5843 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5843 [ 207 ] CVE-2013-5844 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5844 [ 208 ] CVE-2013-5846 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5846 [ 209 ] CVE-2013-5848 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5848 [ 210 ] CVE-2013-5849 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5849 [ 211 ] CVE-2013-5850 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5850 [ 212 ] CVE-2013-5851 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5851 [ 213 ] CVE-2013-5852 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5852 [ 214 ] CVE-2013-5854 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5854 [ 215 ] CVE-2013-5870 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5870 [ 216 ] CVE-2013-5878 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5878 [ 217 ] CVE-2013-5887 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5887 [ 218 ] CVE-2013-5888 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5888 [ 219 ] CVE-2013-5889 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5889 [ 220 ] CVE-2013-5893 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5893 [ 221 ] CVE-2013-5895 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5895 [ 222 ] CVE-2013-5896 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5896 [ 223 ] CVE-2013-5898 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5898 [ 224 ] CVE-2013-5899 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5899 [ 225 ] CVE-2013-5902 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5902 [ 226 ] CVE-2013-5904 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5904 [ 227 ] CVE-2013-5905 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5905 [ 228 ] CVE-2013-5906 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5906 [ 229 ] CVE-2013-5907 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5907 [ 230 ] CVE-2013-5910 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-5910 [ 231 ] CVE-2014-0368 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0368 [ 232 ] CVE-2014-0373 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0373 [ 233 ] CVE-2014-0375 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0375 [ 234 ] CVE-2014-0376 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0376 [ 235 ] CVE-2014-0382 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0382 [ 236 ] CVE-2014-0385 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0385 [ 237 ] CVE-2014-0387 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0387 [ 238 ] CVE-2014-0403 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0403 [ 239 ] CVE-2014-0408 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0408 [ 240 ] CVE-2014-0410 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0410 [ 241 ] CVE-2014-0411 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0411 [ 242 ] CVE-2014-0415 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0415 [ 243 ] CVE-2014-0416 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0416 [ 244 ] CVE-2014-0417 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0417 [ 245 ] CVE-2014-0418 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0418 [ 246 ] CVE-2014-0422 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0422 [ 247 ] CVE-2014-0423 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0423 [ 248 ] CVE-2014-0424 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0424 [ 249 ] CVE-2014-0428 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0428 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: http://security.gentoo.org/glsa/glsa-201401-30.xml Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2014 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section. ============================================================================ Ubuntu Security Notice USN-1907-2 July 16, 2013 icedtea-web update ============================================================================ A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 13.04 - Ubuntu 12.10 - Ubuntu 12.04 LTS Summary: IcedTea Web updated to work with new OpenJDK 7. Software Description: - icedtea-web: A web browser plugin to execute Java applets Details: USN-1907-1 fixed vulnerabilities in OpenJDK 7. Due to upstream changes, IcedTea Web needed an update to work with the new OpenJDK 7. Original advisory details: Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and data integrity. (CVE-2013-1500, CVE-2013-2454, CVE-2013-2458) A vulnerability was discovered in the OpenJDK Javadoc related to data integrity. (CVE-2013-1571) A vulnerability was discovered in the OpenJDK JRE related to information disclosure and availability. (CVE-2013-2412, CVE-2013-2443, CVE-2013-2446, CVE-2013-2447, CVE-2013-2449, CVE-2013-2452, CVE-2013-2456) Several vulnerabilities were discovered in the OpenJDK JRE related to availability. (CVE-2013-2448, CVE-2013-2451, CVE-2013-2459, CVE-2013-2460, CVE-2013-2461, CVE-2013-2463, CVE-2013-2465, CVE-2013-2469, CVE-2013-2470, CVE-2013-2471, CVE-2013-2472, CVE-2013-2473) Several vulnerabilities were discovered in the OpenJDK JRE related to data integrity. (CVE-2013-2453, CVE-2013-2455, CVE-2013-2457) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 13.04: icedtea-netx 1.3.2-1ubuntu1.1 Ubuntu 12.10: icedtea-netx 1.3.2-1ubuntu0.12.10.2 Ubuntu 12.04 LTS: icedtea-netx 1.2.3-0ubuntu0.12.04.3 After a standard system update you need to restart your browser to make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c03874547 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03874547 Version: 1 HPSBUX02908 rev.1 - HP-UX Running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2013-07-31 Last Updated: 2013-07-31 Potential Security Impact: Remote unauthorized access, disclosure of information, and other vulnerabilities Source: Hewlett-Packard Company, HP Software Security Response Team VULNERABILITY SUMMARY Potential security vulnerabilities have been identified in the Java Runtime Environment (JRE) and the Java Developer Kit (JDK) running on HP-UX. HP-UX B.11.11, B.11.23, and B.11.31 running HP JDK and JRE v6.0.19 and earlier. BACKGROUND CVSS 2.0 Base Metrics =========================================================== Reference Base Vector Base Score CVE-2013-1500 (AV:L/AC:L/Au:N/C:P/I:P/A:N) 3.6 CVE-2013-1571 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2013-2407 (AV:N/AC:L/Au:N/C:P/I:N/A:P) 6.4 CVE-2013-2412 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2013-2433 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2013-2437 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2013-2442 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2013-2444 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2013-2445 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2013-2446 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2013-2447 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2013-2448 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2013-2450 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2013-2451 (AV:L/AC:H/Au:N/C:P/I:P/A:P) 3.7 CVE-2013-2452 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2013-2453 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2013-2454 (AV:N/AC:M/Au:N/C:P/I:P/A:N) 5.8 CVE-2013-2455 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2013-2456 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2013-2457 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2013-2459 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-2461 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 7.5 CVE-2013-2463 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-2464 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-2465 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-2466 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-2468 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-2469 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-2470 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-2471 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-2472 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-2473 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-3743 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002 RESOLUTION HP has provided the following Java version upgrade to resolve these vulnerabilities. The upgrade is available from the following location http://www.hp.com/java OS Version Release Version HP-UX B.11.11, B.11.23, B.11.31 JDK and JRE v6.0.20 or subsequent MANUAL ACTIONS: Yes - Update For Java v6.0 update to Java v6.0.20 or subsequent PRODUCT SPECIFIC INFORMATION HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see https://www.hp.com/go/swa The following text is for use by the HP-UX Software Assistant. AFFECTED VERSIONS HP-UX B.11.11 HP-UX B.11.23 =========== Jdk60.JDK60-COM Jdk60.JDK60-PA20 Jdk60.JDK60-PA20W Jre60.JRE60-COM Jre60.JRE60-COM-DOC Jre60.JRE60-PA20 Jre60.JRE60-PA20-HS Jre60.JRE60-PA20W Jre60.JRE60-PA20W-HS Jdk60.JDK60-IPF32 Jdk60.JDK60-IPF64 Jre60.JRE60-COM Jre60.JRE60-IPF32 Jre60.JRE60-IPF32-HS Jre60.JRE60-IPF64 Jre60.JRE60-IPF64-HS action: install revision 1.6.0.20.00 or subsequent HP-UX B.11.23 HP-UX B.11.31 =========== Jdk60.JDK60-COM Jdk60.JDK60-IPF32 Jdk60.JDK60-IPF64 Jre60.JRE60-IPF32 Jre60.JRE60-IPF32-HS Jre60.JRE60-IPF64 Jre60.JRE60-IPF64-HS Jre60.JRE60-COM Jre60.JRE60-IPF32 Jre60.JRE60-IPF32-HS Jre60.JRE60-IPF64 Jre60.JRE60-IPF64-HS action: install revision 1.6.0.20.00 or subsequent END AFFECTED VERSIONS HISTORY Version:1 (rev.1) - 31 July 2013 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/ Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB. 3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX Copyright 2013 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: java-1.7.0-openjdk security update Advisory ID: RHSA-2013:0957-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2013-0957.html Issue date: 2013-06-19 CVE Names: CVE-2013-1500 CVE-2013-1571 CVE-2013-2407 CVE-2013-2412 CVE-2013-2443 CVE-2013-2444 CVE-2013-2445 CVE-2013-2446 CVE-2013-2447 CVE-2013-2448 CVE-2013-2449 CVE-2013-2450 CVE-2013-2452 CVE-2013-2453 CVE-2013-2454 CVE-2013-2455 CVE-2013-2456 CVE-2013-2457 CVE-2013-2458 CVE-2013-2459 CVE-2013-2460 CVE-2013-2461 CVE-2013-2463 CVE-2013-2465 CVE-2013-2469 CVE-2013-2470 CVE-2013-2471 CVE-2013-2472 CVE-2013-2473 ===================================================================== 1. Summary: Updated java-1.7.