ID

VAR-201306-0247


CVE

CVE-2013-2448


TITLE

Oracle Java Sequencer Security Manager Bypass Remote Code Execution Vulnerability

Trust: 0.7

sources: ZDI: ZDI-13-160

DESCRIPTION

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to insufficient "access restrictions" and "robustness of sound classes.". This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the javax.sound.midi.Sequence class. The issue lies in the ability to create an event listener that is run in a privileged context. An attacker can leverage this to execute code under the context of the current process. The vulnerability can be exploited over multiple protocols. This issue affects the 'Sound' sub-component. This vulnerability affects the following supported versions: 7 Update 21 , 6 Update 45 , 5.0 Update 45. For the oldstable distribution (squeeze), these problems have been fixed in version 6b27-1.12.6-1~deb6u1. For the stable distribution (wheezy), these problems have been fixed in version 6b27-1.12.6-1~deb7u1. For the unstable distribution (sid), these problems have been fixed in version 6b27-1.12.6-1. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c03898880 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03898880 Version: 1 HPSBUX02922 SSRT101305 rev.1 - HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities NOTICE: The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2013-08-19 Last Updated: 2013-08-16 Potential Security Impact: Remote unauthorized access, disclosure of information, and other vulnerabilities Source: Hewlett-Packard Company, HP Software Security Response Team VULNERABILITY SUMMARY Potential security vulnerabilities have been identified in Java5 Runtime Environment (JRE) and Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote unauthorized access, disclosure of information, and other vulnerabilities. HP-UX B.11.11, B.11.23, and B.11.31 running HP JDK and JRE v5.0.28 and earlier BACKGROUND CVSS 2.0 Base Metrics =========================================================== Reference Base Vector Base Score CVE-2013-0401 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1491 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1500 (AV:L/AC:L/Au:N/C:P/I:P/A:N) 3.6 CVE-2013-1518 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1537 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1557 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1569 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-1571 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2013-2383 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-2384 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-2394 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2013-2417 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2013-2419 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2013-2420 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-2424 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2013-2429 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2013-2430 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2013-2432 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-2433 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 4.3 CVE-2013-2439 (AV:L/AC:M/Au:N/C:C/I:C/A:C) 6.9 CVE-2013-2444 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2013-2445 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 7.8 CVE-2013-2446 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2013-2447 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2013-2448 (AV:N/AC:H/Au:N/C:C/I:C/A:C) 7.6 CVE-2013-2450 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 5.0 CVE-2013-2452 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2013-2454 (AV:N/AC:M/Au:N/C:P/I:P/A:N) 5.8 CVE-2013-2455 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2013-2456 (AV:N/AC:L/Au:N/C:P/I:N/A:N) 5.0 CVE-2013-2457 (AV:N/AC:L/Au:N/C:N/I:P/A:N) 5.0 CVE-2013-2459 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-2463 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-2464 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-2465 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-2469 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-2470 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-2471 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-2472 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-2473 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10.0 CVE-2013-3743 (AV:N/AC:M/Au:N/C:C/I:C/A:C) 9.3 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002 RESOLUTION HP has provided the following Java version upgrade to resolve these vulnerabilities. The upgrade is available from the following location http://www.hp.com/go/java HP-UX Version HPJava Version B.11.11, B.11.23, B.11.31 JDK / JRE v5.0.29 or subsequent MANUAL ACTIONS: Yes - Update For Java v5.0 update to Java v5.0.29 or subsequent PRODUCT SPECIFIC INFORMATION HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see https://www.hp.com/go/swa The following text is for use by the HP-UX Software Assistant. AFFECTED VERSIONS HP-UX B.11.23 HP-UX B.11.31 =========== Jdk15.JDK15-COM Jdk15.JDK15-DEMO Jdk15.JDK15-IPF32 Jdk15.JDK15-IPF64 Jre15.JRE15-COM Jre15.JRE15-COM-DOC Jre15.JRE15-IPF32 Jre15.JRE15-IPF32-HS Jre15.JRE15-IPF64 Jre15.JRE15-IPF64-HS action: install revision 1.5.0.29.00 or subsequent HP-UX B.11.11 HP-UX B.11.23 =========== Jdk15.JDK15-COM Jdk15.JDK15-DEMO Jdk15.JDK15-PA20 Jdk15.JDK15-PA20W Jre15.JRE15-COM Jre15.JRE15-COM-DOC Jre15.JRE15-PA20 Jre15.JRE15-PA20-HS Jre15.JRE15-PA20W Jre15.JRE15-PA20W-HS action: install revision 1.5.0.29.00 or subsequent END AFFECTED VERSIONS HISTORY Version:1 (rev.1) - 19 August 2013 Initial release Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy. Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HP Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com. Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins Security Bulletin Archive: A list of recently released Security Bulletins is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/ Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB. 3C = 3COM 3P = 3rd Party Software GN = HP General Software HF = HP Hardware and Firmware MP = MPE/iX MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PI = Printing and Imaging PV = ProCurve ST = Storage Software TU = Tru64 UNIX UX = HP-UX Copyright 2013 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ===================================================================== Red Hat Security Advisory Synopsis: Critical: java-1.7.0-openjdk security update Advisory ID: RHSA-2013:0957-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2013-0957.html Issue date: 2013-06-19 CVE Names: CVE-2013-1500 CVE-2013-1571 CVE-2013-2407 CVE-2013-2412 CVE-2013-2443 CVE-2013-2444 CVE-2013-2445 CVE-2013-2446 CVE-2013-2447 CVE-2013-2448 CVE-2013-2449 CVE-2013-2450 CVE-2013-2452 CVE-2013-2453 CVE-2013-2454 CVE-2013-2455 CVE-2013-2456 CVE-2013-2457 CVE-2013-2458 CVE-2013-2459 CVE-2013-2460 CVE-2013-2461 CVE-2013-2463 CVE-2013-2465 CVE-2013-2469 CVE-2013-2470 CVE-2013-2471 CVE-2013-2472 CVE-2013-2473 ===================================================================== 1. Summary: Updated java-1.7.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, noarch, x86_64 3. Description: These packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Software Development Kit. Multiple flaws were discovered in the ImagingLib and the image attribute, channel, layout and raster processing in the 2D component. An untrusted Java application or applet could possibly use these flaws to trigger Java Virtual Machine memory corruption. (CVE-2013-2470, CVE-2013-2471, CVE-2013-2472, CVE-2013-2473, CVE-2013-2463, CVE-2013-2465, CVE-2013-2469) Integer overflow flaws were found in the way AWT processed certain input. (CVE-2013-2459) Multiple improper permission check issues were discovered in the Sound, JDBC, Libraries, JMX, and Serviceability components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. (CVE-2013-2448, CVE-2013-2454, CVE-2013-2458, CVE-2013-2457, CVE-2013-2453, CVE-2013-2460) Multiple flaws in the Serialization, Networking, Libraries and CORBA components can be exploited by an untrusted Java application or applet to gain access to potentially sensitive information. (CVE-2013-2456, CVE-2013-2447, CVE-2013-2455, CVE-2013-2452, CVE-2013-2443, CVE-2013-2446) It was discovered that the Hotspot component did not properly handle out-of-memory errors. An untrusted Java application or applet could possibly use these flaws to terminate the Java Virtual Machine. (CVE-2013-2445) It was discovered that the AWT component did not properly manage certain resources and that the ObjectStreamClass of the Serialization component did not properly handle circular references. An untrusted Java application or applet could possibly use these flaws to cause a denial of service. (CVE-2013-2444, CVE-2013-2450) It was discovered that the Libraries component contained certain errors related to XML security and the class loader. A remote attacker could possibly exploit these flaws to bypass intended security mechanisms or disclose potentially sensitive information and cause a denial of service. (CVE-2013-2407, CVE-2013-2461) It was discovered that JConsole did not properly inform the user when establishing an SSL connection failed. An attacker could exploit this flaw to gain access to potentially sensitive information. (CVE-2013-2412) It was discovered that GnomeFileTypeDetector did not check for read permissions when accessing files. An untrusted Java application or applet could possibly use this flaw to disclose potentially sensitive information. (CVE-2013-2449) It was found that documentation generated by Javadoc was vulnerable to a frame injection attack. If such documentation was accessible over a network, and a remote attacker could trick a user into visiting a specially-crafted URL, it would lead to arbitrary web content being displayed next to the documentation. This could be used to perform a phishing attack by providing frame content that spoofed a login form on the site hosting the vulnerable documentation. (CVE-2013-1571) It was discovered that the 2D component created shared memory segments with insecure permissions. A local attacker could use this flaw to read or write to the shared memory segment. (CVE-2013-1500) Red Hat would like to thank Tim Brown for reporting CVE-2013-1500, and US-CERT for reporting CVE-2013-1571. US-CERT acknowledges Oracle as the original reporter of CVE-2013-1571. Note: If the web browser plug-in provided by the icedtea-web package was installed, the issues exposed via Java applets could have been exploited without user interaction if a user visited a malicious website. After installing this update, users of icedtea-web must install RHBA-2013:0959 for icedtea-web to continue functioning. This erratum also upgrades the OpenJDK package to IcedTea7 2.3.10. Refer to the NEWS file, linked to in the References, for further information. 