CVE-2013-1571

Unspecified vulnerability in the Javadoc component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier; JavaFX 2.2.21 and earlier; and OpenJDK 7 allows remote attackers to affect integrity via unknown vectors related to Javadoc. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to frame injection in HTML that is generated by Javadoc.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 96%
Affected Products (NVD)
VendorProductVersion
oraclejdk
𝑥
≤ 1.6.0
oraclejdk
1.6.0
oraclejdk
1.6.0
oraclejdk
1.6.0
oraclejdk
1.6.0
oraclejdk
1.6.0
oraclejdk
1.6.0
oraclejdk
1.6.0
oraclejdk
1.6.0
oraclejdk
1.6.0
oraclejdk
1.6.0
oraclejdk
1.6.0
oraclejdk
1.6.0
oraclejdk
1.6.0
oraclejdk
1.6.0
oraclejdk
1.6.0
oraclejdk
1.6.0
oraclejdk
1.6.0
oraclejdk
1.6.0
sunjdk
1.6.0
sunjdk
1.6.0
sunjdk
1.6.0
sunjdk
1.6.0
sunjdk
1.6.0
sunjdk
1.6.0
sunjdk
1.6.0
sunjdk
1.6.0
sunjdk
1.6.0
sunjdk
1.6.0
sunjdk
1.6.0
sunjdk
1.6.0
sunjdk
1.6.0
sunjdk
1.6.0
sunjdk
1.6.0
sunjdk
1.6.0
sunjdk
1.6.0
sunjdk
1.6.0
sunjdk
1.6.0
sunjdk
1.6.0
sunjdk
1.6.0
oraclejdk
𝑥
≤ 1.7.0
oraclejdk
1.7.0
oraclejdk
1.7.0
oraclejdk
1.7.0
oraclejdk
1.7.0
oraclejdk
1.7.0
oraclejdk
1.7.0
oraclejdk
1.7.0
oraclejdk
1.7.0
oraclejdk
1.7.0
oraclejdk
1.7.0
oraclejdk
1.7.0
oraclejdk
1.7.0
oraclejdk
1.7.0
oraclejdk
1.7.0
oraclejdk
𝑥
≤ 1.5.0
oraclejdk
1.5.0
oraclejdk
1.5.0
oraclejdk
1.5.0
oraclejdk
1.5.0
oraclejdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
oraclejre
𝑥
≤ 1.5.0
oraclejre
1.5.0
oraclejre
1.5.0
oraclejre
1.5.0
oraclejre
1.5.0
oraclejre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
oraclejre
𝑥
≤ 1.7.0
oraclejre
1.7.0
oraclejre
1.7.0
oraclejre
1.7.0
oraclejre
1.7.0
oraclejre
1.7.0
oraclejre
1.7.0
oraclejre
1.7.0
oraclejre
1.7.0
oraclejre
1.7.0
oraclejre
1.7.0
oraclejre
1.7.0
oraclejre
1.7.0
oraclejre
1.7.0
oraclejre
1.7.0
oraclejre
𝑥
≤ 1.6.0
oraclejre
1.6.0
oraclejre
1.6.0
oraclejre
1.6.0
oraclejre
1.6.0
oraclejre
1.6.0
oraclejre
1.6.0
oraclejre
1.6.0
oraclejre
1.6.0
oraclejre
1.6.0
oraclejre
1.6.0
oraclejre
1.6.0
oraclejre
1.6.0
oraclejre
1.6.0
oraclejre
1.6.0
oraclejre
1.6.0
oraclejre
1.6.0
oraclejre
1.6.0
oraclejre
1.6.0
sunjre
1.6.0
sunjre
1.6.0
sunjre
1.6.0
sunjre
1.6.0
sunjre
1.6.0
sunjre
1.6.0
sunjre
1.6.0
sunjre
1.6.0
sunjre
1.6.0
sunjre
1.6.0
sunjre
1.6.0
sunjre
1.6.0
sunjre
1.6.0
sunjre
1.6.0
sunjre
1.6.0
sunjre
1.6.0
sunjre
1.6.0
sunjre
1.6.0
sunjre
1.6.0
sunjre
1.6.0
sunjre
1.6.0
oraclejavafx
𝑥
≤ 2.2.21
oraclejavafx
2.0
oraclejavafx
2.0.2
oraclejavafx
2.0.3
oraclejavafx
2.1
oraclejavafx
2.2
oraclejavafx
2.2.3
oraclejavafx
2.2.4
oraclejavafx
2.2.5
oraclejavafx
2.2.7
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
openjdk-6
lucid
Fixed 6b27-1.12.6-1ubuntu0.10.04.1
released
precise
Fixed 6b27-1.12.6-1ubuntu0.12.04.1
released
quantal