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, noarch, x86_64 3. Description: These packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Software Development Kit. Multiple flaws were discovered in the ImagingLib and the image attribute, channel, layout and raster processing in the 2D component. An untrusted Java application or applet could possibly use these flaws to trigger Java Virtual Machine memory corruption. (CVE-2013-2470, CVE-2013-2471, CVE-2013-2472, CVE-2013-2473, CVE-2013-2463, CVE-2013-2465, CVE-2013-2469) Integer overflow flaws were found in the way AWT processed certain input. An attacker could use these flaws to execute arbitrary code with the privileges of the user running an untrusted Java applet or application. (CVE-2013-2459) Multiple improper permission check issues were discovered in the Sound, JDBC, Libraries, JMX, and Serviceability components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2013-2448, CVE-2013-2454, CVE-2013-2458, CVE-2013-2457, CVE-2013-2453, CVE-2013-2460) Multiple flaws in the Serialization, Networking, Libraries and CORBA components can be exploited by an untrusted Java application or applet to gain access to potentially sensitive information. (CVE-2013-2456, CVE-2013-2447, CVE-2013-2455, CVE-2013-2452, CVE-2013-2443, CVE-2013-2446) It was discovered that the Hotspot component did not properly handle out-of-memory errors. An untrusted Java application or applet could possibly use these flaws to terminate the Java Virtual Machine. (CVE-2013-2445) It was discovered that the AWT component did not properly manage certain resources and that the ObjectStreamClass of the Serialization component did not properly handle circular references. An untrusted Java application or applet could possibly use these flaws to cause a denial of service. (CVE-2013-2444, CVE-2013-2450) It was discovered that the Libraries component contained certain errors related to XML security and the class loader. A remote attacker could possibly exploit these flaws to bypass intended security mechanisms or disclose potentially sensitive information and cause a denial of service. (CVE-2013-2407, CVE-2013-2461) It was discovered that JConsole did not properly inform the user when establishing an SSL connection failed. An attacker could exploit this flaw to gain access to potentially sensitive information. (CVE-2013-2412) It was discovered that GnomeFileTypeDetector did not check for read permissions when accessing files. An untrusted Java application or applet could possibly use this flaw to disclose potentially sensitive information. (CVE-2013-2449) It was found that documentation generated by Javadoc was vulnerable to a frame injection attack. If such documentation was accessible over a network, and a remote attacker could trick a user into visiting a specially-crafted URL, it would lead to arbitrary web content being displayed next to the documentation. This could be used to perform a phishing attack by providing frame content that spoofed a login form on the site hosting the vulnerable documentation. (CVE-2013-1571) It was discovered that the 2D component created shared memory segments with insecure permissions. A local attacker could use this flaw to read or write to the shared memory segment. (CVE-2013-1500) Red Hat would like to thank Tim Brown for reporting CVE-2013-1500, and US-CERT for reporting CVE-2013-1571. US-CERT acknowledges Oracle as the original reporter of CVE-2013-1571. Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website. After installing this update, users of icedtea-web must install RHBA-2013:0959 for icedtea-web to continue functioning. This erratum also upgrades the OpenJDK package to IcedTea7 2.3.10. Refer to the NEWS file, linked to in the References, for further information. 4. Solution: All users of java-1.7.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect. Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 5. Bugs fixed (http://bugzilla.redhat.com/): 973474 - CVE-2013-1571 OpenJDK: Frame injection in generated HTML (Javadoc, 8012375) 975099 - CVE-2013-2470 OpenJDK: ImagingLib byte lookup processing (2D, 8011243) 975102 - CVE-2013-2471 OpenJDK: Incorrect IntegerComponentRaster size checks (2D, 8011248) 975107 - CVE-2013-2472 OpenJDK: Incorrect ShortBandedRaster size checks (2D, 8011253) 975110 - CVE-2013-2473 OpenJDK: Incorrect ByteBandedRaster size checks (2D, 8011257) 975115 - CVE-2013-2463 OpenJDK: Incorrect image attribute verification (2D, 8012438) 975118 - CVE-2013-2465 OpenJDK: Incorrect image channel verification (2D, 8012597) 975120 - CVE-2013-2469 OpenJDK: Incorrect image layout verification (2D, 8012601) 975121 - CVE-2013-2459 OpenJDK: Various AWT integer overflow checks (AWT, 8009071) 975122 - CVE-2013-2460 OpenJDK: tracing insufficient access checks (Serviceability, 8010209) 975124 - CVE-2013-2445 OpenJDK: Better handling of memory allocation errors (Hotspot, 7158805) 975125 - CVE-2013-2448 OpenJDK: Better access restrictions (Sound, 8006328) 975126 - CVE-2013-2461 OpenJDK: Missing check for valid DOMCanonicalizationMethod canonicalization algorithm (Libraries, 8014281) 975127 - CVE-2013-2407 OpenJDK: Integrate Apache Santuario, rework class loader (Libraries, 6741606, 8008744) 975129 - CVE-2013-2454 OpenJDK: SerialJavaObject package restriction (JDBC, 8009554) 975130 - CVE-2013-2458 OpenJDK: Method handles (Libraries, 8009424) 975131 - CVE-2013-2444 OpenJDK: Resource denial of service (AWT, 8001038) 975132 - CVE-2013-2446 OpenJDK: output stream access restrictions (CORBA, 8000642) 975133 - CVE-2013-2457 OpenJDK: Proper class checking (JMX, 8008120) 975134 - CVE-2013-2453 OpenJDK: MBeanServer Introspector package access (JMX, 8008124) 975137 - CVE-2013-2443 OpenJDK: AccessControlContext check order issue (Libraries, 8001330) 975138 - CVE-2013-2452 OpenJDK: Unique VMIDs(Libraries, 8001033) 975139 - CVE-2013-2455 OpenJDK: getEnclosing* checks (Libraries, 8007812) 975140 - CVE-2013-2447 OpenJDK: Prevent revealing the local address (Networking, 8001318) 975141 - CVE-2013-2450 OpenJDK: ObjectStreamClass circular reference denial of service (Serialization, 8000638) 975142 - CVE-2013-2456 OpenJDK: ObjectOutputStream access checks (Serialization, 8008132) 975144 - CVE-2013-2412 OpenJDK: JConsole SSL support (Serviceability, 8003703) 975145 - CVE-2013-2449 OpenJDK: GnomeFileTypeDetector path access check(Libraries, 8004288) 975148 - CVE-2013-1500 OpenJDK: Insecure shared memory permissions (2D, 8001034) 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.src.rpm i386: java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.i686.rpm java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.i686.rpm x86_64: java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.src.rpm i386: java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.i686.rpm java-1.7.0-openjdk-demo-1.7.0.25-2.3.10.3.el6_4.i686.rpm java-1.7.0-openjdk-devel-1.7.0.25-2.3.10.3.el6_4.i686.rpm java-1.7.0-openjdk-src-1.7.0.25-2.3.10.3.el6_4.i686.rpm noarch: java-1.7.0-openjdk-javadoc-1.7.0.25-2.3.10.3.el6_4.noarch.rpm x86_64: java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.src.rpm x86_64: java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.src.rpm noarch: java-1.7.0-openjdk-javadoc-1.7.0.25-2.3.10.3.el6_4.noarch.rpm x86_64: java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.src.rpm i386: java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.i686.rpm java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.i686.rpm java-1.7.0-openjdk-devel-1.7.0.25-2.3.10.3.el6_4.i686.rpm x86_64: java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.src.rpm i386: java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.i686.rpm java-1.7.0-openjdk-demo-1.7.0.25-2.3.10.3.el6_4.i686.rpm java-1.7.0-openjdk-src-1.7.0.25-2.3.10.3.el6_4.i686.rpm noarch: java-1.7.0-openjdk-javadoc-1.7.0.25-2.3.10.3.el6_4.noarch.rpm x86_64: java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.src.rpm i386: java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.i686.rpm java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.i686.rpm java-1.7.0-openjdk-devel-1.7.0.25-2.3.10.3.el6_4.i686.rpm x86_64: java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.src.rpm i386: java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.i686.rpm java-1.7.0-openjdk-demo-1.7.0.25-2.3.10.3.el6_4.i686.rpm java-1.7.0-openjdk-src-1.7.0.25-2.3.10.3.el6_4.i686.rpm noarch: java-1.7.0-openjdk-javadoc-1.7.0.25-2.3.10.3.el6_4.noarch.rpm x86_64: java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2013-1500.html https://www.redhat.com/security/data/cve/CVE-2013-1571.html https://www.redhat.com/security/data/cve/CVE-2013-2407.html https://www.redhat.com/security/data/cve/CVE-2013-2412.html https://www.redhat.com/security/data/cve/CVE-2013-2443.html https://www.redhat.com/security/data/cve/CVE-2013-2444.html https://www.redhat.com/security/data/cve/CVE-2013-2445.html https://www.redhat.com/security/data/cve/CVE-2013-2446.html https://www.redhat.com/security/data/cve/CVE-2013-2447.html https://www.redhat.com/security/data/cve/CVE-2013-2448.html https://www.redhat.com/security/data/cve/CVE-2013-2449.html https://www.redhat.com/security/data/cve/CVE-2013-2450.html https://www.redhat.com/security/data/cve/CVE-2013-2452.html https://www.redhat.com/security/data/cve/CVE-2013-2453.html https://www.redhat.com/security/data/cve/CVE-2013-2454.html https://www.redhat.com/security/data/cve/CVE-2013-2455.html https://www.redhat.com/security/data/cve/CVE-2013-2456.html https://www.redhat.com/security/data/cve/CVE-2013-2457.html https://www.redhat.com/security/data/cve/CVE-2013-2458.html https://www.redhat.com/security/data/cve/CVE-2013-2459.html https://www.redhat.com/security/data/cve/CVE-2013-2460.html https://www.redhat.com/security/data/cve/CVE-2013-2461.html https://www.redhat.com/security/data/cve/CVE-2013-2463.html https://www.redhat.com/security/data/cve/CVE-2013-2465.html https://www.redhat.com/security/data/cve/CVE-2013-2469.html https://www.redhat.com/security/data/cve/CVE-2013-2470.html https://www.redhat.com/security/data/cve/CVE-2013-2471.html https://www.redhat.com/security/data/cve/CVE-2013-2472.html https://www.redhat.com/security/data/cve/CVE-2013-2473.html https://access.redhat.com/security/updates/classification/#critical http://icedtea.classpath.org/hg/release/icedtea7-2.3/file/icedtea-2.3.10/NEWS https://rhn.redhat.com/errata/RHBA-2013-0959.html 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2013 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFRwkhZXlSAg2UNWIIRAq8SAJ9tsW9PY39Aa6lmSLhOhlUi8hrnugCePCKO NAdLLpJKlVulPXKONu/CudU= =+H1U -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce

Trust: 2.7

sources: NVD: CVE-2013-2461 // JVNDB: JVNDB-2013-003058 // BID: 60645 // VULMON: CVE-2013-2461 // PACKETSTORM: 122422 // PACKETSTORM: 122423 // PACKETSTORM: 122438 // PACKETSTORM: 124943 // PACKETSTORM: 122109 // PACKETSTORM: 122439 // PACKETSTORM: 122653 // PACKETSTORM: 122084

AFFECTED PRODUCTS

vendor:oraclemodel:jrockitscope:lteversion:r27.7.5

Trust: 1.8

vendor:oraclemodel:jrockitscope:lteversion:r28.2.7

Trust: 1.8

vendor:oraclemodel:jdkscope:eqversion:1.6.0

Trust: 1.0

vendor:sunmodel:jdkscope:eqversion:1.6.0

Trust: 1.0

vendor:oraclemodel:jrescope:eqversion:1.7.0

Trust: 1.0

vendor:oraclemodel:jrockitscope:gteversion:r27.7.1

Trust: 1.0

vendor:oraclemodel:openjdkscope:eqversion:1.7.0

Trust: 1.0

vendor:oraclemodel:jrockitscope:gteversion:r28.0.0

Trust: 1.0

vendor:sunmodel:jre 17scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jre 13scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jre 12scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jre 10scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jre 07scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jre 06scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jre 05scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jre 04scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jrescope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jrescope:eqversion:1.7

Trust: 0.9

vendor:sunmodel:jre 1.6.0 21scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.6.0 19scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.6.0 18scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.6.0 15scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.6.0 14scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.6.0 11scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.6.0 03scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.6.0 02scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.6.0 01scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 17scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jdk 14scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jdk 13scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jdk 11scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jdk 10scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jdk 07scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jdk 06scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jdk 05scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jdk 04scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jdkscope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jdk 1.6.0 21scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 1.6.0 20scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 1.6.0 19scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 1.6.0 18scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 1.6.0 15scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 1.6.0 03scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 1.6.0 02scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.7.0 9scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.7.0 8scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.7.0 17scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.7.0 13scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.7.0 11scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.7.0 10scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 43scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 39scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 38scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 45scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.7.0 7scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.7.0 4scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.7.0 2scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 35scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 32scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 30scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 28scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 27scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 26scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 25scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 24scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 23scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 22scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.7.0 9scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.7.0 8scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.7.0 21scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.7.0 13scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.7.0 12scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.7.0 11scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.7.0 10scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 45scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 43scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 39scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 37scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdkscope:eqversion:1.7

Trust: 0.9

vendor:oraclemodel:jdk 1.7.0 7scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.7.0 4scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.7.0 2scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 38scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 35scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 32scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 30scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 28scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 27scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 26scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 25scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 24scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 23scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 22scope: - version: -

Trust: 0.9

vendor:applemodel:mac os xscope:eqversion:v10.6.8

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:v10.7 and later

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:v10.8 and later

Trust: 0.8

vendor:applemodel:mac os x serverscope:eqversion:v10.6.8

Trust: 0.8

vendor:applemodel:mac os x serverscope:eqversion:v10.7 and later

Trust: 0.8

vendor:oraclemodel:jdkscope:lteversion:6 update 45

Trust: 0.8

vendor:oraclemodel:jdkscope:lteversion:7 update 21

Trust: 0.8

vendor:oraclemodel:jrescope:lteversion:6 update 45

Trust: 0.8

vendor:oraclemodel:jrescope:lteversion:7 update 21

Trust: 0.8

vendor:oraclemodel:fusion middlewarescope:eqversion:of glassfish communications server 2.0

Trust: 0.8

vendor:oraclemodel:glassfish serverscope:eqversion:2.1.1

Trust: 0.8

vendor:oraclemodel:glassfish serverscope:eqversion:3.0.1

Trust: 0.8

vendor:oraclemodel:glassfish serverscope:eqversion:3.1.2

Trust: 0.8

vendor:sun microsystemsmodel:jdkscope:lteversion:6 update 21

Trust: 0.8

vendor:sun microsystemsmodel:jrescope:lteversion:6 update 21

Trust: 0.8

vendor:hitachimodel:cosminexus application server enterprisescope:eqversion:version 6

Trust: 0.8

vendor:hitachimodel:cosminexus application server standardscope:eqversion:version 6

Trust: 0.8

vendor:hitachimodel:cosminexus application server version 5scope: - version: -

Trust: 0.8

vendor:hitachimodel:cosminexus clientscope:eqversion:version 6

Trust: 0.8

vendor:hitachimodel:cosminexus developer light version 6scope: - version: -

Trust: 0.8

vendor:hitachimodel:cosminexus developer professional version 6scope: - version: -

Trust: 0.8

vendor:hitachimodel:cosminexus developer standard version 6scope: - version: -

Trust: 0.8

vendor:hitachimodel:cosminexus developer version 5scope: - version: -

Trust: 0.8

vendor:hitachimodel:cosminexus developer's kit for javascope: - version: -

Trust: 0.8

vendor:hitachimodel:cosminexus primary serverscope:eqversion:base

Trust: 0.8

vendor:hitachimodel:cosminexus server - standard edition version 4scope: - version: -

Trust: 0.8

vendor:hitachimodel:cosminexus server - web edition version 4scope: - version: -

Trust: 0.8

vendor:hitachimodel:cosminexus studioscope:eqversion:- standard edition version 4

Trust: 0.8

vendor:hitachimodel:cosminexus studioscope:eqversion:- web edition version 4

Trust: 0.8

vendor:hitachimodel:cosminexus studioscope:eqversion:version 5

Trust: 0.8

vendor:hitachimodel:ucosminexus application serverscope:eqversion:-r

Trust: 0.8

vendor:hitachimodel:ucosminexus application serverscope:eqversion:express

Trust: 0.8

vendor:hitachimodel:ucosminexus application serverscope:eqversion:light

Trust: 0.8

vendor:hitachimodel:ucosminexus application serverscope:eqversion:standard-r

Trust: 0.8

vendor:hitachimodel:ucosminexus application server enterprisescope: - version: -

Trust: 0.8

vendor:hitachimodel:ucosminexus application server smart editionscope: - version: -

Trust: 0.8

vendor:hitachimodel:ucosminexus application server standardscope: - version: -

Trust: 0.8

vendor:hitachimodel:ucosminexus clientscope:eqversion:none

Trust: 0.8

vendor:hitachimodel:ucosminexus clientscope:eqversion:for plug-in

Trust: 0.8

vendor:hitachimodel:ucosminexus developerscope:eqversion:01

Trust: 0.8

vendor:hitachimodel:ucosminexus developerscope:eqversion:professional

Trust: 0.8

vendor:hitachimodel:ucosminexus developerscope:eqversion:professional for plug-in

Trust: 0.8

vendor:hitachimodel:ucosminexus developer lightscope: - version: -

Trust: 0.8

vendor:hitachimodel:ucosminexus developer standardscope: - version: -

Trust: 0.8

vendor:hitachimodel:ucosminexus operatorscope: - version: -

Trust: 0.8

vendor:hitachimodel:ucosminexus primary serverscope:eqversion:base

Trust: 0.8

vendor:hitachimodel:ucosminexus serverscope:eqversion:standard-r

Trust: 0.8

vendor:hitachimodel:ucosminexus service architectscope: - version: -

Trust: 0.8

vendor:hitachimodel:ucosminexus service platformscope:eqversion:none

Trust: 0.8

vendor:hitachimodel:ucosminexus service platformscope:eqversion:- messaging

Trust: 0.8

vendor:sunmodel:jre 1.6.0 20scope: - version: -

Trust: 0.6

vendor:sunmodel:jre 1.6.0 2scope: - version: -

Trust: 0.6

vendor:sunmodel:jdk 1.6.0 01scope: - version: -

Trust: 0.6

vendor:sunmodel:jdk 01-b06scope:eqversion:1.6

Trust: 0.6

vendor:oraclemodel:jre 1.7.0 12scope: - version: -

Trust: 0.6

vendor:oraclemodel:jre 1.7.0 21scope: - version: -

Trust: 0.6

vendor:oraclemodel:jdk 1.7.0 17scope: - version: -

Trust: 0.6

vendor:sunmodel:jrescope:eqversion:1.6.0

Trust: 0.6

vendor:xeroxmodel:freeflow print server 93.e0.21cscope: - version: -

Trust: 0.3

vendor:xeroxmodel:freeflow print server 91.d2.32scope: - version: -

Trust: 0.3

vendor:xeroxmodel:freeflow print server 82.d1.44scope: - version: -

Trust: 0.3

vendor:xeroxmodel:freeflow print server 81.d0.73scope: - version: -

Trust: 0.3

vendor:xeroxmodel:freeflow print server 73.d2.33scope: - version: -

Trust: 0.3

vendor:xeroxmodel:freeflow print server 73.c5.11scope: - version: -

Trust: 0.3

vendor:ubuntumodel:linux ltsscope:eqversion:12.04

Trust: 0.3

vendor:ubuntumodel:linux ltsscope:eqversion:10.04

Trust: 0.3

vendor:susemodel:linux enterprise desktop sp3scope:eqversion:11

Trust: 0.3

vendor:susemodel:linux enterprise desktop sp2scope:eqversion:11

Trust: 0.3

vendor:sunmodel:jdk 1.6.0 01-b06scope: - version: -

Trust: 0.3

vendor:sunmodel:jdk 01scope:eqversion:1.6

Trust: 0.3

vendor:schneider electricmodel:trio tview softwarescope:eqversion:3.27.0

Trust: 0.3

vendor:s u s emodel:opensusescope:eqversion:11.4

Trust: 0.3

vendor:redhatmodel:enterprise linux workstation supplementaryscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux workstation optionalscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux workstationscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux supplementary serverscope:eqversion:5