4. Solution: All users of java-1.7.0-openjdk are advised to upgrade to these updated packages, which resolve these issues. All running instances of OpenJDK Java must be restarted for the update to take effect. Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 5. Bugs fixed (http://bugzilla.redhat.com/): 973474 - CVE-2013-1571 OpenJDK: Frame injection in generated HTML (Javadoc, 8012375) 975099 - CVE-2013-2470 OpenJDK: ImagingLib byte lookup processing (2D, 8011243) 975102 - CVE-2013-2471 OpenJDK: Incorrect IntegerComponentRaster size checks (2D, 8011248) 975107 - CVE-2013-2472 OpenJDK: Incorrect ShortBandedRaster size checks (2D, 8011253) 975110 - CVE-2013-2473 OpenJDK: Incorrect ByteBandedRaster size checks (2D, 8011257) 975115 - CVE-2013-2463 OpenJDK: Incorrect image attribute verification (2D, 8012438) 975118 - CVE-2013-2465 OpenJDK: Incorrect image channel verification (2D, 8012597) 975120 - CVE-2013-2469 OpenJDK: Incorrect image layout verification (2D, 8012601) 975121 - CVE-2013-2459 OpenJDK: Various AWT integer overflow checks (AWT, 8009071) 975122 - CVE-2013-2460 OpenJDK: tracing insufficient access checks (Serviceability, 8010209) 975124 - CVE-2013-2445 OpenJDK: Better handling of memory allocation errors (Hotspot, 7158805) 975125 - CVE-2013-2448 OpenJDK: Better access restrictions (Sound, 8006328) 975126 - CVE-2013-2461 OpenJDK: Missing check for valid DOMCanonicalizationMethod canonicalization algorithm (Libraries, 8014281) 975127 - CVE-2013-2407 OpenJDK: Integrate Apache Santuario, rework class loader (Libraries, 6741606, 8008744) 975129 - CVE-2013-2454 OpenJDK: SerialJavaObject package restriction (JDBC, 8009554) 975130 - CVE-2013-2458 OpenJDK: Method handles (Libraries, 8009424) 975131 - CVE-2013-2444 OpenJDK: Resource denial of service (AWT, 8001038) 975132 - CVE-2013-2446 OpenJDK: output stream access restrictions (CORBA, 8000642) 975133 - CVE-2013-2457 OpenJDK: Proper class checking (JMX, 8008120) 975134 - CVE-2013-2453 OpenJDK: MBeanServer Introspector package access (JMX, 8008124) 975137 - CVE-2013-2443 OpenJDK: AccessControlContext check order issue (Libraries, 8001330) 975138 - CVE-2013-2452 OpenJDK: Unique VMIDs(Libraries, 8001033) 975139 - CVE-2013-2455 OpenJDK: getEnclosing* checks (Libraries, 8007812) 975140 - CVE-2013-2447 OpenJDK: Prevent revealing the local address (Networking, 8001318) 975141 - CVE-2013-2450 OpenJDK: ObjectStreamClass circular reference denial of service (Serialization, 8000638) 975142 - CVE-2013-2456 OpenJDK: ObjectOutputStream access checks (Serialization, 8008132) 975144 - CVE-2013-2412 OpenJDK: JConsole SSL support (Serviceability, 8003703) 975145 - CVE-2013-2449 OpenJDK: GnomeFileTypeDetector path access check(Libraries, 8004288) 975148 - CVE-2013-1500 OpenJDK: Insecure shared memory permissions (2D, 8001034) 6. Package List: Red Hat Enterprise Linux Desktop (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.src.rpm i386: java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.i686.rpm java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.i686.rpm x86_64: java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm Red Hat Enterprise Linux Desktop Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Client/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.src.rpm i386: java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.i686.rpm java-1.7.0-openjdk-demo-1.7.0.25-2.3.10.3.el6_4.i686.rpm java-1.7.0-openjdk-devel-1.7.0.25-2.3.10.3.el6_4.i686.rpm java-1.7.0-openjdk-src-1.7.0.25-2.3.10.3.el6_4.i686.rpm noarch: java-1.7.0-openjdk-javadoc-1.7.0.25-2.3.10.3.el6_4.noarch.rpm x86_64: java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm Red Hat Enterprise Linux HPC Node (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.src.rpm x86_64: java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6ComputeNode/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.src.rpm noarch: java-1.7.0-openjdk-javadoc-1.7.0.25-2.3.10.3.el6_4.noarch.rpm x86_64: java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm Red Hat Enterprise Linux Server (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.src.rpm i386: java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.i686.rpm java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.i686.rpm java-1.7.0-openjdk-devel-1.7.0.25-2.3.10.3.el6_4.i686.rpm x86_64: java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.src.rpm i386: java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.i686.rpm java-1.7.0-openjdk-demo-1.7.0.25-2.3.10.3.el6_4.i686.rpm java-1.7.0-openjdk-src-1.7.0.25-2.3.10.3.el6_4.i686.rpm noarch: java-1.7.0-openjdk-javadoc-1.7.0.25-2.3.10.3.el6_4.noarch.rpm x86_64: java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.src.rpm i386: java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.i686.rpm java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.i686.rpm java-1.7.0-openjdk-devel-1.7.0.25-2.3.10.3.el6_4.i686.rpm x86_64: java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-devel-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v. 6): Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Workstation/en/os/SRPMS/java-1.7.0-openjdk-1.7.0.25-2.3.10.3.el6_4.src.rpm i386: java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.i686.rpm java-1.7.0-openjdk-demo-1.7.0.25-2.3.10.3.el6_4.i686.rpm java-1.7.0-openjdk-src-1.7.0.25-2.3.10.3.el6_4.i686.rpm noarch: java-1.7.0-openjdk-javadoc-1.7.0.25-2.3.10.3.el6_4.noarch.rpm x86_64: java-1.7.0-openjdk-debuginfo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-demo-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm java-1.7.0-openjdk-src-1.7.0.25-2.3.10.3.el6_4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package 7. References: https://www.redhat.com/security/data/cve/CVE-2013-1500.html https://www.redhat.com/security/data/cve/CVE-2013-1571.html https://www.redhat.com/security/data/cve/CVE-2013-2407.html https://www.redhat.com/security/data/cve/CVE-2013-2412.html https://www.redhat.com/security/data/cve/CVE-2013-2443.html https://www.redhat.com/security/data/cve/CVE-2013-2444.html https://www.redhat.com/security/data/cve/CVE-2013-2445.html https://www.redhat.com/security/data/cve/CVE-2013-2446.html https://www.redhat.com/security/data/cve/CVE-2013-2447.html https://www.redhat.com/security/data/cve/CVE-2013-2448.html https://www.redhat.com/security/data/cve/CVE-2013-2449.html https://www.redhat.com/security/data/cve/CVE-2013-2450.html https://www.redhat.com/security/data/cve/CVE-2013-2452.html https://www.redhat.com/security/data/cve/CVE-2013-2453.html https://www.redhat.com/security/data/cve/CVE-2013-2454.html https://www.redhat.com/security/data/cve/CVE-2013-2455.html https://www.redhat.com/security/data/cve/CVE-2013-2456.html https://www.redhat.com/security/data/cve/CVE-2013-2457.html https://www.redhat.com/security/data/cve/CVE-2013-2458.html https://www.redhat.com/security/data/cve/CVE-2013-2459.html https://www.redhat.com/security/data/cve/CVE-2013-2460.html https://www.redhat.com/security/data/cve/CVE-2013-2461.html https://www.redhat.com/security/data/cve/CVE-2013-2463.html https://www.redhat.com/security/data/cve/CVE-2013-2465.html https://www.redhat.com/security/data/cve/CVE-2013-2469.html https://www.redhat.com/security/data/cve/CVE-2013-2470.html https://www.redhat.com/security/data/cve/CVE-2013-2471.html https://www.redhat.com/security/data/cve/CVE-2013-2472.html https://www.redhat.com/security/data/cve/CVE-2013-2473.html https://access.redhat.com/security/updates/classification/#critical http://icedtea.classpath.org/hg/release/icedtea7-2.3/file/icedtea-2.3.10/NEWS https://rhn.redhat.com/errata/RHBA-2013-0959.html 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2013 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFRwkhZXlSAg2UNWIIRAq8SAJ9tsW9PY39Aa6lmSLhOhlUi8hrnugCePCKO NAdLLpJKlVulPXKONu/CudU= =+H1U -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . ============================================================================ Ubuntu Security Notice USN-1908-1 July 23, 2013 openjdk-6 vulnerabilities ============================================================================ A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 12.04 LTS - Ubuntu 10.04 LTS Summary: Several security issues were fixed in OpenJDK 6. (CVE-2013-1500, CVE-2013-2454, CVE-2013-2458) A vulnerability was discovered in the OpenJDK Javadoc related to data integrity. (CVE-2013-1571) A vulnerability was discovered in the OpenJDK JRE related to information disclosure and availability. (CVE-2013-2412, CVE-2013-2443, CVE-2013-2446, CVE-2013-2447, CVE-2013-2449, CVE-2013-2452, CVE-2013-2456) Several vulnerabilities were discovered in the OpenJDK JRE related to availability. (CVE-2013-2448, CVE-2013-2451, CVE-2013-2459, CVE-2013-2461, CVE-2013-2463, CVE-2013-2465, CVE-2013-2469, CVE-2013-2470, CVE-2013-2471, CVE-2013-2472, CVE-2013-2473, CVE-2013-3743) Several vulnerabilities were discovered in the OpenJDK JRE related to data integrity. (CVE-2013-2453, CVE-2013-2455, CVE-2013-2457) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 12.04 LTS: icedtea-6-jre-cacao 6b27-1.12.6-1ubuntu0.12.04.2 icedtea-6-jre-jamvm 6b27-1.12.6-1ubuntu0.12.04.2 openjdk-6-doc 6b27-1.12.6-1ubuntu0.12.04.2 openjdk-6-jre 6b27-1.12.6-1ubuntu0.12.04.2 openjdk-6-jre-headless 6b27-1.12.6-1ubuntu0.12.04.2 openjdk-6-jre-lib 6b27-1.12.6-1ubuntu0.12.04.2 openjdk-6-jre-zero 6b27-1.12.6-1ubuntu0.12.04.2 Ubuntu 10.04 LTS: icedtea-6-jre-cacao 6b27-1.12.6-1ubuntu0.10.04.2 openjdk-6-doc 6b27-1.12.6-1ubuntu0.10.04.2 openjdk-6-jre 6b27-1.12.6-1ubuntu0.10.04.2 openjdk-6-jre-headless 6b27-1.12.6-1ubuntu0.10.04.2 openjdk-6-jre-lib 6b27-1.12.6-1ubuntu0.10.04.2 openjdk-6-jre-zero 6b27-1.12.6-1ubuntu0.10.04.2 This update uses a new upstream release, which includes additional bug fixes

