Vulnerability CVE-2013-2464 - CERT Civis.Net

Vulnerability Name:

CVE-2013-2464 (CCN-85030)

Assigned:

2013-06-18

Published:

2013-06-18

Updated:

2022-05-13

Summary:

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-2463, CVE-2013-2465, CVE-2013-2469, CVE-2013-2470, CVE-2013-2471, CVE-2013-2472, and CVE-2013-2473.

CVSS v3 Severity:

10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Changed
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

CVSS v2 Severity:

10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
7.4 High (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

10.0 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
7.4 High (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

6.8 Medium (REDHAT CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (REDHAT Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2013-2464

Source: HP
Type: UNKNOWN
SSRT101305

Source: SUSE
Type: UNKNOWN
SUSE-SU-2013:1255

Source: SUSE
Type: UNKNOWN
SUSE-SU-2013:1256

Source: SUSE
Type: UNKNOWN
SUSE-SU-2013:1257

Source: SUSE
Type: UNKNOWN
SUSE-SU-2013:1263

Source: SUSE
Type: UNKNOWN
SUSE-SU-2013:1264

Source: SUSE
Type: UNKNOWN
SUSE-SU-2013:1293

Source: SUSE
Type: UNKNOWN
SUSE-SU-2013:1305

Source: HP
Type: UNKNOWN
HPSBUX02907

Source: HP
Type: UNKNOWN
HPSBUX02908

Source: CCN
Type: RHSA-2013-0963
Critical: java-1.7.0-oracle security update

Source: REDHAT
Type: UNKNOWN
RHSA-2013:0963

Source: CCN
Type: RHSA-2013-1059
Critical: java-1.6.0-ibm security update

Source: REDHAT
Type: UNKNOWN
RHSA-2013:1059

Source: CCN
Type: RHSA-2013-1060
Critical: java-1.7.0-ibm security update

Source: REDHAT
Type: UNKNOWN
RHSA-2013:1060

Source: CCN
Type: RHSA-2013-1081
Important: java-1.5.0-ibm security update

Source: REDHAT
Type: UNKNOWN
RHSA-2013:1081

Source: CCN
Type: RHSA-2013-1455
Low: Red Hat Network Satellite server IBM Java Runtime security update

Source: REDHAT
Type: UNKNOWN
RHSA-2013:1455

Source: CCN
Type: RHSA-2013-1456
Low: Red Hat Network Satellite server IBM Java Runtime security update

Source: REDHAT
Type: UNKNOWN
RHSA-2013:1456

Source: CCN
Type: SA53759
Hitachi Cosminexus Products Oracle Java Multiple Vulnerabilities

Source: CCN
Type: SA53846
Oracle Java Multiple Vulnerabilities

Source: CCN
Type: SA53890
Apple Mac OS X update for Java

Source: CCN
Type: SA54154
IBM Java Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
54154

Source: CCN
Type: Apple Web site
About the security content of Java for OS X 2013-004 and Mac OS X v10.6 Update 16

Source: CCN
Type: IBM Security Bulletin 1642336
Multiple vulnerabilities in IBM WebSphere Real Time

Source: CONFIRM
Type: UNKNOWN
http://www-01.ibm.com/support/docview.wss?uid=swg21642336

Source: CCN
Type: IBM Security Bulletin 1647053
Multiple security vulnerabilities in IBM JREs 5 & 7

Source: CCN
Type: IBM Security Bulletin 1647384
IBM Operational Decision Manager and WebSphere ILOG JRules: Multiple security vulnerabilities in IBM JRE

Source: CCN
Type: IBM Security Bulletin 1649801
IBM Tivoli Composite Application Manager for Transactions affected by vulnerabilities in IBM JRE (Multiple CVEs)

Source: CCN
Type: IBM Security Bulletin 1650778
IBM Tivoli Monitoring clients affected by vulnerabilities in IBM JRE executed under a security manager

Source: CCN
Type: IBM Security Bulletin 1652561
TADDM 7.2.2.0 and 7.2.1.5: Vulnerabilities in embedded JRE

Source: CCN
Type: IBM Security Bulletin 1653090
CICS Transaction Gateway for Multiplatforms

Source: CCN
Type: Hitachi Security Vulnerability Information HS13-015
Multiple Vulnerabilities in Cosminexus