Trust: 0.3

vendor:redhatmodel:enterprise linux server supplementaryscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux server optionalscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux server eus 6.5.zscope: - version: -

Trust: 0.3

vendor:redhatmodel:enterprise linux server ausscope:eqversion:6.5

Trust: 0.3

vendor:redhatmodel:enterprise linux serverscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux hpc node supplementaryscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux hpc node optionalscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux hpc nodescope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux desktop supplementaryscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux desktop supplementary clientscope:eqversion:5

Trust: 0.3

vendor:redhatmodel:enterprise linux desktop optionalscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux desktopscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux desktop clientscope:eqversion:5

Trust: 0.3

vendor:redhatmodel:enterprise linux serverscope:eqversion:5

Trust: 0.3

vendor:oraclemodel:jrockit r28.2.7scope: - version: -

Trust: 0.3

vendor:oraclemodel:jrockit r28.2.6scope: - version: -

Trust: 0.3

vendor:oraclemodel:jrockit r28.2.4scope: - version: -

Trust: 0.3

vendor:oraclemodel:jrockit r28.2.2scope: - version: -

Trust: 0.3

vendor:oraclemodel:jrockit r27.7.5scope: - version: -

Trust: 0.3

vendor:oraclemodel:jrockit r27.7.4scope: - version: -

Trust: 0.3

vendor:oraclemodel:jrockit r27.7.3scope: - version: -

Trust: 0.3

vendor:oraclemodel:jrockit r27.7.1scope: - version: -

Trust: 0.3

vendor:oraclemodel:enterprise linuxscope:eqversion:6.2

Trust: 0.3

vendor:oraclemodel:enterprise linuxscope:eqversion:6

Trust: 0.3

vendor:oraclemodel:enterprise linuxscope:eqversion:5

Trust: 0.3

vendor:mandrivamodel:business serverscope:eqversion:1x8664

Trust: 0.3

vendor:mandrivamodel:business serverscope:eqversion:1

Trust: 0.3

vendor:mandrakesoftmodel:enterprise server x86 64scope:eqversion:5

Trust: 0.3

vendor:mandrakesoftmodel:enterprise serverscope:eqversion:5

Trust: 0.3

vendor:junipermodel:nsmexpressscope:eqversion: -

Trust: 0.3

vendor:junipermodel:nsm3000scope:eqversion: -

Trust: 0.3

vendor:junipermodel:network and security manager software r8scope:eqversion:2012.2

Trust: 0.3

vendor:junipermodel:network and security manager software r7scope:eqversion:2012.2

Trust: 0.3

vendor:junipermodel:network and security manager software r6scope:eqversion:2012.2

Trust: 0.3

vendor:junipermodel:network and security manager software r5scope:eqversion:2012.2

Trust: 0.3

vendor:junipermodel:network and security manager software r4scope:eqversion:2012.2

Trust: 0.3

vendor:junipermodel:network and security manager software r3scope:eqversion:2012.2

Trust: 0.3

vendor:junipermodel:network and security manager software r2scope:eqversion:2012.2

Trust: 0.3

vendor:junipermodel:network and security manager softwarescope:eqversion:2012.2-

Trust: 0.3

vendor:ibmmodel:virtualization engine ts7700scope:eqversion:0

Trust: 0.3

vendor:ibmmodel:tivoli provisioning managerscope:eqversion:7.1.1

Trust: 0.3

vendor:ibmmodel:tivoli composite application manager for transactionsscope:eqversion:7.3.0.1

Trust: 0.3

vendor:ibmmodel:tivoli composite application manager for transactionsscope:eqversion:7.3.0

Trust: 0.3

vendor:ibmmodel:tivoli composite application manager for transactionsscope:eqversion:7.2.0.2

Trust: 0.3

vendor:ibmmodel:tivoli composite application manager for transactionsscope:eqversion:7.2.0.1

Trust: 0.3

vendor:ibmmodel:tivoli composite application manager for transactionsscope:eqversion:7.2.0

Trust: 0.3

vendor:ibmmodel:tivoli composite application manager for transactionsscope:eqversion:7.1.0.2

Trust: 0.3

vendor:ibmmodel:tivoli composite application manager for transactionsscope:eqversion:7.1.0.1

Trust: 0.3

vendor:ibmmodel:tivoli composite application manager for transactionsscope:eqversion:7.1.0