Trust: 2.61

sources: NVD: CVE-2013-2448 // ZDI: ZDI-13-160 // BID: 60640 // VULMON: CVE-2013-2448 // PACKETSTORM: 122551 // PACKETSTORM: 122879 // PACKETSTORM: 122405 // PACKETSTORM: 126195 // PACKETSTORM: 122109 // PACKETSTORM: 122273 // PACKETSTORM: 122084 // PACKETSTORM: 122522

AFFECTED PRODUCTS

vendor:oraclemodel:jrescope:eqversion:1.5.0

Trust: 1.0

vendor:oraclemodel:jdkscope:eqversion:1.6.0

Trust: 1.0

vendor:oraclemodel:jdkscope:lteversion:1.5.0

Trust: 1.0

vendor:oraclemodel:jdkscope:eqversion:1.5.0

Trust: 1.0

vendor:sunmodel:jrescope:eqversion:1.5.0

Trust: 1.0

vendor:sunmodel:jdkscope:eqversion:1.5.0

Trust: 1.0

vendor:sunmodel:jrescope:eqversion:1.6.0

Trust: 1.0

vendor:sunmodel:jdkscope:eqversion:1.6.0

Trust: 1.0

vendor:oraclemodel:jrescope:lteversion:1.7.0

Trust: 1.0

vendor:oraclemodel:jdkscope:lteversion:1.7.0

Trust: 1.0

vendor:oraclemodel:jrescope:eqversion:1.7.0

Trust: 1.0

vendor:oraclemodel:jdkscope:eqversion:1.7.0

Trust: 1.0

vendor:oraclemodel:jrescope:eqversion:1.6.0

Trust: 1.0

vendor:oraclemodel:jrescope:lteversion:1.6.0

Trust: 1.0

vendor:oraclemodel:jrescope:lteversion:1.5.0

Trust: 1.0

vendor:oraclemodel:jdkscope:lteversion:1.6.0

Trust: 1.0

vendor:sunmodel:jre 17scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jre 13scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jre 12scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jre 10scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jre 07scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jre 06scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jre 05scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jre 04scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jrescope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jre 22scope:eqversion:1.5

Trust: 0.9

vendor:sunmodel:jre 18scope:eqversion:1.5

Trust: 0.9

vendor:sunmodel:jre 16scope:eqversion:1.5

Trust: 0.9

vendor:sunmodel:jre 15scope:eqversion:1.5

Trust: 0.9

vendor:sunmodel:jre 06scope:eqversion:1.5

Trust: 0.9

vendor:sunmodel:jre 05scope:eqversion:1.5

Trust: 0.9

vendor:sunmodel:jre 04scope:eqversion:1.5

Trust: 0.9

vendor:sunmodel:jre 03scope:eqversion:1.5

Trust: 0.9

vendor:sunmodel:jre 02scope:eqversion:1.5

Trust: 0.9

vendor:sunmodel:jre 01scope:eqversion:1.5

Trust: 0.9

vendor:sunmodel:jrescope:eqversion:1.5

Trust: 0.9

vendor:sunmodel:jrescope:eqversion:1.7

Trust: 0.9

vendor:sunmodel:jre 1.6.0 21scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.6.0 19scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.6.0 18scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.6.0 15scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.6.0 14scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.6.0 11scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.6.0 03scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.6.0 02scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.6.0 01scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.5.0 35scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.5.0 33scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.5.0 32scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.5.0 31scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.5.0 30scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.5.0 29scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.5.0 28scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.5.0 27scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.5.0 26scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.5.0 25scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.5.0 23scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.5.0 20scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.5.0 17scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.5.0 14scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.5.0 13scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.5.0 12scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.5.0 11scope: - version: -

Trust: 0.9

vendor:sunmodel:jre 1.5.0 10scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 17scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jdk 14scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jdk 13scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jdk 11scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jdk 10scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jdk 07scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jdk 06scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jdk 05scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jdk 04scope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jdkscope:eqversion:1.6

Trust: 0.9

vendor:sunmodel:jdk 0 10scope:eqversion:1.5

Trust: 0.9

vendor:sunmodel:jdk 22scope:eqversion:1.5

Trust: 0.9

vendor:sunmodel:jdk 18scope:eqversion:1.5

Trust: 0.9

vendor:sunmodel:jdk 17scope:eqversion:1.5

Trust: 0.9

vendor:sunmodel:jdk 15scope:eqversion:1.5

Trust: 0.9

vendor:sunmodel:jdk 14scope:eqversion:1.5

Trust: 0.9

vendor:sunmodel:jdk 02scope:eqversion:1.5

Trust: 0.9

vendor:sunmodel:jdk 01scope:eqversion:1.5

Trust: 0.9

vendor:sunmodel:jdk .0 05scope:eqversion:1.5

Trust: 0.9

vendor:sunmodel:jdk 1.6.0 21scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 1.6.0 20scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 1.6.0 19scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 1.6.0 18scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 1.6.0 15scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 1.6.0 03scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 1.6.0 02scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 1.5.0 35scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 1.5.0 33scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 1.5.0 32scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 1.5.0 31scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 1.5.0 30scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 1.5.0 29scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 1.5.0 28scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 1.5.0 27scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 1.5.0 26scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 1.5.0 25scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 1.5.0 24scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 1.5.0 23scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 1.5.0 20scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 1.5.0 16scope: - version: -

Trust: 0.9

vendor:sunmodel:jdk 1.5.0 13scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.7.0 9scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.7.0 8scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.7.0 17scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.7.0 13scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.7.0 11scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.7.0 10scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 43scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 39scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 38scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.5.0 41scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.5.0 39scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 45scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.7.0 7scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.7.0 4scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.7.0 2scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 35scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 32scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 30scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 28scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 27scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 26scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 25scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 24scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 23scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.6.0 22scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.5.0 38scope: - version: -

Trust: 0.9

vendor:oraclemodel:jre 1.5.0 36scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.7.0 9scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.7.0 8scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.7.0 21scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.7.0 13scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.7.0 12scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.7.0 11scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.7.0 10scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 45scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 43scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 39scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.5.0 45scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.5.0 39scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 37scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdkscope:eqversion:1.7

Trust: 0.9

vendor:oraclemodel:jdk 1.7.0 7scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.7.0 4scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.7.0 2scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 38scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 35scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 32scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 30scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 28scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 27scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 26scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 25scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 24scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 23scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.6.0 22scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.5.0 38scope: - version: -