Source: CCN
Type: IBM Security Bulletin 1650599
IBM Tivoli System Automation for Integrated Operations Management 2.1.1 Vulnerability

Source: CCN
Type: IBM Security Bulletin 1659761
Multiple IBM SDK Java Technology Edition, Version 6 security vulnerabilities addressed in Tivoli Endpoint Manager for Remote Control

Source: CCN
Type: Oracle Web site
Oracle Java SE Critical Patch Update Advisory - June 2013

Source: CONFIRM
Type: Vendor Advisory
http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html

Source: BID
Type: UNKNOWN
60631

Source: CCN
Type: BID-60631
Oracle Java SE CVE-2013-2464 Memory Corruption Vulnerability

Source: CERT
Type: US Government Resource
TA13-169A

Source: REDHAT
Type: UNKNOWN
RHSA-2014:0414

Source: XF
Type: UNKNOWN
oracle-javacpujun2013-cve20132464(85030)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:16389

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:19227

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:19390

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:19708

Source: CCN
Type: ZDI-13-157
Oracle Java CMMImageLayout Memory Corruption Remote Code Execution Vulnerability

Vulnerable Configuration:

Configuration 1:

cpe:/a:oracle:jre:1.7.0:update9:*:*:*:*:*:*

OR cpe:/a:oracle:jre:1.7.0:update15:*:*:*:*:*:*

OR cpe:/a:oracle:jre:1.7.0:update6:*:*:*:*:*:*

OR cpe:/a:oracle:jre:1.7.0:update3:*:*:*:*:*:*

OR cpe:/a:oracle:jre:1.7.0:update13:*:*:*:*:*:*

OR cpe:/a:oracle:jre:1.7.0:update10:*:*:*:*:*:*

OR cpe:/a:oracle:jre:*:update21:*:*:*:*:*:* (Version <= 1.7.0)

OR cpe:/a:oracle:jre:1.7.0:update11:*:*:*:*:*:*

OR cpe:/a:oracle:jre:1.7.0:update2:*:*:*:*:*:*

OR cpe:/a:oracle:jre:1.7.0:update5:*:*:*:*:*:*

OR cpe:/a:oracle:jre:1.7.0:*:*:*:*:*:*:*

OR cpe:/a:oracle:jre:1.7.0:update1:*:*:*:*:*:*

OR cpe:/a:oracle:jre:1.7.0:update7:*:*:*:*:*:*

OR cpe:/a:oracle:jre:1.7.0:update4:*:*:*:*:*:*

OR cpe:/a:oracle:jre:1.7.0:update17:*:*:*:*:*:*

Configuration 2:

cpe:/a:oracle:jdk:1.7.0:update6:*:*:*:*:*:*

OR cpe:/a:oracle:jdk:1.7.0:update5:*:*:*:*:*:*

OR cpe:/a:oracle:jdk:1.7.0:update7:*:*:*:*:*:*

OR cpe:/a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*

OR cpe:/a:oracle:jdk:1.7.0:update13:*:*:*:*:*:*

OR cpe:/a:oracle:jdk:1.7.0:update11:*:*:*:*:*:*

OR cpe:/a:oracle:jdk:1.7.0:*:*:*:*:*:*:*

OR cpe:/a:oracle:jdk:1.7.0:update9:*:*:*:*:*:*

OR cpe:/a:oracle:jdk:*:update21:*:*:*:*:*:* (Version <= 1.7.0)

OR cpe:/a:oracle:jdk:1.7.0:update15:*:*:*:*:*:*

OR cpe:/a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*

OR cpe:/a:oracle:jdk:1.7.0:update10:*:*:*:*:*:*

OR cpe:/a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*

OR cpe:/a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*

OR cpe:/a:oracle:jdk:1.7.0:update17:*:*:*:*:*:*

Configuration 3:

cpe:/a:sun:jre:1.6.0:update_3:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.6.0:update_5:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.6.0:update_13:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.6.0:update_1:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.6.0:update_2:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.6.0:update_16:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.6.0:update_20:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.6.0:update_15:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.6.0:update_6:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.6.0:update_19:*:*:*:*:*:*