Trust: 0.3

vendor:ibmmodel:maximo asset managementscope:eqversion:7.2.1

Trust: 0.3

vendor:ibmmodel:maximo asset managementscope:eqversion:7.1.1

Trust: 0.3

vendor:ibmmodel:maximo asset managementscope:eqversion:6.2.8

Trust: 0.3

vendor:ibmmodel:maximo asset managementscope:eqversion:6.2.7

Trust: 0.3

vendor:ibmmodel:maximo asset managementscope:eqversion:6.2.6

Trust: 0.3

vendor:ibmmodel:maximo asset managementscope:eqversion:6.2.5

Trust: 0.3

vendor:ibmmodel:maximo asset managementscope:eqversion:6.2.4

Trust: 0.3

vendor:ibmmodel:maximo asset managementscope:eqversion:6.2.3

Trust: 0.3

vendor:ibmmodel:maximo asset managementscope:eqversion:6.2.2

Trust: 0.3

vendor:ibmmodel:maximo asset managementscope:eqversion:6.2.1

Trust: 0.3

vendor:ibmmodel:maximo asset managementscope:eqversion:7.5

Trust: 0.3

vendor:ibmmodel:maximo asset managementscope:eqversion:7.2

Trust: 0.3

vendor:ibmmodel:maximo asset managementscope:eqversion:6.2

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.5.3

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.5.2

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.5.1

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.0.2

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:9.0

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.5.2.3

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.5.2.2

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.5.2.1

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.5.1.5

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.5.1.4

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.5.1.3

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.5.1.2

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.5.0.1

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.5

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.0.2.6

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.0.2.5

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.0.2.4

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.0.2.3

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.0.2.2

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.0.2.1

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.0

Trust: 0.3

vendor:ibmmodel:lotus dominoscope:eqversion:8.5.4

Trust: 0.3

vendor:ibmmodel:lotus dominoscope:eqversion:8.5.3

Trust: 0.3

vendor:ibmmodel:lotus dominoscope:eqversion:8.5.2

Trust: 0.3

vendor:ibmmodel:lotus dominoscope:eqversion:8.5.1

Trust: 0.3

vendor:ibmmodel:lotus dominoscope:eqversion:8.5

Trust: 0.3

vendor:ibmmodel:lotus dominoscope:eqversion:8.0.2

Trust: 0.3

vendor:ibmmodel:lotus dominoscope:eqversion:8.0.1

Trust: 0.3

vendor:ibmmodel:lotus dominoscope:eqversion:9.0

Trust: 0.3

vendor:ibmmodel:lotus dominoscope:eqversion:8.5.1.1

Trust: 0.3

vendor:ibmmodel:lotus dominoscope:eqversion:8.5.0.1

Trust: 0.3

vendor:ibmmodel:lotus dominoscope:eqversion:8.0.2.4

Trust: 0.3

vendor:ibmmodel:lotus dominoscope:eqversion:8.0.2.3

Trust: 0.3

vendor:ibmmodel:lotus dominoscope:eqversion:8.0.2.2

Trust: 0.3

vendor:ibmmodel:lotus dominoscope:eqversion:8.0.2.1

Trust: 0.3

vendor:ibmmodel:lotus dominoscope:eqversion:8.0

Trust: 0.3

vendor:ibmmodel:java sescope:eqversion:1.4.2

Trust: 0.3

vendor:ibmmodel:java sescope:eqversion:7

Trust: 0.3

vendor:ibmmodel:java sescope:eqversion:6

Trust: 0.3

vendor:ibmmodel:java sescope:eqversion:5.0

Trust: 0.3

vendor:ibmmodel:java sdkscope:eqversion:1.4.2

Trust: 0.3

vendor:ibmmodel:java sdk sr4-fp2scope:eqversion:7

Trust: 0.3

vendor:ibmmodel:java sdkscope:eqversion:7

Trust: 0.3

vendor:ibmmodel:java sdk sr5-fp2scope:eqversion:6.0.1

Trust: 0.3

vendor:ibmmodel:java sdk sr13-fp2scope:eqversion:6

Trust: 0.3

vendor:ibmmodel:java sdkscope:eqversion:6

Trust: 0.3

vendor:ibmmodel:java sdk sr16-fp2scope:eqversion:5.0

Trust: 0.3

vendor:ibmmodel:java sdkscope:eqversion:5

Trust: 0.3

vendor:ibmmodel:java sdk sr13-fp17scope:eqversion:1.4.2

Trust: 0.3

vendor:ibmmodel:i v5r4scope: - version: -

Trust: 0.3

vendor:ibmmodel:iscope:eqversion:7.1

Trust: 0.3

vendor:ibmmodel:iscope:eqversion:6.1

Trust: 0.3

vendor:hpmodel:hp-ux b.11.31scope: - version: -

Trust: 0.3

vendor:hpmodel:hp-ux b.11.11scope: - version: -

Trust: 0.3

vendor:hitachimodel:ucosminexus service platformscope:eqversion:8

Trust: 0.3

vendor:hitachimodel:ucosminexus service architectscope:eqversion:8

Trust: 0.3

vendor:hitachimodel:ucosminexus operatorscope:eqversion:8

Trust: 0.3

vendor:hitachimodel:ucosminexus developerscope:eqversion:09-00

Trust: 0.3

vendor:hitachimodel:ucosminexus clientscope:eqversion:8

Trust: 0.3

vendor:hitachimodel:ucosminexus application serverscope:eqversion:09-00

Trust: 0.3

vendor:hitachimodel:cosminexus studioscope:eqversion:5

Trust: 0.3

vendor:hitachimodel:cosminexus studioscope:eqversion:4.0

Trust: 0.3

vendor:hitachimodel:cosminexus server web editionscope:eqversion:-4

Trust: 0.3

vendor:hitachimodel:cosminexus server standard editionscope:eqversion:-4

Trust: 0.3

vendor:hitachimodel:cosminexus developerscope:eqversion:6.0

Trust: 0.3

vendor:hitachimodel:cosminexus developerscope:eqversion:5

Trust: 0.3

vendor:hitachimodel:cosminexus clientscope:eqversion:6

Trust: 0.3

vendor:hitachimodel:cosminexus application serverscope:eqversion:6.0

Trust: 0.3

vendor:hitachimodel:cosminexus application serverscope:eqversion:5.0

Trust: 0.3

vendor:hitachimodel:cosminexusscope:eqversion:9.0

Trust: 0.3

vendor:hitachimodel:cosminexusscope:eqversion:8.0

Trust: 0.3

vendor:hitachimodel:cosminexusscope:eqversion:7.0

Trust: 0.3

vendor:gentoomodel:linuxscope: - version: -

Trust: 0.3

vendor:debianmodel:linux sparcscope:eqversion:6.0

Trust: 0.3

vendor:debianmodel:linux s/390scope:eqversion:6.0

Trust: 0.3

vendor:debianmodel:linux powerpcscope:eqversion:6.0

Trust: 0.3

vendor:debianmodel:linux mipsscope:eqversion:6.0

Trust: 0.3

vendor:debianmodel:linux ia-64scope:eqversion:6.0

Trust: 0.3

vendor:debianmodel:linux ia-32scope:eqversion:6.0

Trust: 0.3

vendor:debianmodel:linux armscope:eqversion:6.0

Trust: 0.3

vendor:debianmodel:linux amd64scope:eqversion:6.0

Trust: 0.3

vendor:centosmodel:centosscope:eqversion:6

Trust: 0.3

vendor:centosmodel:centosscope:eqversion:5

Trust: 0.3

vendor:avayamodel:voice portalscope:eqversion:5.1.3

Trust: 0.3

vendor:avayamodel:voice portalscope:eqversion:5.1.2

Trust: 0.3

vendor:avayamodel:voice portalscope:eqversion:5.1.1

Trust: 0.3

vendor:avayamodel:voice portal sp3scope:eqversion:5.1

Trust: 0.3

vendor:avayamodel:voice portal sp2scope:eqversion:5.1

Trust: 0.3

vendor:avayamodel:voice portal sp1scope:eqversion:5.1

Trust: 0.3

vendor:avayamodel:voice portalscope:eqversion:5.1

Trust: 0.3

vendor:avayamodel:voice portal sp2scope:eqversion:5.0

Trust: 0.3

vendor:avayamodel:voice portal sp1scope:eqversion:5.0

Trust: 0.3

vendor:avayamodel:voice portalscope:eqversion:5.0

Trust: 0.3

vendor:avayamodel:proactive contactscope:eqversion:5.1

Trust: 0.3

vendor:avayamodel:proactive contactscope:eqversion:5.0

Trust: 0.3

vendor:avayamodel:one-x client enablement servicesscope:eqversion:6.2

Trust: 0.3

vendor:avayamodel:one-x client enablement servicesscope:eqversion:6.1

Trust: 0.3

vendor:avayamodel:one-x client enablement servicesscope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:messaging application serverscope:eqversion:5.2.1

Trust: 0.3

vendor:avayamodel:message networkingscope:eqversion:6.2.0

Trust: 0.3

vendor:avayamodel:meeting exchangescope:eqversion:6.2

Trust: 0.3

vendor:avayamodel:meeting exchangescope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:meeting exchangescope:eqversion:5.2

Trust: 0.3

vendor:avayamodel:meeting exchangescope:eqversion:5.1

Trust: 0.3

vendor:avayamodel:meeting exchangescope:eqversion:5.0

Trust: 0.3

vendor:avayamodel:irscope:eqversion:4.0

Trust: 0.3

vendor:avayamodel:ip office application serverscope:eqversion:8.1

Trust: 0.3

vendor:avayamodel:ip office application serverscope:eqversion:8.0

Trust: 0.3

vendor:avayamodel:conferencing standard editionscope:eqversion:6.0.1

Trust: 0.3

vendor:avayamodel:conferencing standard edition sp1scope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:conferencing standard editionscope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:communication server 1000m signaling serverscope:eqversion:7.5

Trust: 0.3

vendor:avayamodel:communication server 1000m signaling serverscope:eqversion:7.0

Trust: 0.3

vendor:avayamodel:communication server 1000m signaling serverscope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:communication server 1000mscope:eqversion:7.5

Trust: 0.3

vendor:avayamodel:communication server 1000mscope:eqversion:7.0

Trust: 0.3

vendor:avayamodel:communication server 1000mscope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:communication server 1000e signaling serverscope:eqversion:7.5

Trust: 0.3

vendor:avayamodel:communication server 1000e signaling serverscope:eqversion:7.0

Trust: 0.3

vendor:avayamodel:communication server 1000e signaling serverscope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:communication server 1000escope:eqversion:7.5

Trust: 0.3

vendor:avayamodel:communication server 1000escope:eqversion:7.0

Trust: 0.3

vendor:avayamodel:communication server 1000escope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:cms r17scope: - version: -

Trust: 0.3

vendor:avayamodel:cms r16.3scope: - version: -

Trust: 0.3

vendor:avayamodel:cms r16scope: - version: -

Trust: 0.3

vendor:avayamodel:cms r15scope: - version: -

Trust: 0.3

vendor:avayamodel:call management system r17.0scope: - version: -

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:6.2.1

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:6.0.2

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:6.0.1

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:6.3

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:6.2.1.0.9

Trust: 0.3

vendor:avayamodel:aura system platform sp1scope:eqversion:6.2

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:6.2

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:6.0.3.9.3

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:6.0.3.8.3

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:6.0.3.0.3

Trust: 0.3

vendor:avayamodel:aura system platform sp3scope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:aura system platform sp2scope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:1.1

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:1.0

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:6.3

Trust: 0.3

vendor:avayamodel:aura system manager sp3scope:eqversion:6.2

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:6.2

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:6.1.5

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:6.1.3

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:6.1.2

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:6.1.1

Trust: 0.3

vendor:avayamodel:aura system manager sp2scope:eqversion:6.1

Trust: 0.3

vendor:avayamodel:aura system manager sp1scope:eqversion:6.1

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:6.1

Trust: 0.3

vendor:avayamodel:aura system manager sp1scope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:5.2

Trust: 0.3

vendor:avayamodel:aura sip enablement servicesscope:eqversion:5.2.1

Trust: 0.3

vendor:avayamodel:aura sip enablement servicesscope:eqversion:5.2

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.2.1

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.1.5

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.1.3

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.1.2

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.1.1

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.0.1

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.3

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.2.2

Trust: 0.3

vendor:avayamodel:aura session manager sp1scope:eqversion:6.2

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.2

Trust: 0.3

vendor:avayamodel:aura session manager sp2scope:eqversion:6.1

Trust: 0.3

vendor:avayamodel:aura session manager sp1scope:eqversion:6.1

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.1

Trust: 0.3

vendor:avayamodel:aura session manager sp1scope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:5.2.1

Trust: 0.3

vendor:avayamodel:aura session manager sp2scope:eqversion:5.2

Trust: 0.3

vendor:avayamodel:aura session manager sp1scope:eqversion:5.2

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:5.2

Trust: 0.3

vendor:avayamodel:aura presence servicesscope:eqversion:6.1.2

Trust: 0.3

vendor:avayamodel:aura presence servicesscope:eqversion:6.1.1

Trust: 0.3

vendor:avayamodel:aura presence services sp1scope:eqversion:6.1

Trust: 0.3

vendor:avayamodel:aura presence servicesscope:eqversion:6.1

Trust: 0.3

vendor:avayamodel:aura presence servicesscope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:aura messagingscope:eqversion:6.1.1

Trust: 0.3

vendor:avayamodel:aura messagingscope:eqversion:6.2

Trust: 0.3

vendor:avayamodel:aura messagingscope:eqversion:6.1

Trust: 0.3

vendor:avayamodel:aura messagingscope:eqversion:6.0.1

Trust: 0.3

vendor:avayamodel:aura messagingscope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:aura experience portalscope:eqversion:6.0.2

Trust: 0.3

vendor:avayamodel:aura experience portalscope:eqversion:6.0.1

Trust: 0.3

vendor:avayamodel:aura experience portal sp2scope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:aura experience portal sp1scope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:aura experience portalscope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:aura conferencingscope:eqversion:7.0

Trust: 0.3

vendor:avayamodel:aura conferencing standardscope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:aura conferencing sp1 standardscope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:aura communication manager utility servicesscope:eqversion:6.3