Trust: 0.9

vendor:oraclemodel:jdk 1.5.0 36scope: - version: -

Trust: 0.9

vendor:oraclemodel:java runtimescope: - version: -

Trust: 0.7

vendor:sunmodel:jre 1.6.0 20scope: - version: -

Trust: 0.6

vendor:sunmodel:jre 1.6.0 2scope: - version: -

Trust: 0.6

vendor:sunmodel:jre 1.5.0.0 09scope: - version: -

Trust: 0.6

vendor:sunmodel:jre 1.5.0.0 08scope: - version: -

Trust: 0.6

vendor:sunmodel:jre 1.5.0.0 07scope: - version: -

Trust: 0.6

vendor:sunmodel:jdk .0 04scope:eqversion:1.5

Trust: 0.6

vendor:sunmodel:jdk .0 03scope:eqversion:1.5

Trust: 0.6

vendor:sunmodel:jdk 1.6.0 01scope: - version: -

Trust: 0.6

vendor:sunmodel:jdk 1.5.0 12scope: - version: -

Trust: 0.6

vendor:sunmodel:jdk 1.5.0.0 12scope: - version: -

Trust: 0.6

vendor:sunmodel:jdk 1.5.0.0 11scope: - version: -

Trust: 0.6

vendor:sunmodel:jdk 1.5.0.0 09scope: - version: -

Trust: 0.6

vendor:sunmodel:jdk 1.5.0.0 08scope: - version: -

Trust: 0.6

vendor:sunmodel:jdk 01-b06scope:eqversion:1.6

Trust: 0.6

vendor:sunmodel:jdk 11-b03scope:eqversion:1.5

Trust: 0.6

vendor:sunmodel:jdk 07-b03scope:eqversion:1.5

Trust: 0.6

vendor:sunmodel:jdk 06scope:eqversion:1.5

Trust: 0.6

vendor:oraclemodel:jre 1.7.0 12scope: - version: -

Trust: 0.6

vendor:oraclemodel:jre 1.5.0 45scope: - version: -

Trust: 0.6

vendor:oraclemodel:jre 1.7.0 21scope: - version: -

Trust: 0.6

vendor:oraclemodel:jdk 1.7.0 17scope: - version: -

Trust: 0.6

vendor:oraclemodel:jdk 1.5.0 41scope: - version: -

Trust: 0.6

vendor:xeroxmodel:freeflow print server 93.e0.21cscope: - version: -

Trust: 0.3

vendor:xeroxmodel:freeflow print server 91.d2.32scope: - version: -

Trust: 0.3

vendor:xeroxmodel:freeflow print server 82.d1.44scope: - version: -

Trust: 0.3

vendor:xeroxmodel:freeflow print server 81.d0.73scope: - version: -

Trust: 0.3

vendor:xeroxmodel:freeflow print server 73.d2.33scope: - version: -

Trust: 0.3

vendor:xeroxmodel:freeflow print server 73.c5.11scope: - version: -

Trust: 0.3

vendor:ubuntumodel:linux ltsscope:eqversion:12.04

Trust: 0.3

vendor:ubuntumodel:linux ltsscope:eqversion:10.04

Trust: 0.3

vendor:susemodel:linux enterprise software development kit sp3scope:eqversion:11

Trust: 0.3

vendor:susemodel:linux enterprise server sp3 for vmwarescope:eqversion:11

Trust: 0.3

vendor:susemodel:linux enterprise server sp3scope:eqversion:11

Trust: 0.3

vendor:susemodel:linux enterprise server sp4scope:eqversion:10

Trust: 0.3

vendor:susemodel:linux enterprise server sp3 ltssscope:eqversion:10

Trust: 0.3

vendor:susemodel:linux enterprise java sp3scope:eqversion:11

Trust: 0.3

vendor:susemodel:linux enterprise java sp4scope:eqversion:10

Trust: 0.3

vendor:susemodel:linux enterprise desktop sp3scope:eqversion:11

Trust: 0.3

vendor:susemodel:linux enterprise desktop sp2scope:eqversion:11

Trust: 0.3

vendor:susemodel:linux enterprise desktop sp4scope:eqversion:10

Trust: 0.3

vendor:sunmodel:jre 07scope:eqversion:1.5

Trust: 0.3

vendor:sunmodel:jre betascope:eqversion:1.5.0

Trust: 0.3

vendor:sunmodel:jre 1.5.0 09scope: - version: -

Trust: 0.3

vendor:sunmodel:jre 1.5.0 08scope: - version: -

Trust: 0.3

vendor:sunmodel:jdk 1.6.0 01-b06scope: - version: -

Trust: 0.3

vendor:sunmodel:jdk 1.5.0 11-b03scope: - version: -

Trust: 0.3

vendor:sunmodel:jdk 1.5.0 07-b03scope: - version: -

Trust: 0.3

vendor:sunmodel:jdk 1.5.0.0 06scope: - version: -

Trust: 0.3

vendor:sunmodel:jdk 0 09scope:eqversion:1.5

Trust: 0.3

vendor:sunmodel:jdk 0 03scope:eqversion:1.5

Trust: 0.3

vendor:sunmodel:jdk 1.5.0 11scope: - version: -

Trust: 0.3

vendor:sunmodel:jdk 01scope:eqversion:1.6

Trust: 0.3

vendor:sunmodel:jdk 07scope:eqversion:1.5

Trust: 0.3

vendor:sunmodel:jdkscope:eqversion:1.5

Trust: 0.3

vendor:sunmodel:jdk 1.5.0.0 04scope: - version: -

Trust: 0.3

vendor:sunmodel:jdk 1.5.0.0 03scope: - version: -

Trust: 0.3

vendor:schneider electricmodel:trio tview softwarescope:eqversion:3.27.0

Trust: 0.3

vendor:s u s emodel:suse core forscope:eqversion:9x86

Trust: 0.3

vendor:s u s emodel:opensusescope:eqversion:11.4

Trust: 0.3

vendor:s u s emodel:corescope:eqversion:9

Trust: 0.3

vendor:redhatmodel:enterprise linux workstation supplementaryscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux workstation optionalscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux workstationscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux supplementary serverscope:eqversion:5

Trust: 0.3

vendor:redhatmodel:enterprise linux server supplementaryscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux server optionalscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux server eus 6.5.zscope: - version: -

Trust: 0.3

vendor:redhatmodel:enterprise linux server ausscope:eqversion:6.5

Trust: 0.3

vendor:redhatmodel:enterprise linux serverscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux hpc node supplementaryscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux hpc node optionalscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux hpc nodescope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux desktop supplementaryscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux desktop supplementary clientscope:eqversion:5

Trust: 0.3

vendor:redhatmodel:enterprise linux desktop optionalscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux desktopscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linux desktop clientscope:eqversion:5

Trust: 0.3

vendor:redhatmodel:enterprise linux serverscope:eqversion:5

Trust: 0.3

vendor:oraclemodel:enterprise linuxscope:eqversion:6.2

Trust: 0.3

vendor:oraclemodel:enterprise linuxscope:eqversion:6

Trust: 0.3

vendor:oraclemodel:enterprise linuxscope:eqversion:5

Trust: 0.3

vendor:mandrivamodel:business serverscope:eqversion:1x8664

Trust: 0.3

vendor:mandrivamodel:business serverscope:eqversion:1

Trust: 0.3

vendor:mandrakesoftmodel:enterprise server x86 64scope:eqversion:5

Trust: 0.3

vendor:mandrakesoftmodel:enterprise serverscope:eqversion:5

Trust: 0.3

vendor:ibmmodel:websphere real time sr4-fp2scope:eqversion:3

Trust: 0.3

vendor:ibmmodel:websphere real timescope:eqversion:2.0

Trust: 0.3

vendor:ibmmodel:websphere operational decision managementscope:eqversion:7.5.0.0

Trust: 0.3

vendor:ibmmodel:websphere message brokerscope:eqversion:6.1

Trust: 0.3

vendor:ibmmodel:websphere ilog jrulesscope:eqversion:7.1

Trust: 0.3

vendor:ibmmodel:virtualization engine ts7700scope:eqversion:0

Trust: 0.3

vendor:ibmmodel:tivoli system automation for integrated operations managementscope:eqversion:2.1.1

Trust: 0.3

vendor:ibmmodel:tivoli system automation for integrated operations managementscope:eqversion:2.1

Trust: 0.3

vendor:ibmmodel:tivoli provisioning managerscope:eqversion:7.1.1

Trust: 0.3

vendor:ibmmodel:tivoli monitoringscope:eqversion:6.3

Trust: 0.3

vendor:ibmmodel:tivoli monitoring fix packscope:eqversion:6.2.33

Trust: 0.3

vendor:ibmmodel:tivoli monitoringscope:eqversion:6.2.32

Trust: 0.3

vendor:ibmmodel:tivoli monitoringscope:eqversion:6.2.3

Trust: 0.3

vendor:ibmmodel:tivoli monitoringscope:eqversion:6.2.29

Trust: 0.3

vendor:ibmmodel:tivoli monitoringscope:eqversion:6.2.2

Trust: 0.3

vendor:ibmmodel:tivoli monitoring fix packscope:eqversion:6.2.104

Trust: 0.3

vendor:ibmmodel:tivoli monitoringscope:eqversion:6.2.1

Trust: 0.3

vendor:ibmmodel:tivoli monitoring fix packscope:eqversion:6.203

Trust: 0.3

vendor:ibmmodel:tivoli monitoringscope:eqversion:6.2

Trust: 0.3

vendor:ibmmodel:tivoli monitoringscope:eqversion:6.3.0.1

Trust: 0.3

vendor:ibmmodel:tivoli monitoringscope:eqversion:6.2.3.1

Trust: 0.3

vendor:ibmmodel:tivoli monitoring fp6scope:eqversion:6.2.2

Trust: 0.3

vendor:ibmmodel:tivoli monitoring fixpackscope:eqversion:6.2.24

Trust: 0.3

vendor:ibmmodel:tivoli endpoint manager for remote controlscope:eqversion:8.2.1

Trust: 0.3

vendor:ibmmodel:tivoli endpoint manager for remote controlscope:eqversion:8.2

Trust: 0.3

vendor:ibmmodel:tivoli composite application manager for transactionsscope:eqversion:7.3.0.1

Trust: 0.3

vendor:ibmmodel:tivoli composite application manager for transactionsscope:eqversion:7.3.0

Trust: 0.3

vendor:ibmmodel:tivoli composite application manager for transactionsscope:eqversion:7.2.0.2

Trust: 0.3

vendor:ibmmodel:tivoli composite application manager for transactionsscope:eqversion:7.2.0.1

Trust: 0.3

vendor:ibmmodel:tivoli composite application manager for transactionsscope:eqversion:7.2.0

Trust: 0.3

vendor:ibmmodel:tivoli composite application manager for transactionsscope:eqversion:7.1.0.2

Trust: 0.3

vendor:ibmmodel:tivoli composite application manager for transactionsscope:eqversion:7.1.0.1

Trust: 0.3

vendor:ibmmodel:tivoli composite application manager for transactionsscope:eqversion:7.1.0

Trust: 0.3

vendor:ibmmodel:tivoli application dependency discovery managerscope:eqversion:7.2.2