Fixed 6b27-1.12.6-1ubuntu0.12.10.2
released
raring
Fixed 6b27-1.12.6-1ubuntu0.13.04.2
released
openjdk-6b18
lucid
ignored
precise
dne
quantal
dne
raring
dne
openjdk-7
lucid
dne
precise
Fixed 7u25-2.3.10-1ubuntu0.12.04.2
released
quantal
Fixed 7u25-2.3.10-1ubuntu0.12.10.2
released
raring
Fixed 7u25-2.3.10-1ubuntu0.13.04.2
released
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
ant
suse enterprise desktop 15
1.9.10-1.34
fixed
suse enterprise desktop 15 SP1
1.9.10-3.3.1
fixed
suse enterprise sap 12 SP5
1.9.4-3.3.1
fixed
suse enterprise sap 15
1.9.10-1.34
fixed
suse enterprise sap 15 SP1
1.9.10-3.3.1
fixed
suse enterprise server 12 SP2
1.9.4-1.6
fixed
suse enterprise server 12 SP5
1.9.4-3.3.1
fixed
suse enterprise server 15
1.9.10-1.34
fixed
suse enterprise server 15 SP1
1.9.10-3.3.1
fixed
ant-antlr
suse enterprise desktop 15
1.9.10-1.33
fixed
suse enterprise desktop 15 SP1
1.9.10-3.3.1
fixed
suse enterprise sap 15
1.9.10-1.33
fixed
suse enterprise sap 15 SP1
1.9.10-3.3.1
fixed
suse enterprise server 15
1.9.10-1.33
fixed
suse enterprise server 15 SP1
1.9.10-3.3.1
fixed
ant-apache-bcel
suse enterprise desktop 15
1.9.10-1.33
fixed
suse enterprise desktop 15 SP1
1.9.10-3.3.1
fixed
suse enterprise sap 15
1.9.10-1.33
fixed
suse enterprise sap 15 SP1
1.9.10-3.3.1
fixed
suse enterprise server 15
1.9.10-1.33
fixed
suse enterprise server 15 SP1
1.9.10-3.3.1
fixed
ant-apache-bsf
suse enterprise desktop 15
1.9.10-1.33
fixed
suse enterprise desktop 15 SP1
1.9.10-3.3.1
fixed
suse enterprise sap 15
1.9.10-1.33
fixed
suse enterprise sap 15 SP1
1.9.10-3.3.1
fixed
suse enterprise server 15
1.9.10-1.33
fixed
suse enterprise server 15 SP1
1.9.10-3.3.1
fixed
ant-apache-log4j
suse enterprise desktop 15
1.9.10-1.33
fixed
suse enterprise desktop 15 SP1
1.9.10-3.3.1
fixed
suse enterprise sap 15
1.9.10-1.33
fixed
suse enterprise sap 15 SP1
1.9.10-3.3.1
fixed
suse enterprise server 15
1.9.10-1.33
fixed
suse enterprise server 15 SP1
1.9.10-3.3.1
fixed
ant-apache-oro
suse enterprise desktop 15
1.9.10-1.33
fixed
suse enterprise desktop 15 SP1
1.9.10-3.3.1
fixed
suse enterprise sap 15
1.9.10-1.33
fixed
suse enterprise sap 15 SP1
1.9.10-3.3.1
fixed
suse enterprise server 15
1.9.10-1.33
fixed
suse enterprise server 15 SP1
1.9.10-3.3.1
fixed
ant-apache-regexp
suse enterprise desktop 15
1.9.10-1.33
fixed
suse enterprise desktop 15 SP1
1.9.10-3.3.1
fixed
suse enterprise sap 15
1.9.10-1.33
fixed
suse enterprise sap 15 SP1
1.9.10-3.3.1
fixed
suse enterprise server 15
1.9.10-1.33
fixed
suse enterprise server 15 SP1
1.9.10-3.3.1
fixed
ant-apache-resolver
suse enterprise desktop 15
1.9.10-1.33
fixed
suse enterprise desktop 15 SP1
1.9.10-3.3.1
fixed
suse enterprise sap 15
1.9.10-1.33
fixed
suse enterprise sap 15 SP1
1.9.10-3.3.1
fixed
suse enterprise server 15
1.9.10-1.33
fixed