OR cpe:/a:oracle:jre:1.6.0:update35:*:*:*:*:*:*

OR cpe:/a:oracle:jre:1.6.0:update27:*:*:*:*:*:*

OR cpe:/a:oracle:jre:1.6.0:update26:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.6.0:update_18:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.6.0:update_17:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.6.0:update_10:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.6.0:update_9:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.6.0:-:*:*:*:*:*:*

OR cpe:/a:oracle:jre:1.6.0:update33:*:*:*:*:*:*

OR cpe:/a:oracle:jre:1.6.0:update25:*:*:*:*:*:*

OR cpe:/a:oracle:jre:1.6.0:update24:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.6.0:update_7:*:*:*:*:*:*

OR cpe:/a:oracle:jre:1.6.0:update39:*:*:*:*:*:*

OR cpe:/a:oracle:jre:1.6.0:update30:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.6.0:update_12:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.6.0:update_11:*:*:*:*:*:*

OR cpe:/a:oracle:jre:1.6.0:update32:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.6.0:update_21:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.6.0:update_14:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.6.0:update_4:*:*:*:*:*:*

OR cpe:/a:oracle:jre:1.6.0:update37:*:*:*:*:*:*

OR cpe:/a:oracle:jre:1.6.0:update34:*:*:*:*:*:*

OR cpe:/a:oracle:jre:1.6.0:update41:*:*:*:*:*:*

OR cpe:/a:oracle:jre:1.6.0:update43:*:*:*:*:*:*

OR cpe:/a:oracle:jre:1.6.0:update38:*:*:*:*:*:*

OR cpe:/a:oracle:jre:1.6.0:update29:*:*:*:*:*:*

OR cpe:/a:oracle:jre:1.6.0:update31:*:*:*:*:*:*

OR cpe:/a:oracle:jre:1.6.0:update23:*:*:*:*:*:*

OR cpe:/a:oracle:jre:1.6.0:update22:*:*:*:*:*:*

OR cpe:/a:oracle:jre:*:update45:*:*:*:*:*:* (Version <= 1.6.0)

Configuration 4:

cpe:/a:sun:jdk:1.6.0:update_4:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.6.0:update_7:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.6.0:update_19:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.6.0:update_13:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.6.0:update_3:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.6.0:update_11:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.6.0:update_10:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.6.0:update_14:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.6.0:-:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.6.0:update_17:*:*:*:*:*:*

OR cpe:/a:oracle:jdk:1.6.0:update25:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.6.0:update_18:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.6.0:update_16:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.6.0:update_6:*:*:*:*:*:*

OR cpe:/a:oracle:jdk:1.6.0:update33:*:*:*:*:*:*

OR cpe:/a:oracle:jdk:1.6.0:update32:*:*:*:*:*:*

OR cpe:/a:oracle:jdk:1.6.0:update24:*:*:*:*:*:*

OR cpe:/a:oracle:jdk:1.6.0:update23:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.6.0:update_15:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.6.0:update_5:*:*:*:*:*:*

OR cpe:/a:oracle:jdk:1.6.0:update29:*:*:*:*:*:*

OR cpe:/a:oracle:jdk:1.6.0:update27:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.6.0:update_20:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.6.0:update1_b06:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.6.0:update1:*:*:*:*:*:*

OR cpe:/a:oracle:jdk:1.6.0:update31:*:*:*:*:*:*

OR cpe:/a:oracle:jdk:1.6.0:update22:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.6.0:update_21:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.6.0:update_12:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.6.0:update2:*:*:*:*:*:*

OR cpe:/a:oracle:jdk:1.6.0:update35:*:*:*:*:*:*

OR cpe:/a:oracle:jdk:1.6.0:update34:*:*:*:*:*:*

OR cpe:/a:oracle:jdk:1.6.0:update26:*:*:*:*:*:*

OR cpe:/a:oracle:jdk:1.6.0:update39:*:*:*:*:*:*

OR cpe:/a:oracle:jdk:1.6.0:update41:*:*:*:*:*:*

OR cpe:/a:oracle:jdk:1.6.0:update43:*:*:*:*:*:*

OR cpe:/a:oracle:jdk:1.6.0:update38:*:*:*:*:*:*

OR cpe:/a:oracle:jdk:1.6.0:update37:*:*:*:*:*:*

OR cpe:/a:oracle:jdk:1.6.0:update30:*:*:*:*:*:*

OR cpe:/a:oracle:jdk:*:update45:*:*:*:*:*:* (Version <= 1.6.0)