Trust: 0.3

vendor:ibmmodel:tivoli application dependency discovery managerscope:eqversion:7.2.13

Trust: 0.3

vendor:ibmmodel:tivoli application dependency discovery managerscope:eqversion:7.2.12

Trust: 0.3

vendor:ibmmodel:tivoli application dependency discovery managerscope:eqversion:7.2.11

Trust: 0.3

vendor:ibmmodel:tivoli application dependency discovery managerscope:eqversion:7.2.1

Trust: 0.3

vendor:ibmmodel:tivoli application dependency discovery managerscope:eqversion:7.2

Trust: 0.3

vendor:ibmmodel:tivoli application dependency discovery managerscope:eqversion:7.2.1.5

Trust: 0.3

vendor:ibmmodel:tivoli application dependency discovery managerscope:eqversion:7.2.1.4

Trust: 0.3

vendor:ibmmodel:smart analytics systemscope:eqversion:56009.7

Trust: 0.3

vendor:ibmmodel:service delivery managerscope:eqversion:7.2.4

Trust: 0.3

vendor:ibmmodel:service delivery managerscope:eqversion:7.2.2

Trust: 0.3

vendor:ibmmodel:service delivery managerscope:eqversion:7.2.1

Trust: 0.3

vendor:ibmmodel:os/400 v6r1m0scope: - version: -

Trust: 0.3

vendor:ibmmodel:os/400 v5r4m0scope: - version: -

Trust: 0.3

vendor:ibmmodel:operational decision managerscope:eqversion:8.5

Trust: 0.3

vendor:ibmmodel:operational decision managerscope:eqversion:8.0

Trust: 0.3

vendor:ibmmodel:maximo asset managementscope:eqversion:7.2.1

Trust: 0.3

vendor:ibmmodel:maximo asset managementscope:eqversion:7.1.1

Trust: 0.3

vendor:ibmmodel:maximo asset managementscope:eqversion:6.2.8

Trust: 0.3

vendor:ibmmodel:maximo asset managementscope:eqversion:6.2.7

Trust: 0.3

vendor:ibmmodel:maximo asset managementscope:eqversion:6.2.6

Trust: 0.3

vendor:ibmmodel:maximo asset managementscope:eqversion:6.2.5

Trust: 0.3

vendor:ibmmodel:maximo asset managementscope:eqversion:6.2.4

Trust: 0.3

vendor:ibmmodel:maximo asset managementscope:eqversion:6.2.3

Trust: 0.3

vendor:ibmmodel:maximo asset managementscope:eqversion:6.2.2

Trust: 0.3

vendor:ibmmodel:maximo asset managementscope:eqversion:6.2.1

Trust: 0.3

vendor:ibmmodel:maximo asset managementscope:eqversion:7.5

Trust: 0.3

vendor:ibmmodel:maximo asset managementscope:eqversion:7.2

Trust: 0.3

vendor:ibmmodel:maximo asset managementscope:eqversion:6.2

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.5.3

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.5.2

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.5.1

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.0.2

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:9.0

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.5.2.3

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.5.2.2

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.5.2.1

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.5.1.5

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.5.1.4

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.5.1.3

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.5.1.2

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.5.0.1

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.5

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.0.2.6

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.0.2.5

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.0.2.4

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.0.2.3

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.0.2.2

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.0.2.1

Trust: 0.3

vendor:ibmmodel:lotus notesscope:eqversion:8.0

Trust: 0.3

vendor:ibmmodel:lotus dominoscope:eqversion:8.5.4

Trust: 0.3

vendor:ibmmodel:lotus dominoscope:eqversion:8.5.3

Trust: 0.3

vendor:ibmmodel:lotus dominoscope:eqversion:8.5.2

Trust: 0.3

vendor:ibmmodel:lotus dominoscope:eqversion:8.5.1

Trust: 0.3

vendor:ibmmodel:lotus dominoscope:eqversion:8.5

Trust: 0.3

vendor:ibmmodel:lotus dominoscope:eqversion:8.0.2

Trust: 0.3

vendor:ibmmodel:lotus dominoscope:eqversion:8.0.1

Trust: 0.3

vendor:ibmmodel:lotus dominoscope:eqversion:9.0

Trust: 0.3

vendor:ibmmodel:lotus dominoscope:eqversion:8.5.1.1

Trust: 0.3

vendor:ibmmodel:lotus dominoscope:eqversion:8.5.0.1

Trust: 0.3

vendor:ibmmodel:lotus dominoscope:eqversion:8.0.2.4

Trust: 0.3

vendor:ibmmodel:lotus dominoscope:eqversion:8.0.2.3

Trust: 0.3

vendor:ibmmodel:lotus dominoscope:eqversion:8.0.2.2

Trust: 0.3

vendor:ibmmodel:lotus dominoscope:eqversion:8.0.2.1

Trust: 0.3

vendor:ibmmodel:lotus dominoscope:eqversion:8.0

Trust: 0.3

vendor:ibmmodel:java sescope:eqversion:1.4.2

Trust: 0.3

vendor:ibmmodel:java sescope:eqversion:7

Trust: 0.3

vendor:ibmmodel:java sescope:eqversion:6

Trust: 0.3

vendor:ibmmodel:java sescope:eqversion:5.0

Trust: 0.3

vendor:ibmmodel:java sdkscope:eqversion:1.4.2

Trust: 0.3

vendor:ibmmodel:java sdk sr4-fp2scope:eqversion:7

Trust: 0.3

vendor:ibmmodel:java sdkscope:eqversion:7

Trust: 0.3

vendor:ibmmodel:java sdk sr5-fp2scope:eqversion:6.0.1

Trust: 0.3

vendor:ibmmodel:java sdk sr13-fp2scope:eqversion:6

Trust: 0.3

vendor:ibmmodel:java sdkscope:eqversion:6

Trust: 0.3

vendor:ibmmodel:java sdk sr16-fp2scope:eqversion:5.0

Trust: 0.3

vendor:ibmmodel:java sdkscope:eqversion:5

Trust: 0.3

vendor:ibmmodel:java sdk sr13-fp17scope:eqversion:1.4.2

Trust: 0.3

vendor:ibmmodel:integration busscope:eqversion:9.0.0.0

Trust: 0.3

vendor:ibmmodel:i v5r4scope: - version: -

Trust: 0.3

vendor:ibmmodel:iscope:eqversion:7.1

Trust: 0.3

vendor:ibmmodel:iscope:eqversion:6.1

Trust: 0.3

vendor:ibmmodel:flex system manager typesscope:eqversion:87341.3

Trust: 0.3

vendor:ibmmodel:flex system manager typesscope:eqversion:87341.1.0

Trust: 0.3

vendor:ibmmodel:flex system manager typesscope:eqversion:87311.3

Trust: 0.3

vendor:ibmmodel:flex system manager typesscope:eqversion:87311.1.0

Trust: 0.3

vendor:ibmmodel:flex system manager typesscope:eqversion:79551.3

Trust: 0.3

vendor:ibmmodel:flex system manager typesscope:eqversion:79551.1.0

Trust: 0.3

vendor:ibmmodel:cloudburstscope:eqversion:2.1.1

Trust: 0.3

vendor:ibmmodel:cloudburstscope:eqversion:2.1

Trust: 0.3

vendor:ibmmodel:cloudburstscope:eqversion:1.2

Trust: 0.3

vendor:hpmodel:hp-ux b.11.31scope: - version: -

Trust: 0.3

vendor:hpmodel:hp-ux b.11.11scope: - version: -

Trust: 0.3

vendor:hitachimodel:ucosminexus service platformscope:eqversion:8

Trust: 0.3

vendor:hitachimodel:ucosminexus service architectscope:eqversion:8

Trust: 0.3

vendor:hitachimodel:ucosminexus operatorscope:eqversion:8

Trust: 0.3

vendor:hitachimodel:ucosminexus developerscope:eqversion:09-00

Trust: 0.3

vendor:hitachimodel:ucosminexus clientscope:eqversion:8

Trust: 0.3

vendor:hitachimodel:ucosminexus application serverscope:eqversion:09-00

Trust: 0.3

vendor:hitachimodel:cosminexus studioscope:eqversion:5

Trust: 0.3

vendor:hitachimodel:cosminexus studioscope:eqversion:4.0

Trust: 0.3

vendor:hitachimodel:cosminexus server web editionscope:eqversion:-4

Trust: 0.3

vendor:hitachimodel:cosminexus server standard editionscope:eqversion:-4

Trust: 0.3

vendor:hitachimodel:cosminexus developerscope:eqversion:6.0

Trust: 0.3

vendor:hitachimodel:cosminexus developerscope:eqversion:5

Trust: 0.3

vendor:hitachimodel:cosminexus clientscope:eqversion:6

Trust: 0.3

vendor:hitachimodel:cosminexus application serverscope:eqversion:6.0

Trust: 0.3

vendor:hitachimodel:cosminexus application serverscope:eqversion:5.0

Trust: 0.3

vendor:hitachimodel:cosminexusscope:eqversion:9.0

Trust: 0.3

vendor:hitachimodel:cosminexusscope:eqversion:8.0

Trust: 0.3

vendor:hitachimodel:cosminexusscope:eqversion:7.0

Trust: 0.3

vendor:gentoomodel:linuxscope: - version: -

Trust: 0.3

vendor:debianmodel:linux sparcscope:eqversion:6.0

Trust: 0.3

vendor:debianmodel:linux s/390scope:eqversion:6.0

Trust: 0.3

vendor:debianmodel:linux powerpcscope:eqversion:6.0

Trust: 0.3

vendor:debianmodel:linux mipsscope:eqversion:6.0

Trust: 0.3

vendor:debianmodel:linux ia-64scope:eqversion:6.0

Trust: 0.3

vendor:debianmodel:linux ia-32scope:eqversion:6.0

Trust: 0.3

vendor:debianmodel:linux armscope:eqversion:6.0

Trust: 0.3

vendor:debianmodel:linux amd64scope:eqversion:6.0

Trust: 0.3

vendor:centosmodel:centosscope:eqversion:6

Trust: 0.3

vendor:centosmodel:centosscope:eqversion:5

Trust: 0.3

vendor:avayamodel:voice portalscope:eqversion:5.1.3

Trust: 0.3

vendor:avayamodel:voice portalscope:eqversion:5.1.2

Trust: 0.3

vendor:avayamodel:voice portalscope:eqversion:5.1.1

Trust: 0.3

vendor:avayamodel:voice portal sp3scope:eqversion:5.1

Trust: 0.3

vendor:avayamodel:voice portal sp2scope:eqversion:5.1

Trust: 0.3

vendor:avayamodel:voice portal sp1scope:eqversion:5.1

Trust: 0.3

vendor:avayamodel:voice portalscope:eqversion:5.1

Trust: 0.3

vendor:avayamodel:voice portal sp2scope:eqversion:5.0

Trust: 0.3

vendor:avayamodel:voice portal sp1scope:eqversion:5.0

Trust: 0.3

vendor:avayamodel:voice portalscope:eqversion:5.0

Trust: 0.3

vendor:avayamodel:proactive contactscope:eqversion:5.1

Trust: 0.3

vendor:avayamodel:proactive contactscope:eqversion:5.0

Trust: 0.3

vendor:avayamodel:one-x client enablement servicesscope:eqversion:6.2

Trust: 0.3