Trust: 0.3

vendor:avayamodel:aura communication manager utility servicesscope:eqversion:6.2.5.0.15

Trust: 0.3

vendor:avayamodel:aura communication manager utility servicesscope:eqversion:6.2.4.0.15

Trust: 0.3

vendor:avayamodel:aura communication manager utility servicesscope:eqversion:6.2

Trust: 0.3

vendor:avayamodel:aura communication manager utility servicesscope:eqversion:6.1

Trust: 0.3

vendor:avayamodel:aura communication manager utility servicesscope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:aura application server sip corescope:eqversion:53003.0

Trust: 0.3

vendor:avayamodel:aura application server sip corescope:eqversion:53002.0

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:5.2.1

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:6.1.2

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:6.1.1

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:6.1

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:5.2.4

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:5.2.3

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:5.2.2

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:5.2

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.7.5

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.7.4

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.7.3

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.7.2

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.7.1

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.7

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.6.8

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.8.4

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.8.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.8.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.7.5

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.8.3

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.8

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.7.4

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.7.3

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.7.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.7.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.7

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.6.8

Trust: 0.3

vendor:schneider electricmodel:trio tview softwarescope:neversion:3.29.0

Trust: 0.3

vendor:junipermodel:network and security manager software 2012.2r9scope:neversion: -

Trust: 0.3

vendor:ibmmodel:virtualization engine ts7700scope:neversion:8.31.0.89

Trust: 0.3

vendor:ibmmodel:java sdk sr5scope:neversion:7

Trust: 0.3

vendor:ibmmodel:java sdk sr6scope:neversion:6.0.1

Trust: 0.3

vendor:ibmmodel:java sdk sr14scope:neversion:6

Trust: 0.3

vendor:ibmmodel:java sdk sr16-fp3scope:neversion:5.0

Trust: 0.3

vendor:ibmmodel:java sdk sr13-fp18scope:neversion:1.4.2

Trust: 0.3

sources: BID: 60645 // JVNDB: JVNDB-2013-003058 // CNNVD: CNNVD-201306-317 // NVD: CVE-2013-2461

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2013-2461
value: HIGH

Trust: 1.0

NVD: CVE-2013-2461
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201306-317
value: HIGH

Trust: 0.6

VULMON: CVE-2013-2461
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2013-2461
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

sources: VULMON: CVE-2013-2461 // JVNDB: JVNDB-2013-003058 // CNNVD: CNNVD-201306-317 // NVD: CVE-2013-2461

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2013-2461

THREAT TYPE

remote

Trust: 0.7

sources: PACKETSTORM: 122653 // CNNVD: CNNVD-201306-317

TYPE

Unknown

Trust: 0.3

sources: BID: 60645

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2013-003058

PATCH
title:APPLE-SA-2013-06-18-1url:http://lists.apple.com/archives/security-announce/2013/Jun/msg00002.html
Trust: 0.8
title:HT5797url:http://support.apple.com/kb/HT5797
Trust: 0.8
title:HT5797url:http://support.apple.com/kb/HT5797?viewlocale=ja_JP
Trust: 0.8
title:HS13-015url:http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-015/index.html
Trust: 0.8
title:HPSBUX02907 SSRT101241url:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03868911
Trust: 0.8
title:HPSBUX02908 SSRT101286url:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03874547
Trust: 0.8
title:jdk7u/jdk7u-dev/jdk / changeseturl:http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/abe9ea5a50d2
Trust: 0.8
title:Oracle Critical Patch Update Advisory - July 2013url:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
Trust: 0.8
title:Text Form of Oracle Critical Patch Update - July 2013 Risk Matricesurl:http://www.oracle.com/technetwork/topics/security/cpujuly2013verbose-1899830.html
Trust: 0.8
title:Oracle Critical Patch Update Advisory - October 2013url:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html
Trust: 0.8
title:Oracle Critical Patch Update Advisory - July 2014url:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
Trust: 0.8
title:Text Form of Oracle Critical Patch Update - October 2013 Risk Matricesurl:http://www.oracle.com/technetwork/topics/security/cpuoct2013verbose-1899842.html
Trust: 0.8
title:Text Form of Oracle Critical Patch Update - July 2014 Risk Matricesurl:http://www.oracle.com/technetwork/topics/security/cpujul2014verbose-1972958.html
Trust: 0.8
title:Oracle Java SE Critical Patch Update Advisory - June 2013url:http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html
Trust: 0.8
title:Text Form of Oracle Java SE Critical Patch Update - June 2013 Risk Matricesurl:http://www.oracle.com/technetwork/topics/security/javacpujun2013verbose-1899853.html
Trust: 0.8
title:Bug 975126url:https://bugzilla.redhat.com/show_bug.cgi?id=975126
Trust: 0.8
title:RHSA-2013:0957url:https://rhn.redhat.com/errata/RHSA-2013-0957.html
Trust: 0.8
title:RHSA-2013:0958url:https://rhn.redhat.com/errata/RHSA-2013-0958.html
Trust: 0.8
title:RHSA-2013:1014url:https://rhn.redhat.com/errata/RHSA-2013-1014.html
Trust: 0.8
title:RHSA-2013:0963url:http://rhn.redhat.com/errata/RHSA-2013-0963.html
Trust: 0.8
title:July 2013 Critical Patch Update Released url:https://blogs.oracle.com/security/entry/july_2013_critical_patch_update
Trust: 0.8
title:October 2013 Critical Patch Update Releasedurl:https://blogs.oracle.com/security/entry/october_2013_critical_patch_update
Trust: 0.8
title:June 2013 Critical Patch Update for Java SE Releasedurl:https://blogs.oracle.com/security/entry/june_2013_critical_patch_update
Trust: 0.8
title:HS13-015url:http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS13-015/index.html
Trust: 0.8
title:Oracle Corporation Javaプラグインの脆弱性に関するお知らせurl:http://azby.fmworld.net/support/security/information/oj20130620.html
Trust: 0.8
title:TA13-169Aurl:http://software.fujitsu.com/jp/security/vulnerabilities/ta13-169a.html
Trust: 0.8
title:jre-7u25-linux-i586url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=46256
Trust: 0.6
title:jre-7u25-macosx-x64url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=46260
Trust: 0.6
title:jre-7u25-solaris-sparcv9url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=46264
Trust: 0.6
title:jre-7u25-windows-x64url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=46268
Trust: 0.6
title:jre-7u25-linux-i586url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=46255
Trust: 0.6
title:jre-7u25-macosx-x64url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=46259
Trust: 0.6
title:jre-7u25-solaris-sparcurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=46263
Trust: 0.6
title:jre-7u25-windows-i586url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=46267
Trust: 0.6
title:jre-7u25-linux-x64url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=46258
Trust: 0.6
title:jre-7u25-solaris-x64url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=46262
Trust: 0.6
title:jre-7u25-windows-i586url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=46266
Trust: 0.6
title:jre-7u25-windows-i586-iftwurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=46265
Trust: 0.6
title:jre-7u25-windows-x64url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=46269
Trust: 0.6
title:jre-7u25-linux-x64url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=46257
Trust: 0.6
title:jre-7u25-solaris-i586url:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=46261
Trust: 0.6
title:Ubuntu Security Notice: openjdk-7 vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-1907-1
Trust: 0.1
title:Ubuntu Security Notice: icedtea-web updateurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-1907-2
Trust: 0.1
title:Ubuntu Security Notice: openjdk-6 vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-1908-1
Trust: 0.1
title:Debian Security Advisories: DSA-2727-1 openjdk-6 -- several vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=e7d6ea8eb77ee8911e5bbc08ff43f55c
Trust: 0.1
title:Debian Security Advisories: DSA-2722-1 openjdk-7 -- several vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=29128f887c1069c9cc8e265bacca4512
Trust: 0.1
title:Amazon Linux AMI: ALAS-2013-207url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2013-207
Trust: 0.1
title:Amazon Linux AMI: ALAS-2013-204url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2013-204
Trust: 0.1
sources:
            
            
            VULMON: CVE-2013-2461 // 
            
            
            
            JVNDB: JVNDB-2013-003058 // 
            
            
            
            CNNVD: CNNVD-201306-317

EXTERNAL IDS
db:NVDid:CVE-2013-2461
Trust: 3.6
db:USCERTid:TA13-169A
Trust: 2.5
db:BIDid:60645
Trust: 2.0
db:SECUNIAid:54154
Trust: 1.7
db:JVNDBid:JVNDB-2013-003058
Trust: 0.8
db:CNNVDid:CNNVD-201306-317
Trust: 0.6
db:HITACHIid:HS13-015
Trust: 0.3
db:ICS CERTid:ICSA-17-213-02
Trust: 0.3
db:JUNIPERid:JSA10642
Trust: 0.3
db:VULMONid:CVE-2013-2461
Trust: 0.1
db:PACKETSTORMid:122422
Trust: 0.1
db:PACKETSTORMid:122423
Trust: 0.1
db:PACKETSTORMid:122438
Trust: 0.1
db:PACKETSTORMid:124943
Trust: 0.1
db:PACKETSTORMid:122109
Trust: 0.1
db:PACKETSTORMid:122439
Trust: 0.1
db:PACKETSTORMid:122653
Trust: 0.1
db:PACKETSTORMid:122084
Trust: 0.1
sources:
            
            
            VULMON: CVE-2013-2461 // 
            
            
            
            BID: 60645 // 
            
            
            
            JVNDB: JVNDB-2013-003058 // 
            
            
            
            PACKETSTORM: 122422 // 
            
            
            
            PACKETSTORM: 122423 // 
            
            
            
            PACKETSTORM: 122438 // 
            
            
            
            PACKETSTORM: 124943 // 
            
            
            