Configuration 5:

cpe:/a:sun:jre:1.5.0:update22:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.5.0:update31:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.5.0:-:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.5.0:update18:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.5.0:update27:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.5.0:update2:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.5.0:update13:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.5.0:update24:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.5.0:update12:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.5.0:update26:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.5.0:update33:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.5.0:update21:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.5.0:update14:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.5.0:update5:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.5.0:update4:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.5.0:update28:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.5.0:update23:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.5.0:update16:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.5.0:update15:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.5.0:update8:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.5.0:update7:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.5.0:update6:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.5.0:update20:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.5.0:update19:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.5.0:update11:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.5.0:update3:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.5.0:update25:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.5.0:update10:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.5.0:update9:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.5.0:update1:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.5.0:update29:*:*:*:*:*:*

OR cpe:/a:oracle:jre:1.5.0:update41:*:*:*:*:*:*

OR cpe:/a:oracle:jre:*:update45:*:*:*:*:*:* (Version <= 1.5.0)

OR cpe:/a:oracle:jre:1.5.0:update38:*:*:*:*:*:*

OR cpe:/a:oracle:jre:1.5.0:update36:*:*:*:*:*:*

OR cpe:/a:oracle:jre:1.5.0:update40:*:*:*:*:*:*

OR cpe:/a:oracle:jre:1.5.0:update39:*:*:*:*:*:*

OR cpe:/a:sun:jre:1.5.0:update17:*:*:*:*:*:*

Configuration 6:

cpe:/a:sun:jdk:1.5.0:update20:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update15:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update18:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update27:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update3:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update21:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update31:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update11:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update26:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update16:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update28:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update11_b03:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update5:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update4:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update29:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update12:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update7:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update6:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update25:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update17:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update9:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update2:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update1:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update33:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update24:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update23:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update22:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update14:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update7_b03:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:-:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update19:*:*:*:*:*:*

OR cpe:/a:oracle:jdk:*:update45:*:*:*:*:*:* (Version <= 1.5.0)

OR cpe:/a:sun:jdk:1.5.0:update13:*:*:*:*:*:*

OR cpe:/a:oracle:jdk:1.5.0:update39:*:*:*:*:*:*

OR cpe:/a:oracle:jdk:1.5.0:update41:*:*:*:*:*:*

OR cpe:/a:oracle:jdk:1.5.0:update38:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update10:*:*:*:*:*:*

OR cpe:/a:oracle:jdk:1.5.0:update36:*:*:*:*:*:*

OR cpe:/a:sun:jdk:1.5.0:update8:*:*:*:*:*:*

OR cpe:/a:oracle:jdk:1.5.0:update40:*:*:*:*:*:*

Configuration RedHat 1:

cpe:/a:redhat:rhel_extras_oracle_java:5:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/a:redhat:rhel_extras_oracle_java:6:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:oracle:jre:1.7.0:*:*:*:*:*:*:*