vendor:avayamodel:one-x client enablement servicesscope:eqversion:6.1

Trust: 0.3

vendor:avayamodel:one-x client enablement servicesscope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:messaging application serverscope:eqversion:5.2.1

Trust: 0.3

vendor:avayamodel:message networkingscope:eqversion:6.2.0

Trust: 0.3

vendor:avayamodel:meeting exchangescope:eqversion:6.2

Trust: 0.3

vendor:avayamodel:meeting exchangescope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:meeting exchangescope:eqversion:5.2

Trust: 0.3

vendor:avayamodel:meeting exchangescope:eqversion:5.1

Trust: 0.3

vendor:avayamodel:meeting exchangescope:eqversion:5.0

Trust: 0.3

vendor:avayamodel:irscope:eqversion:4.0

Trust: 0.3

vendor:avayamodel:ip office application serverscope:eqversion:8.1

Trust: 0.3

vendor:avayamodel:ip office application serverscope:eqversion:8.0

Trust: 0.3

vendor:avayamodel:conferencing standard editionscope:eqversion:6.0.1

Trust: 0.3

vendor:avayamodel:conferencing standard editionscope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:communication server 1000m signaling serverscope:eqversion:7.5

Trust: 0.3

vendor:avayamodel:communication server 1000m signaling serverscope:eqversion:7.0

Trust: 0.3

vendor:avayamodel:communication server 1000m signaling serverscope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:communication server 1000mscope:eqversion:7.5

Trust: 0.3

vendor:avayamodel:communication server 1000mscope:eqversion:7.0

Trust: 0.3

vendor:avayamodel:communication server 1000mscope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:communication server 1000e signaling serverscope:eqversion:7.5

Trust: 0.3

vendor:avayamodel:communication server 1000e signaling serverscope:eqversion:7.0

Trust: 0.3

vendor:avayamodel:communication server 1000e signaling serverscope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:communication server 1000escope:eqversion:7.5

Trust: 0.3

vendor:avayamodel:communication server 1000escope:eqversion:7.0

Trust: 0.3

vendor:avayamodel:communication server 1000escope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:cms r17scope: - version: -

Trust: 0.3

vendor:avayamodel:cms r16.3scope: - version: -

Trust: 0.3

vendor:avayamodel:cms r16scope: - version: -

Trust: 0.3

vendor:avayamodel:cms r15scope: - version: -

Trust: 0.3

vendor:avayamodel:call management system r17.0scope: - version: -

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:6.2.1

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:6.0.2

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:6.0.1

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:6.3

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:6.2

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:6.0.3.9.3

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:6.0.3.8.3

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:6.0.3.0.3

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:1.1

Trust: 0.3

vendor:avayamodel:aura system platformscope:eqversion:1.0

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:6.3

Trust: 0.3

vendor:avayamodel:aura system manager sp3scope:eqversion:6.2

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:6.2

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:6.1.5

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:6.1.3

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:6.1.2

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:6.1.1

Trust: 0.3

vendor:avayamodel:aura system manager sp2scope:eqversion:6.1

Trust: 0.3

vendor:avayamodel:aura system manager sp1scope:eqversion:6.1

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:6.1

Trust: 0.3

vendor:avayamodel:aura system manager sp1scope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:aura system managerscope:eqversion:5.2

Trust: 0.3

vendor:avayamodel:aura sip enablement servicesscope:eqversion:5.2.1

Trust: 0.3

vendor:avayamodel:aura sip enablement servicesscope:eqversion:5.2

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.2.1

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.1.5

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.1.3

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.1.2

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.1.1

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.0.1

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.3

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.2.2

Trust: 0.3

vendor:avayamodel:aura session manager sp1scope:eqversion:6.2

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.2

Trust: 0.3

vendor:avayamodel:aura session manager sp2scope:eqversion:6.1

Trust: 0.3

vendor:avayamodel:aura session manager sp1scope:eqversion:6.1

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.1

Trust: 0.3

vendor:avayamodel:aura session manager sp1scope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:5.2.1

Trust: 0.3

vendor:avayamodel:aura session manager sp2scope:eqversion:5.2

Trust: 0.3

vendor:avayamodel:aura session manager sp1scope:eqversion:5.2

Trust: 0.3

vendor:avayamodel:aura session managerscope:eqversion:5.2

Trust: 0.3

vendor:avayamodel:aura presence servicesscope:eqversion:6.1.2

Trust: 0.3

vendor:avayamodel:aura presence servicesscope:eqversion:6.1.1

Trust: 0.3

vendor:avayamodel:aura presence services sp1scope:eqversion:6.1

Trust: 0.3

vendor:avayamodel:aura presence servicesscope:eqversion:6.1

Trust: 0.3

vendor:avayamodel:aura presence servicesscope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:aura messagingscope:eqversion:6.1.1

Trust: 0.3

vendor:avayamodel:aura messagingscope:eqversion:6.2

Trust: 0.3

vendor:avayamodel:aura messagingscope:eqversion:6.1

Trust: 0.3

vendor:avayamodel:aura messagingscope:eqversion:6.0.1

Trust: 0.3

vendor:avayamodel:aura messagingscope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:aura experience portalscope:eqversion:6.0.2

Trust: 0.3

vendor:avayamodel:aura experience portalscope:eqversion:6.0.1

Trust: 0.3

vendor:avayamodel:aura experience portal sp2scope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:aura experience portal sp1scope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:aura experience portalscope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:aura conferencingscope:eqversion:7.0

Trust: 0.3

vendor:avayamodel:aura conferencing standardscope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:aura conferencing sp1 standardscope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:aura communication manager utility servicesscope:eqversion:6.3

Trust: 0.3

vendor:avayamodel:aura communication manager utility servicesscope:eqversion:6.2

Trust: 0.3

vendor:avayamodel:aura communication manager utility servicesscope:eqversion:6.1

Trust: 0.3

vendor:avayamodel:aura communication manager utility servicesscope:eqversion:6.0

Trust: 0.3

vendor:avayamodel:aura application server sip corescope:eqversion:53003.0

Trust: 0.3

vendor:avayamodel:aura application server sip corescope:eqversion:53002.0

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:5.2.1

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:6.1.2

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:6.1.1

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:6.1

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:5.2.4

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:5.2.3

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:5.2.2

Trust: 0.3

vendor:avayamodel:aura application enablement servicesscope:eqversion:5.2

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.7.5

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.7.4

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.7.3

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.7.2

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.7.1

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.7

Trust: 0.3

vendor:applemodel:mac os serverscope:eqversion:x10.6.8

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.8.4

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.8.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.8.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.7.5

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.8.3

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.8

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.7.4

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.7.3

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.7.2

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.7.1

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.7

Trust: 0.3

vendor:applemodel:mac osscope:eqversion:x10.6.8

Trust: 0.3

vendor:schneider electricmodel:trio tview softwarescope:neversion:3.29.0

Trust: 0.3

vendor:ibmmodel:websphere real time sr5scope:neversion:3

Trust: 0.3

vendor:ibmmodel:websphere message brokerscope:neversion:6.1.0.12

Trust: 0.3

vendor:ibmmodel:virtualization engine ts7700scope:neversion:8.31.0.89

Trust: 0.3

vendor:ibmmodel:tivoli system automation for integrated operations managementscope:neversion:2.1.1.5