            PACKETSTORM: 122109 // 
            
            
            
            PACKETSTORM: 122439 // 
            
            
            
            PACKETSTORM: 122653 // 
            
            
            
            PACKETSTORM: 122084 // 
            
            
            
            CNNVD: CNNVD-201306-317 // 
            
            
            
            NVD: CVE-2013-2461

REFERENCES
url:http://www.us-cert.gov/ncas/alerts/ta13-169a
Trust: 2.5
url:http://advisories.mageia.org/mgasa-2013-0185.html
Trust: 2.5
url:http://www.vmware.com/security/advisories/vmsa-2014-0012.html
Trust: 2.3
url:http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html
Trust: 2.1
url:http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html
Trust: 2.0
url:http://rhn.redhat.com/errata/rhsa-2013-0963.html
Trust: 1.8
url:http://www.securityfocus.com/bid/60645
Trust: 1.8
url:https://bugzilla.redhat.com/show_bug.cgi?id=975126
Trust: 1.7
url:http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/abe9ea5a50d2
Trust: 1.7
url:http://secunia.com/advisories/54154
Trust: 1.7
url:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html
Trust: 1.7
url:http://marc.info/?l=bugtraq&m=137545592101387&w=2
Trust: 1.7
url:http://marc.info/?l=bugtraq&m=137545505800971&w=2
Trust: 1.7
url:http://www.mandriva.com/security/advisories?name=mdvsa-2013:183
Trust: 1.7
url:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
Trust: 1.7
url:http://security.gentoo.org/glsa/glsa-201406-32.xml
Trust: 1.7
url:http://seclists.org/fulldisclosure/2014/dec/23
Trust: 1.7
url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a19582
Trust: 1.7
url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a19565
Trust: 1.7
url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a16887
Trust: 1.7
url:https://access.redhat.com/errata/rhsa-2014:0414
Trust: 1.7
url:http://www.securityfocus.com/archive/1/534161/100/0/threaded
Trust: 1.7
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2461
Trust: 0.9
url:http://www.ipa.go.jp/security/ciadr/vul/20130619-jre.html
Trust: 0.8
url:https://www.jpcert.or.jp/at/2013/at130030.html
Trust: 0.8
url:http://jvn.jp/cert/jvnta13-169a/
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-2461
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2013-2456
Trust: 0.7
url:https://nvd.nist.gov/vuln/detail/cve-2013-2407
Trust: 0.7
url:https://nvd.nist.gov/vuln/detail/cve-2013-2447
Trust: 0.7
url:https://nvd.nist.gov/vuln/detail/cve-2013-2452
Trust: 0.7
url:https://nvd.nist.gov/vuln/detail/cve-2013-1571
Trust: 0.7
url:https://nvd.nist.gov/vuln/detail/cve-2013-2461
Trust: 0.7
url:https://nvd.nist.gov/vuln/detail/cve-2013-2463
Trust: 0.7
url:https://nvd.nist.gov/vuln/detail/cve-2013-2469
Trust: 0.6
url:https://nvd.nist.gov/vuln/detail/cve-2013-2445
Trust: 0.6
url:https://nvd.nist.gov/vuln/detail/cve-2013-1500
Trust: 0.6
url:https://nvd.nist.gov/vuln/detail/cve-2013-2458
Trust: 0.6
url:https://nvd.nist.gov/vuln/detail/cve-2013-2412
Trust: 0.6
url:https://nvd.nist.gov/vuln/detail/cve-2013-2449
Trust: 0.6
url:https://nvd.nist.gov/vuln/detail/cve-2013-2448
Trust: 0.6
url:https://nvd.nist.gov/vuln/detail/cve-2013-2465
Trust: 0.6
url:https://nvd.nist.gov/vuln/detail/cve-2013-2446
Trust: 0.6
url:https://nvd.nist.gov/vuln/detail/cve-2013-2444
Trust: 0.6
url:https://nvd.nist.gov/vuln/detail/cve-2013-2450
Trust: 0.6
url:https://nvd.nist.gov/vuln/detail/cve-2013-2453
Trust: 0.5
url:https://nvd.nist.gov/vuln/detail/cve-2013-2470
Trust: 0.5
url:https://nvd.nist.gov/vuln/detail/cve-2013-2455
Trust: 0.5
url:https://nvd.nist.gov/vuln/detail/cve-2013-2457
Trust: 0.5
url:https://nvd.nist.gov/vuln/detail/cve-2013-2443
Trust: 0.5
url:https://nvd.nist.gov/vuln/detail/cve-2013-2459
Trust: 0.5
url:https://nvd.nist.gov/vuln/detail/cve-2013-2454
Trust: 0.5
url:https://nvd.nist.gov/vuln/detail/cve-2013-2471
Trust: 0.5
url:https://nvd.nist.gov/vuln/detail/cve-2013-2472
Trust: 0.4
url:https://nvd.nist.gov/vuln/detail/cve-2013-2460
Trust: 0.4
url:https://nvd.nist.gov/vuln/detail/cve-2013-2451
Trust: 0.4
url:http://kb.juniper.net/infocenter/index?page=content&id=jsa10642&cat=sirt_1&actp=list
Trust: 0.3
url:http://www-01.ibm.com/support/docview.wss?uid=isg400001621
Trust: 0.3
url:http://www.oracle.com/index.html
Trust: 0.3
url:https://ics-cert.us-cert.gov/advisories/icsa-17-213-02
Trust: 0.3
url:http://alerts.hp.com/r?2.1.3kt.2zr.xg7ek.jtfhr2..t.cyta.7%2a%2ak.bw89mq%5f%5fdehufqb0
Trust: 0.3
url:http://alerts.hp.com/r?2.1.3kt.2zr.xg7ek.jtfhr2..t.cytc.7%2a%2ak.bw89mq%5f%5fdeoifqd0
Trust: 0.3
url:http://www.hitachi.co.jp/prod/comp/soft1/global/security/info/vuls/hs13-015/index.html
Trust: 0.3
url:http://www.ibm.com/developerworks/java/jdk/alerts/
Trust: 0.3
url:https://downloads.avaya.com/css/p8/documents/100173341
Trust: 0.3
url:http://www-01.ibm.com/support/docview.wss?uid=nas8n1019760
Trust: 0.3
url:https://downloads.avaya.com/css/p8/documents/100175056
Trust: 0.3
url:http://www-01.ibm.com/support/docview.wss?uid=swg21644918
Trust: 0.3
url:https://www-304.ibm.com/support/docview.wss?uid=ssg1s1004514
Trust: 0.3
url:http://www-01.ibm.com/support/docview.wss?uid=swg21645500
Trust: 0.3
url:http://www-01.ibm.com/support/docview.wss?uid=swg21648074
Trust: 0.3
url:http://www-01.ibm.com/support/docview.wss?uid=swg24036927
Trust: 0.3
url:http://www.ubuntu.com/usn/usn-1908-1/
Trust: 0.3
url:http://www.xerox.com/download/security/security-bulletin/12047-4e4eed8d42ca6/cert_xrx13-007_v1.0.pdf
Trust: 0.3
url:https://nvd.nist.gov/vuln/detail/cve-2013-2473
Trust: 0.2
url:http://www.ubuntu.com/usn/usn-1907-1
Trust: 0.2
url:https://www.redhat.com/security/data/cve/cve-2013-2412.html
Trust: 0.2
url:https://www.redhat.com/security/data/cve/cve-2013-2463.html
Trust: 0.2
url:https://www.redhat.com/security/data/cve/cve-2013-2446.html
Trust: 0.2
url:https://access.redhat.com/security/updates/classification/#critical
Trust: 0.2
url:https://www.redhat.com/security/data/cve/cve-2013-1500.html
Trust: 0.2
url:https://www.redhat.com/security/data/cve/cve-2013-2455.html
Trust: 0.2
url:https://www.redhat.com/security/data/cve/cve-2013-2459.html
Trust: 0.2
url:https://www.redhat.com/security/data/cve/cve-2013-2456.html
Trust: 0.2
url:https://www.redhat.com/security/data/cve/cve-2013-2461.html
Trust: 0.2
url:https://www.redhat.com/security/data/cve/cve-2013-2444.html
Trust: 0.2
url:https://www.redhat.com/security/data/cve/cve-2013-2445.html
Trust: 0.2
url:https://www.redhat.com/security/data/cve/cve-2013-2454.html
Trust: 0.2
url:https://www.redhat.com/security/data/cve/cve-2013-2407.html
Trust: 0.2
url:https://www.redhat.com/security/data/cve/cve-2013-2447.html
Trust: 0.2
url:https://www.redhat.com/security/data/cve/cve-2013-2452.html
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2013-2442
Trust: 0.2
url:https://www.redhat.com/security/data/cve/cve-2013-2470.html
Trust: 0.2
url:https://www.redhat.com/security/data/cve/cve-2013-2460.html
Trust: 0.2
url:https://access.redhat.com/security/team/contact/
Trust: 0.2
url:https://www.redhat.com/security/data/cve/cve-2013-1571.html
Trust: 0.2
url:https://www.redhat.com/mailman/listinfo/rhsa-announce
Trust: 0.2
url:https://www.redhat.com/security/data/cve/cve-2013-2448.html
Trust: 0.2
url:https://www.redhat.com/security/data/cve/cve-2013-2449.html
Trust: 0.2
url:https://www.redhat.com/security/data/cve/cve-2013-2465.html
Trust: 0.2
url:https://www.redhat.com/security/data/cve/cve-2013-2472.html
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2013-2437
Trust: 0.2
url:https://www.redhat.com/security/data/cve/cve-2013-2471.html
Trust: 0.2
url:https://www.redhat.com/security/data/cve/cve-2013-2453.html
Trust: 0.2
url:https://access.redhat.com/knowledge/articles/11258
Trust: 0.2
url:https://www.redhat.com/security/data/cve/cve-2013-2473.html
Trust: 0.2
url:https://www.redhat.com/security/data/cve/cve-2013-2469.html
Trust: 0.2
url:https://www.redhat.com/security/data/cve/cve-2013-2443.html
Trust: 0.2
url:https://access.redhat.com/security/team/key/#package
Trust: 0.2
url:http://bugzilla.redhat.com/):
Trust: 0.2
url:https://www.redhat.com/security/data/cve/cve-2013-2458.html
Trust: 0.2
url:https://www.redhat.com/security/data/cve/cve-2013-2450.html
Trust: 0.2
url:https://www.redhat.com/security/data/cve/cve-2013-2457.html
Trust: 0.2
url:https://cwe.mitre.org/data/definitions/.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:https://usn.ubuntu.com/1907-1/
Trust: 0.1
url:http://tools.cisco.com/security/center/viewalert.x?alertid=29704
Trust: 0.1
url:https://rhn.redhat.com/errata/rhsa-2013-1014.html
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2443
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2452
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2451
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2412
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2447
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-1571
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2449
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2465
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2472
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2456
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2458
Trust: 0.1
url:http://www.mandriva.com/en/support/security/
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2445
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2455
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2446
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2407
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2460
Trust: 0.1
url:http://www.mandriva.com/en/support/security/advisories/
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-1500
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2470
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2459
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2457
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2444
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2463
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2453
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2448
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2454
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2450
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2469
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2473
Trust: 0.1
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-2471
Trust: 0.1
url:http://www.debian.org/security/faq
Trust: 0.1
url:http://www.debian.org/security/
Trust: 0.1
url:https://launchpad.net/ubuntu/+source/openjdk-7/7u25-2.3.10-1ubuntu0.13.04.2
Trust: 0.1
url:https://launchpad.net/ubuntu/+source/openjdk-7/7u25-2.3.10-1ubuntu0.12.10.2
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0507
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5870
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-0503
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0419
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2469
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2443
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1717
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1716
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0505
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1518
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2419
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1558
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3829
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5818
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1541
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5829
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5804
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1485
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5889
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0449
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2440
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5806
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5087
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2422
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1540
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0385
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2427
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2437
Trust: 0.1
url:http://creativecommons.org/licenses/by-sa/2.5
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0445
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0500
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5075
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2468
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3743
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0422
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-0501
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2426
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5893
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3159
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3174
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5084
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5888
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1711
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0437
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-1541
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2461
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0373
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0351
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1563
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5789
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5820
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0504
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1682
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2470
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0547
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5899
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2451
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5801
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5823
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0423
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2459
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5832
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5848
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0428
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2460
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1713
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0415
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5784
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-1719
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-1533
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2400
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1564
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3143
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5830
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0448
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5800
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0438
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5810
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5905
Trust: 0.1
url:http://security.gentoo.org/glsa/glsa-201401-30.xml
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5904
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2456
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5803
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5831
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5086
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2452
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2383
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2447
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2423
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5778
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0422
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2445
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2450
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5780
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5073
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1493
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2446
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-3744
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5854
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2394
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5069
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-5035
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0498
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1500
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5852
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5777
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-0547
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5850
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-0499
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2384
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0499
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1557
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0409
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-1532
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2428
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2453
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0401
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5085
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2407
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2421
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4681
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2462
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0423
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2429
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5083
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0375
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2439
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5068
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2416
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3136
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0376
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5824
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3342
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5776
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5071
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1531
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0417
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-0504
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-1723
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0497
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5819
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-0507
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1722
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5774
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5782
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5895
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2466
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1725
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5790
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5805
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0403
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5802
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0446
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1719
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5849
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2011-5035
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2448
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2418
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2458
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5788
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0416
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5825
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0506
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1484
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0424
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2430
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1473
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2415
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5887
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0418
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3216
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1718
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5772
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0410
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0368
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-1717
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2425
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5074
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-0500
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2454
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2444
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5072
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2436
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-1722
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-4416
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1537
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5902
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2432
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0387
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-0502
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-1716
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1533
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2449
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0503
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2457
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2438
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1721
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0382
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0169
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5812
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2011-3563
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0809
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5077
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-3213
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5846
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-1718
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-0497
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1723
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1726
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1571
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5775
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5787
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5081
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5898
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5840
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-1531
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5851
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2465
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1481
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2431
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2011-3563
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2433
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2473
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5844
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5906
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5783
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-1711
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2463
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1532
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1561
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2412
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2435
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1491
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5809
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5910
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2420
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1487
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-1713
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5907
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0501
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2417
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2471
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5896
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5843
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5067
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-1682
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-0498
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2414
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2424
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5076
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2467
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5842
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5079
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0411
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-1721
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1569
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-1724
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5797
Trust: 0.1
url:http://security.gentoo.org/
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5070
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1479
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1486
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2434
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2442
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-1488
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2464
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2472
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-0502
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5878
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-0505
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5817
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5814
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2014-0408
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0402
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2012-0506
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-5838
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-0430
Trust: 0.1
url:https://bugs.gentoo.org.
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2013-2455
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5088
Trust: 0.1
url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2012-5089
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-3744.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-2468.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-2442.html
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2013-2400
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-2464.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-2466.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-2400.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-2462.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-2437.html
Trust: 0.1
url:https://www.redhat.com/security/data/cve/cve-2013-2451.html
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2013-2462
Trust: 0.1
url:https://launchpad.net/ubuntu/+source/icedtea-web/1.3.2-1ubuntu0.12.10.2
Trust: 0.1
url:https://launchpad.net/ubuntu/+source/icedtea-web/1.2.3-0ubuntu0.12.04.3
Trust: 0.1
url:https://launchpad.net/ubuntu/+source/icedtea-web/1.3.2-1ubuntu1.1
Trust: 0.1
url:https://launchpad.net/bugs/1201908
Trust: 0.1
url:http://www.ubuntu.com/usn/usn-1907-2
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2013-2464
Trust: 0.1
url:http://www.hp.com/java
Trust: 0.1
url:http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2013-2468
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2013-2466
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2013-2433
Trust: 0.1
url:https://www.hp.com/go/swa
Trust: 0.1
url:https://h20564.www2.hp.com/portal/site/hpsc/public/kb/
Trust: 0.1
url:https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/
Trust: 0.1
url:http://icedtea.classpath.org/hg/release/icedtea7-2.3/file/icedtea-2.3.10/news
Trust: 0.1
url:https://rhn.redhat.com/errata/rhba-2013-0959.html
Trust: 0.1
url:https://rhn.redhat.com/errata/rhsa-2013-0957.html
Trust: 0.1
sources:
            