OR cpe:/a:oracle:jre:1.7.0:update1:*:*:*:*:*:*

OR cpe:/a:oracle:jre:1.7.0:update2:*:*:*:*:*:*

OR cpe:/a:oracle:jre:1.7.0:update4:*:*:*:*:*:*

OR cpe:/a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*

OR cpe:/a:oracle:jre:1.7.0:update3:*:*:*:*:*:*

OR cpe:/a:oracle:jdk:1.7.0:*:*:*:*:*:*:*

OR cpe:/a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*

OR cpe:/a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*

OR cpe:/a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*

OR cpe:/a:oracle:jre:1.7.0:update6:*:*:*:*:*:*

OR cpe:/a:oracle:jre:1.7.0:update5:*:*:*:*:*:*

OR cpe:/a:oracle:jre:1.7.0:update7:*:*:*:*:*:*

OR cpe:/a:oracle:jre:1.7.0:update9:*:*:*:*:*:*

OR cpe:/a:oracle:jre:1.7.0:update10:*:*:*:*:*:*

OR cpe:/a:oracle:jdk:1.7.0:update7:*:*:*:*:*:*

OR cpe:/a:oracle:jdk:1.7.0:update5:*:*:*:*:*:*

OR cpe:/a:oracle:jdk:1.7.0:update6:*:*:*:*:*:*

OR cpe:/a:oracle:jre:1.7.0:update11:*:*:*:*:*:*

OR cpe:/a:oracle:jre:1.7.0:update13:*:*:*:*:*:*

OR cpe:/a:oracle:jre:1.7.0:update15:*:*:*:*:*:*

OR cpe:/a:oracle:jre:1.7.0:update17:*:*:*:*:*:*

OR cpe:/a:oracle:jdk:1.7.0:update9:*:*:*:*:*:*

OR cpe:/a:oracle:jdk:1.7.0:update10:*:*:*:*:*:*

OR cpe:/a:oracle:jdk:1.7.0:update11:*:*:*:*:*:*

OR cpe:/a:oracle:jdk:1.7.0:update13:*:*:*:*:*:*

OR cpe:/a:oracle:jdk:1.7.0:update15:*:*:*:*:*:*

OR cpe:/a:oracle:jdk:1.7.0:update17:*:*:*:*:*:*

OR cpe:/a:oracle:jre:1.7.0:update21:*:*:*:*:*:*

OR cpe:/a:oracle:jdk:1.7.0:update21:*:*:*:*:*:*

AND

cpe:/a:hitachi:cosminexus_application_server:6:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_message_broker:6.1:*:*:*:*:*:*:*

OR cpe:/a:hitachi:cosminexus_developer:5:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_monitoring:6.2.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_monitoring:6.2.2:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x:10.6.8:*:*:*:*:*:*:*