Trust: 0.3

vendor:ibmmodel:lotus notes fix packscope:neversion:8.5.35

Trust: 0.3

vendor:ibmmodel:lotus domino fix packscope:neversion:8.5.35

Trust: 0.3

vendor:ibmmodel:java sdk sr5scope:neversion:7

Trust: 0.3

vendor:ibmmodel:java sdk sr6scope:neversion:6.0.1

Trust: 0.3

vendor:ibmmodel:java sdk sr14scope:neversion:6

Trust: 0.3

vendor:ibmmodel:java sdk sr16-fp3scope:neversion:5.0

Trust: 0.3

vendor:ibmmodel:java sdk sr13-fp18scope:neversion:1.4.2

Trust: 0.3

vendor:ibmmodel:integration busscope:neversion:9.0.0.1

Trust: 0.3

sources: ZDI: ZDI-13-160 // BID: 60640 // NVD: CVE-2013-2448

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2013-2448
value: HIGH

Trust: 1.0

ZDI: CVE-2013-2448
value: HIGH

Trust: 0.7

VULMON: CVE-2013-2448
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2013-2448
severity: HIGH
baseScore: 7.6
vectorString: AV:N/AC:H/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: HIGH
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 4.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

sources: ZDI: ZDI-13-160 // VULMON: CVE-2013-2448 // NVD: CVE-2013-2448

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2013-2448

THREAT TYPE

network

Trust: 0.3

sources: BID: 60640

TYPE

Unknown

Trust: 0.3

sources: BID: 60640

PATCH

title:Oracle has issued an update to correct this vulnerability.url:http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html

Trust: 0.7

title:Ubuntu Security Notice: openjdk-7 vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-1907-1

Trust: 0.1

title:Debian Security Advisories: DSA-2727-1 openjdk-6 -- several vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=e7d6ea8eb77ee8911e5bbc08ff43f55c

Trust: 0.1

title:Ubuntu Security Notice: icedtea-web updateurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-1907-2

Trust: 0.1

title:Ubuntu Security Notice: openjdk-6 vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-1908-1

Trust: 0.1

title:Debian Security Advisories: DSA-2722-1 openjdk-7 -- several vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=29128f887c1069c9cc8e265bacca4512

Trust: 0.1

title:Amazon Linux AMI: ALAS-2013-207url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2013-207

Trust: 0.1

title:Red Hat: Low: Red Hat Network Satellite server IBM Java Runtime security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20131456 - Security Advisory

Trust: 0.1

title:Amazon Linux AMI: ALAS-2013-204url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2013-204

Trust: 0.1

title:Red Hat: Low: Red Hat Network Satellite server IBM Java Runtime security updateurl:https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20131455 - Security Advisory

Trust: 0.1

sources: ZDI: ZDI-13-160 // VULMON: CVE-2013-2448

EXTERNAL IDS

db:NVDid:CVE-2013-2448

Trust: 2.9

db:BIDid:60640

Trust: 1.4

db:SECUNIAid:54154

Trust: 1.1

db:USCERTid:TA13-169A

Trust: 1.1

db:ZDIid:ZDI-13-160

Trust: 1.0

db:ZDI_CANid:ZDI-CAN-1795

Trust: 0.7

db:HITACHIid:HS13-015

Trust: 0.3

db:ICS CERTid:ICSA-17-213-02

Trust: 0.3

db:VULMONid:CVE-2013-2448

Trust: 0.1

db:PACKETSTORMid:122551

Trust: 0.1

db:PACKETSTORMid:122879

Trust: 0.1

db:PACKETSTORMid:122405

Trust: 0.1

db:PACKETSTORMid:126195

Trust: 0.1

db:PACKETSTORMid:122109

Trust: 0.1

db:PACKETSTORMid:122273

Trust: 0.1

db:PACKETSTORMid:122084

Trust: 0.1

db:PACKETSTORMid:122522

Trust: 0.1

sources: ZDI: ZDI-13-160 // VULMON: CVE-2013-2448 // BID: 60640 // PACKETSTORM: 122551 // PACKETSTORM: 122879 // PACKETSTORM: 122405 // PACKETSTORM: 126195 // PACKETSTORM: 122109 // PACKETSTORM: 122273 // PACKETSTORM: 122084 // PACKETSTORM: 122522 // NVD: CVE-2013-2448

REFERENCES

url:http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html

Trust: 2.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21642336

Trust: 1.4

url:http://rhn.redhat.com/errata/rhsa-2013-0963.html

Trust: 1.2

url:http://rhn.redhat.com/errata/rhsa-2013-1060.html

Trust: 1.2

url:http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/91ce9432f88d

Trust: 1.1

url:https://bugzilla.redhat.com/show_bug.cgi?id=975125

Trust: 1.1

url:http://secunia.com/advisories/54154

Trust: 1.1

url:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html

Trust: 1.1

url:http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html

Trust: 1.1

url:http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html

Trust: 1.1

url:http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html

Trust: 1.1

url:http://rhn.redhat.com/errata/rhsa-2013-1081.html

Trust: 1.1

url:http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html

Trust: 1.1

url:http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c03898880

Trust: 1.1

url:http://rhn.redhat.com/errata/rhsa-2013-1455.html

Trust: 1.1

url:http://rhn.redhat.com/errata/rhsa-2013-1456.html

Trust: 1.1

url:http://www.us-cert.gov/ncas/alerts/ta13-169a

Trust: 1.1

url:http://marc.info/?l=bugtraq&m=137545592101387&w=2

Trust: 1.1

url:http://marc.info/?l=bugtraq&m=137545505800971&w=2

Trust: 1.1

url:http://www.mandriva.com/security/advisories?name=mdvsa-2013:183

Trust: 1.1

url:http://rhn.redhat.com/errata/rhsa-2013-1059.html

Trust: 1.1

url:http://advisories.mageia.org/mgasa-2013-0185.html

Trust: 1.1

url:http://security.gentoo.org/glsa/glsa-201406-32.xml

Trust: 1.1

url:http://www.securityfocus.com/bid/60640

Trust: 1.1

url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a19692

Trust: 1.1

url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a19669

Trust: 1.1

url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a19632

Trust: 1.1

url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a17052

Trust: 1.1

url:http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html

Trust: 1.1

url:https://access.redhat.com/errata/rhsa-2014:0414

Trust: 1.1

url:https://nvd.nist.gov/vuln/detail/cve-2013-2447

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2013-1500

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2013-2452

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2013-1571

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2013-2448

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2013-2446

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2013-2444

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2013-2450

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2013-2456

Trust: 0.7

url:https://nvd.nist.gov/vuln/detail/cve-2013-2445

Trust: 0.7

url:https://nvd.nist.gov/vuln/detail/cve-2013-2407

Trust: 0.7

url:https://nvd.nist.gov/vuln/detail/cve-2013-2463

Trust: 0.7

url:https://nvd.nist.gov/vuln/detail/cve-2013-2412

Trust: 0.7

url:https://nvd.nist.gov/vuln/detail/cve-2013-2453

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2013-2455

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2013-2457

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2013-2443

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2013-2459

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2013-2465

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2013-2469

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2013-2461

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2013-2451

Trust: 0.5

url:https://nvd.nist.gov/vuln/detail/cve-2013-2454

Trust: 0.5

url:https://www.redhat.com/security/data/cve/cve-2013-2412.html

Trust: 0.5

url:https://www.redhat.com/security/data/cve/cve-2013-2463.html

Trust: 0.5

url:https://www.redhat.com/security/data/cve/cve-2013-2446.html

Trust: 0.5

url:https://www.redhat.com/security/data/cve/cve-2013-1500.html

Trust: 0.5

url:https://www.redhat.com/security/data/cve/cve-2013-2455.html

Trust: 0.5

url:https://www.redhat.com/security/data/cve/cve-2013-2459.html

Trust: 0.5

url:https://www.redhat.com/security/data/cve/cve-2013-2456.html

Trust: 0.5

url:https://www.redhat.com/security/data/cve/cve-2013-2444.html

Trust: 0.5

url:https://www.redhat.com/security/data/cve/cve-2013-2407.html

Trust: 0.5

url:https://www.redhat.com/security/data/cve/cve-2013-2447.html

Trust: 0.5

url:https://www.redhat.com/security/data/cve/cve-2013-2452.html

Trust: 0.5

url:https://www.redhat.com/security/data/cve/cve-2013-2470.html

Trust: 0.5

url:https://access.redhat.com/security/team/contact/

Trust: 0.5

url:https://www.redhat.com/security/data/cve/cve-2013-1571.html

Trust: 0.5

url:https://www.redhat.com/mailman/listinfo/rhsa-announce

Trust: 0.5

url:https://www.redhat.com/security/data/cve/cve-2013-2448.html

Trust: 0.5

url:https://www.redhat.com/security/data/cve/cve-2013-2465.html

Trust: 0.5

url:https://www.redhat.com/security/data/cve/cve-2013-2472.html

Trust: 0.5

url:https://www.redhat.com/security/data/cve/cve-2013-2471.html

Trust: 0.5

url:https://www.redhat.com/security/data/cve/cve-2013-2453.html

Trust: 0.5

url:https://www.redhat.com/security/data/cve/cve-2013-2473.html

Trust: 0.5

url:https://www.redhat.com/security/data/cve/cve-2013-2469.html

Trust: 0.5

url:https://access.redhat.com/security/team/key/#package

Trust: 0.5

url:http://bugzilla.redhat.com/):

Trust: 0.5

url:https://www.redhat.com/security/data/cve/cve-2013-2450.html

Trust: 0.5

url:https://www.redhat.com/security/data/cve/cve-2013-2457.html

Trust: 0.5

url:http://www.ibm.com/developerworks/java/jdk/alerts/

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2013-2470

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2013-2472

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2013-2471

Trust: 0.4

url:https://www.redhat.com/security/data/cve/cve-2013-2454.html

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2013-2458

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2013-2449

Trust: 0.4

url:https://access.redhat.com/knowledge/articles/11258

Trust: 0.4

url:https://www.redhat.com/security/data/cve/cve-2013-2445.html

Trust: 0.4

url:https://www.redhat.com/security/data/cve/cve-2013-2443.html

Trust: 0.4

url:https://www.redhat.com/security/data/cve/cve-2013-2461.html

Trust: 0.4

url:http://www.oracle.com/index.html

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=nas36583326fc6c02fdf86257bc60079968c