            
            VULMON: CVE-2013-2461 // 
            
            
            
            BID: 60645 // 
            
            
            
            JVNDB: JVNDB-2013-003058 // 
            
            
            
            PACKETSTORM: 122422 // 
            
            
            
            PACKETSTORM: 122423 // 
            
            
            
            PACKETSTORM: 122438 // 
            
            
            
            PACKETSTORM: 124943 // 
            
            
            
            PACKETSTORM: 122109 // 
            
            
            
            PACKETSTORM: 122439 // 
            
            
            
            PACKETSTORM: 122653 // 
            
            
            
            PACKETSTORM: 122084 // 
            
            
            
            CNNVD: CNNVD-201306-317 // 
            
            
            
            NVD: CVE-2013-2461

CREDITS
Oracle
Trust: 0.3
sources:
            
            
            BID: 60645

SOURCES
db:VULMONid:CVE-2013-2461
db:BIDid:60645
db:JVNDBid:JVNDB-2013-003058
db:PACKETSTORMid:122422
db:PACKETSTORMid:122423
db:PACKETSTORMid:122438
db:PACKETSTORMid:124943
db:PACKETSTORMid:122109
db:PACKETSTORMid:122439
db:PACKETSTORMid:122653
db:PACKETSTORMid:122084
db:CNNVDid:CNNVD-201306-317
db:NVDid:CVE-2013-2461

LAST UPDATE DATE
2024-11-21T22:48:48.339000+00:00

SOURCES UPDATE DATE
db:VULMONid:CVE-2013-2461date:2019-07-18T00:00:00
db:BIDid:60645date:2017-08-22T14:11:00
db:JVNDBid:JVNDB-2013-003058date:2015-03-18T00:00:00
db:CNNVDid:CNNVD-201306-317date:2022-05-16T00:00:00
db:NVDid:CVE-2013-2461date:2022-05-13T14:35:27.090

SOURCES RELEASE DATE
db:VULMONid:CVE-2013-2461date:2013-06-18T00:00:00
db:BIDid:60645date:2013-06-18T00:00:00
db:JVNDBid:JVNDB-2013-003058date:2013-06-19T00:00:00
db:PACKETSTORMid:122422date:2013-07-16T03:45:16
db:PACKETSTORMid:122423date:2013-07-16T03:46:50
db:PACKETSTORMid:122438date:2013-07-17T00:03:49
db:PACKETSTORMid:124943date:2014-01-27T18:30:13
db:PACKETSTORMid:122109date:2013-06-21T01:38:12
db:PACKETSTORMid:122439date:2013-07-17T00:04:34
db:PACKETSTORMid:122653date:2013-08-02T15:12:49
db:PACKETSTORMid:122084date:2013-06-20T00:47:46
db:CNNVDid:CNNVD-201306-317date:2013-06-19T00:00:00
db:NVDid:CVE-2013-2461date:2013-06-18T22:55:02.727