OR cpe:/o:apple:mac_os_x_server:10.6.8:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_real_time:3.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_monitoring:6.2.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:operational_decision_manager:8.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_monitoring:6.2.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:operational_decision_manager:7.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:operational_decision_manager:8.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_monitoring:6.3.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:integration_bus:9.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_application_dependency_discovery_manager:7.2.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_application_dependency_discovery_manager:7.2.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_application_dependency_discovery_manager:7.2.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_application_dependency_discovery_manager:7.2.1.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_endpoint_manager:8.0:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:7729	P	p7zip-16.02-150200.14.9.2 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:7707	P	libykcs11-1-1.6.2-4.30 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:20132464	V	CVE-2013-2464	2022-05-20
oval:org.opensuse.security:def:33794	P	Security update for libvirt (Important)	2022-01-10
oval:org.opensuse.security:def:29495	P	Security update for net-snmp (Important)	2022-01-05
oval:org.opensuse.security:def:26188	P	Security update for gegl (Important)	2021-12-28
oval:org.opensuse.security:def:33066	P	Security update for chrony (Moderate)	2021-12-22
oval:org.opensuse.security:def:33065	P	Security update for xorg-x11-server (Important)	2021-12-20
oval:org.opensuse.security:def:7005	P	Security update for the Linux Kernel (Live Patch 27 for SLE 15 SP1) (Important)	2021-12-14
oval:org.opensuse.security:def:26177	P	Security update for webkit2gtk3 (Important)	2021-12-01
oval:org.opensuse.security:def:26176	P	Security update for speex (Moderate)	2021-12-01
oval:org.opensuse.security:def:33745	P	Security update for java-1_7_0-openjdk (Important)	2021-11-24
oval:org.opensuse.security:def:34579	P	Security update for java-11-openjdk (Important)	2021-10-27
oval:org.opensuse.security:def:6980	P	Security update for the Linux Kernel (Live Patch 22 for SLE 15 SP1) (Important)	2021-10-14
oval:org.opensuse.security:def:34539	P	Security update for postgresql13 (Moderate)	2021-09-16
oval:org.opensuse.security:def:29410	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:33688	P	Security update for systemd (Important)	2021-07-21
oval:org.opensuse.security:def:36495	P	libtirpc-devel-0.2.1-1.7.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36537	P	perl-base-32bit-5.10.0-64.72.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:6905	P	Security update for the Linux Kernel (Live Patch 12 for SLE 15 SP1) (Important)	2021-05-25
oval:org.opensuse.security:def:33901	P	Security update for cups (Important)	2021-04-30
oval:org.opensuse.security:def:13238	P	java-1_6_0-ibm-1.6.0_sr16.1-5.9 on GA media (Moderate)	2021-04-29
oval:org.opensuse.security:def:46358	P	java-1_6_0-ibm-1.6.0_sr16.1-5.9 on GA media (Moderate)	2021-04-29
oval:org.opensuse.security:def:6886	P	Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP1) (Important)	2021-04-28
oval:org.opensuse.security:def:29353	P	Security update for gdm (Important)	2021-04-28
oval:org.opensuse.security:def:6871	P	Security update for the Linux Kernel (Live Patch 17 for SLE 15 SP1) (Important)	2021-04-07
oval:org.opensuse.security:def:7069	P	Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP2) (Important)	2021-04-07
oval:org.opensuse.security:def:33077	P	Security update for java-1_7_1-ibm (Important)	2021-02-18
oval:org.opensuse.security:def:7056	P	Security update for the Linux Kernel (Important)	2020-12-10
oval:org.opensuse.security:def:35785	P	mono-core-2.6.7-0.7.19 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35697	P	findutils-4.4.0-38.26.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35813	P	python-sssd-config-1.5.11-0.9.96 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35746	P	libfreebl3-3.13.1-0.2.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35638	P	squid-2.7.STABLE5-2.4.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35857	P	PackageKit-0.3.14-2.28.46 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:33291	P	xinetd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26894	P	file-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29136	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:34999	P	Security update for glibc (Important)	2020-12-01
oval:org.opensuse.security:def:29648	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:29055	P	Security update for bind (Moderate)	2020-12-01
oval:org.opensuse.security:def:35388	P	Security update for openldap2 (Important)	2020-12-01
oval:org.opensuse.security:def:29852	P	Security update for the Linux Kernel	2020-12-01
oval:org.opensuse.security:def:26380	P	Security update for irssi (Moderate)	2020-12-01
oval:org.opensuse.security:def:7038	P	libgadu3 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26806	P	perl-libwww-perl on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33531	P	Security update for Xerces-j2	2020-12-01
oval:org.opensuse.security:def:27590	P	xorg-x11-server-sdk on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33857	P	Security update for ipsec-tools (Moderate)	2020-12-01
oval:org.opensuse.security:def:35230	P	Security update for libmspack (Moderate)	2020-12-01