Trust: 0.3

url:https://ics-cert.us-cert.gov/advisories/icsa-17-213-02

Trust: 0.3

url:http://alerts.hp.com/r?2.1.3kt.2zr.xg7ek.jtfhr2..t.cyta.7%2a%2ak.bw89mq%5f%5fdehufqb0

Trust: 0.3

url:http://alerts.hp.com/r?2.1.3kt.2zr.xg7ek.jtfhr2..t.cytc.7%2a%2ak.bw89mq%5f%5fdeoifqd0

Trust: 0.3

url:http://alerts.hp.com/r?2.1.3kt.2zr.xg7ek.jz8iz8..t.d3wy.82bm.bw89mq%5f%5fcviafmb0

Trust: 0.3

url:http://www.hitachi.co.jp/prod/comp/soft1/global/security/info/vuls/hs13-015/index.html

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=isg400001621

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21616490

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21640206

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21647053

Trust: 0.3

url:https://downloads.avaya.com/css/p8/documents/100173341

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=nas8n1019760

Trust: 0.3

url:https://downloads.avaya.com/css/p8/documents/100175056

Trust: 0.3

url:http://www.zerodayinitiative.com/advisories/zdi-13-160/

Trust: 0.3

url:http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=migr-5094215

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21644918

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21647384

Trust: 0.3

url:https://www-304.ibm.com/support/docview.wss?uid=swg21643697

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21650599

Trust: 0.3

url:https://www-304.ibm.com/support/docview.wss?uid=ssg1s1004514

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21659761

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21645500

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21648074

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=nas384b70812e39ffb2d86257bbf00581b8d

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=nas301d21b03888172bd86257bbf00581b95

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=nas3d553b85edf79912386257bbf00581ba9

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=nas3a3a4ad6297e8c3df86257bbf00581bb1

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21652561

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg24036927

Trust: 0.3

url:http://www.ubuntu.com/usn/usn-1908-1/

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21663487

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21663199

Trust: 0.3

url:http://www.xerox.com/download/security/security-bulletin/12047-4e4eed8d42ca6/cert_xrx13-007_v1.0.pdf

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2013-2473

Trust: 0.3

url:https://www.redhat.com/security/data/cve/cve-2013-2468.html

Trust: 0.3

url:https://access.redhat.com/security/updates/classification/#critical

Trust: 0.3

url:https://www.redhat.com/security/data/cve/cve-2013-2442.html

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2013-2442

Trust: 0.3

url:https://www.redhat.com/security/data/cve/cve-2013-2460.html

Trust: 0.3

url:https://www.redhat.com/security/data/cve/cve-2013-2464.html

Trust: 0.3

url:https://www.redhat.com/security/data/cve/cve-2013-2449.html

Trust: 0.3

url:https://www.redhat.com/security/data/cve/cve-2013-2466.html

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2013-2437

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2013-2460

Trust: 0.3

url:https://www.redhat.com/security/data/cve/cve-2013-2437.html

Trust: 0.3

url:https://www.redhat.com/security/data/cve/cve-2013-2451.html

Trust: 0.3

url:https://www.redhat.com/security/data/cve/cve-2013-2458.html

Trust: 0.3

url:https://www.redhat.com/security/data/cve/cve-2013-3744.html

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2013-2464

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2013-2400

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2013-2466

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2013-2400.html

Trust: 0.2

url:https://www.redhat.com/security/data/cve/cve-2013-2462.html

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2013-2462

Trust: 0.2

url:https://access.redhat.com/security/updates/classification/#important

Trust: 0.2

url:https://cwe.mitre.org/data/definitions/.html

Trust: 0.1

url:http://tools.cisco.com/security/center/viewalert.x?alertid=29861

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://usn.ubuntu.com/1907-1/

Trust: 0.1

url:http://www.debian.org/security/faq

Trust: 0.1

url:http://www.debian.org/security/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2013-1569

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2013-2424

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2013-1518

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2013-0401

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2013-2420

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2013-1491

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2013-2439

Trust: 0.1

url:http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2013-2394

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2013-2383

Trust: 0.1

url:http://www.hp.com/go/java

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2013-1557

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2013-2384

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2013-2430

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2013-2433

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2013-2429

Trust: 0.1

url:https://www.hp.com/go/swa

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2013-2419

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2013-1537

Trust: 0.1

url:https://h20564.www2.hp.com/portal/site/hpsc/public/kb/

Trust: 0.1

url:https://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2013-2417

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2013-2432

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2014-0451.html

Trust: 0.1

url:http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2014-0449.html

Trust: 0.1

url:https://access.redhat.com/site/articles/11258

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-5896.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-5817.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2014-0452.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-5797.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2014-2428.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2014-0428.html

Trust: 0.1

url:https://rhn.redhat.com/errata/rhsa-2014-0414.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-5910.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2014-0446.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-5782.html

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2013-2468

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-5802.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-5803.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-5832.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-5778.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-5823.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-5899.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-5783.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2014-0457.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-5801.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-5780.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2014-2420.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2014-2409.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-6629.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2014-0416.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2014-0453.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-6954.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-5818.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-5824.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-5789.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-3743.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2014-0403.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-5850.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-5812.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-5842.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2014-0422.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-5902.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-5849.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2014-0368.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-5889.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2014-0415.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2014-2403.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2014-0375.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-5831.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2014-0423.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-5878.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-5776.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2014-0376.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-5848.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2014-0410.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-5852.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-5840.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2014-2427.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-3829.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-5907.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-5772.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2014-0373.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2014-0458.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2014-0411.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2014-0460.html

Trust: 0.1

url:http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-5905.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2014-0417.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2014-0424.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-5819.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2014-2412.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2014-2398.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-5820.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-5809.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-5898.html

Trust: 0.1

url:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2014-2421.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-5884.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-5825.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-5774.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2014-0461.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2014-2423.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-5830.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2014-2414.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-5784.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-5887.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-4002.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2014-0418.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-5906.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2014-0387.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2014-1876.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2014-2401.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2014-0456.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-5790.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-5787.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-5804.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-5843.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-5888.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-5814.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2014-0429.html

Trust: 0.1

url:https://www.redhat.com/security/data/cve/cve-2013-5829.html

Trust: 0.1

url:https://rhn.redhat.com/errata/rhsa-2013-1014.html

Trust: 0.1

url:http://icedtea.classpath.org/hg/release/icedtea7-2.3/file/icedtea-2.3.10/news

Trust: 0.1

url:https://rhn.redhat.com/errata/rhba-2013-0959.html

Trust: 0.1

url:https://rhn.redhat.com/errata/rhsa-2013-0957.html

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/openjdk-6/6b27-1.12.6-1ubuntu0.10.04.2

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/openjdk-6/6b27-1.12.6-1ubuntu0.12.04.2

Trust: 0.1

url:http://www.ubuntu.com/usn/usn-1908-1

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2013-3743

Trust: 0.1

sources: ZDI: ZDI-13-160 // VULMON: CVE-2013-2448 // BID: 60640 // PACKETSTORM: 122551 // PACKETSTORM: 122879 // PACKETSTORM: 122405 // PACKETSTORM: 126195 // PACKETSTORM: 122109 // PACKETSTORM: 122273 // PACKETSTORM: 122084 // PACKETSTORM: 122522 // NVD: CVE-2013-2448

CREDITS

Ben Murphy

Trust: 0.7

sources: ZDI: ZDI-13-160

SOURCES

db:ZDIid:ZDI-13-160
db:VULMONid:CVE-2013-2448
db:BIDid:60640
db:PACKETSTORMid:122551
db:PACKETSTORMid:122879
db:PACKETSTORMid:122405
db:PACKETSTORMid:126195
db:PACKETSTORMid:122109
db:PACKETSTORMid:122273
db:PACKETSTORMid:122084
db:PACKETSTORMid:122522
db:NVDid:CVE-2013-2448

LAST UPDATE DATE

2024-11-22T19:31:54.667000+00:00


SOURCES UPDATE DATE

db:ZDIid:ZDI-13-160date:2013-06-27T00:00:00
db:VULMONid:CVE-2013-2448date:2018-01-05T00:00:00
db:BIDid:60640date:2017-08-14T20:12:00
db:NVDid:CVE-2013-2448date:2022-05-13T14:52:53.670

SOURCES RELEASE DATE

db:ZDIid:ZDI-13-160date:2013-06-27T00:00:00
db:VULMONid:CVE-2013-2448date:2013-06-18T00:00:00
db:BIDid:60640date:2013-06-18T00:00:00
db:PACKETSTORMid:122551date:2013-07-25T21:29:30
db:PACKETSTORMid:122879date:2013-08-20T17:55:00
db:PACKETSTORMid:122405date:2013-07-15T14:57:00
db:PACKETSTORMid:126195date:2014-04-17T22:01:36
db:PACKETSTORMid:122109date:2013-06-21T01:38:12
db:PACKETSTORMid:122273date:2013-07-03T19:05:30
db:PACKETSTORMid:122084date:2013-06-20T00:47:46
db:PACKETSTORMid:122522date:2013-07-24T01:34:03
db:NVDid:CVE-2013-2448date:2013-06-18T22:55:02.453