oval:org.opensuse.security:def:29790	P	Security update for gtk2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:6778	P	libvte9 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:6748	P	libqt4-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26602	P	libsndfile on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33386	P	Security update for compat-openssl097g (Moderate)	2020-12-01
oval:org.opensuse.security:def:26908	P	gnutls on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29267	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:35010	P	Security update for gnutls (Moderate)	2020-12-01
oval:org.opensuse.security:def:29702	P	Security update for Mozilla Firefox	2020-12-01
oval:org.opensuse.security:def:29056	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:35478	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:30490	P	Security update for dhcpcd (Important)	2020-12-01
oval:org.opensuse.security:def:26461	P	Security update for chromium (Important)	2020-12-01
oval:org.opensuse.security:def:7047	P	libhogweed2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33156	P	libjasper on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26855	P	OpenEXR on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29067	P	Security update for clamav (Important)	2020-12-01
oval:org.opensuse.security:def:27625	P	Security update for java-1_4_2-ibm	2020-12-01
oval:org.opensuse.security:def:35331	P	Security update for minicom (Moderate)	2020-12-01
oval:org.opensuse.security:def:29808	P	Security update for jakarta-commons-fileupload	2020-12-01
oval:org.opensuse.security:def:6824	P	python-libxml2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26252	P	Security update for mariadb-100 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26753	P	libmysqlclient15-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33443	P	Security update for fetchmail	2020-12-01
oval:org.opensuse.security:def:26952	P	libgtop on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33833	P	Security update for gnutls (Moderate)	2020-12-01
oval:org.opensuse.security:def:35094	P	Security update for Linux kernel	2020-12-01
oval:org.opensuse.security:def:29751	P	Security update for gd (Moderate)	2020-12-01
oval:org.opensuse.security:def:6756	P	libsndfile1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30527	P	Security update for java-1_4_2-ibm	2020-12-01
oval:org.opensuse.security:def:34998	P	Security update for glibc (Important)	2020-12-01
oval:org.opensuse.security:def:26518	P	OpenEXR on GA media (Moderate)	2020-12-01
oval:com.redhat.rhsa:def:20140414	P	RHSA-2014:0414: java-1.6.0-sun security update (Important)	2017-12-15
oval:org.mitre.oval:def:19227	V	HP-UX Running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities	2015-04-20
oval:org.mitre.oval:def:19390	V	HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities	2015-04-20
oval:org.mitre.oval:def:19708	V	HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities	2015-04-20
oval:org.mitre.oval:def:16389	V	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.	2015-03-23
oval:org.mitre.oval:def:21131	P	RHSA-2013:1060: java-1.7.0-ibm security update (Critical)	2015-03-09
oval:org.mitre.oval:def:21196	P	RHSA-2013:1081: java-1.5.0-ibm security update (Important)	2015-03-09
oval:org.mitre.oval:def:21219	P	RHSA-2013:1059: java-1.6.0-ibm security update (Critical)	2015-03-09
oval:org.mitre.oval:def:25636	P	SUSE-SU-2013:1255-3 -- Security update for IBM Java 1.6.0	2014-09-08
oval:org.mitre.oval:def:25772	P	SUSE-SU-2013:1263-2 -- Security update for java-1_5_0-ibm	2014-09-08
oval:org.mitre.oval:def:25907	P	SUSE-SU-2013:1255-1 -- Security update for java-1_6_0-ibm	2014-09-08
oval:org.mitre.oval:def:25638	P	SUSE-SU-2013:1305-1 -- Security update for IBM Java 1.6.0	2014-09-08
oval:org.mitre.oval:def:25783	P	SUSE-SU-2013:1293-2 -- Security update for IBM Java 1.4.2	2014-09-08
oval:org.mitre.oval:def:25723	P	SUSE-SU-2013:1255-2 -- Security update for java-1_6_0-ibm	2014-09-08
oval:org.mitre.oval:def:25834	P	SUSE-SU-2013:1264-1 -- Security update for java-1_4_2-ibm	2014-09-08
oval:org.mitre.oval:def:25263	P	SUSE-SU-2013:1263-1 -- Security update for java-1_5_0-ibm	2014-09-08
oval:org.mitre.oval:def:25758	P	SUSE-SU-2013:1257-1 -- Security update for java-1_7_0-ibm	2014-09-08
oval:org.mitre.oval:def:25853	P	SUSE-SU-2013:1256-1 -- Security update for java-1_7_0-ibm	2014-09-08
oval:org.mitre.oval:def:24739	P	ELSA-2014:0414: java-1.6.0-sun security update (Important)	2014-07-21
oval:org.mitre.oval:def:24557	P	RHSA-2014:0414: java-1.6.0-sun security update (Important)	2014-06-09
oval:org.mitre.oval:def:23596	P	ELSA-2013:1060: java-1.7.0-ibm security update (Critical)	2014-05-26
oval:org.mitre.oval:def:23756	P	ELSA-2013:0963: java-1.7.0-oracle security update (Critical)	2014-05-26
oval:org.mitre.oval:def:24028	P	ELSA-2013:1081: java-1.5.0-ibm security update (Important)	2014-05-26
oval:org.mitre.oval:def:24095	P	ELSA-2013:1059: java-1.6.0-ibm security update (Critical)	2014-05-26
oval:org.mitre.oval:def:20743	P	RHSA-2013:0963: java-1.7.0-oracle security update (Critical)	2014-02-17
oval:com.redhat.rhsa:def:20131081	P	RHSA-2013:1081: java-1.5.0-ibm security update (Important)	2013-07-16
oval:com.redhat.rhsa:def:20131059	P	RHSA-2013:1059: java-1.6.0-ibm security update (Critical)	2013-07-15
oval:com.redhat.rhsa:def:20131060	P	RHSA-2013:1060: java-1.7.0-ibm security update (Critical)	2013-07-15
oval:com.redhat.rhsa:def:20130963	P	RHSA-2013:0963: java-1.7.0-oracle security update (Critical)	2013-06-20
oval:com.ubuntu.precise:def:20132464000	V	CVE-2013-2464 on Ubuntu 12.04 LTS (precise) - medium.	2013-06-18