suse enterprise server 15 SP1
1.9.10-3.3.1
fixed
ant-commons-logging
suse enterprise desktop 15
1.9.10-1.33
fixed
suse enterprise desktop 15 SP1
1.9.10-3.3.1
fixed
suse enterprise sap 15
1.9.10-1.33
fixed
suse enterprise sap 15 SP1
1.9.10-3.3.1
fixed
suse enterprise server 15
1.9.10-1.33
fixed
suse enterprise server 15 SP1
1.9.10-3.3.1
fixed
ant-javamail
suse enterprise desktop 15
1.9.10-1.33
fixed
suse enterprise desktop 15 SP1
1.9.10-3.3.1
fixed
suse enterprise sap 15
1.9.10-1.33
fixed
suse enterprise sap 15 SP1
1.9.10-3.3.1
fixed
suse enterprise server 15
1.9.10-1.33
fixed
suse enterprise server 15 SP1
1.9.10-3.3.1
fixed
ant-jdepend
suse enterprise desktop 15
1.9.10-1.33
fixed
suse enterprise desktop 15 SP1
1.9.10-3.3.1
fixed
suse enterprise sap 15
1.9.10-1.33
fixed
suse enterprise sap 15 SP1
1.9.10-3.3.1
fixed
suse enterprise server 15
1.9.10-1.33
fixed
suse enterprise server 15 SP1
1.9.10-3.3.1
fixed
ant-jmf
suse enterprise desktop 15
1.9.10-1.34
fixed
suse enterprise desktop 15 SP1
1.9.10-3.3.1
fixed
suse enterprise sap 15
1.9.10-1.34
fixed
suse enterprise sap 15 SP1
1.9.10-3.3.1
fixed
suse enterprise server 15
1.9.10-1.34
fixed
suse enterprise server 15 SP1
1.9.10-3.3.1
fixed
ant-junit
suse enterprise desktop 15
1.9.10-1.33
fixed
suse enterprise desktop 15 SP1
1.9.10-3.3.1
fixed
suse enterprise sap 15
1.9.10-1.33
fixed
suse enterprise sap 15 SP1
1.9.10-3.3.1
fixed
suse enterprise server 15
1.9.10-1.33
fixed
suse enterprise server 15 SP1
1.9.10-3.3.1
fixed
ant-manual
suse enterprise desktop 15
1.9.10-1.33
fixed
suse enterprise desktop 15 SP1
1.9.10-3.3.1
fixed
suse enterprise sap 15
1.9.10-1.33
fixed
suse enterprise sap 15 SP1
1.9.10-3.3.1
fixed
suse enterprise server 15
1.9.10-1.33
fixed
suse enterprise server 15 SP1
1.9.10-3.3.1
fixed
ant-scripts
suse enterprise desktop 15
1.9.10-1.34
fixed
suse enterprise desktop 15 SP1
1.9.10-3.3.1
fixed
suse enterprise sap 15
1.9.10-1.34
fixed
suse enterprise sap 15 SP1
1.9.10-3.3.1
fixed
suse enterprise server 15
1.9.10-1.34
fixed
suse enterprise server 15 SP1
1.9.10-3.3.1
fixed
ant-swing
suse enterprise desktop 15
1.9.10-1.34
fixed
suse enterprise desktop 15 SP1
1.9.10-3.3.1
fixed
suse enterprise sap 15
1.9.10-1.34
fixed
suse enterprise sap 15 SP1
1.9.10-3.3.1
fixed
suse enterprise server 15
1.9.10-1.34
fixed
suse enterprise server 15 SP1
1.9.10-3.3.1
fixed
java-1_7_0-openjdk
suse enterprise sap 12 SP5
1.7.0.231-43.27.2
fixed
suse enterprise server 12 SP2
1.7.0.111-33.1
fixed
suse enterprise server 12 SP5
1.7.0.231-43.27.2
fixed
java-1_7_0-openjdk-demo
suse enterprise sap 12 SP5
1.7.0.231-43.27.2
fixed
suse enterprise server 12 SP2
1.7.0.111-33.1
fixed
suse enterprise server 12 SP5
1.7.0.231-43.27.2
fixed
java-1_7_0-openjdk-devel
suse enterprise sap 12 SP5
1.7.0.231-43.27.2
fixed
suse enterprise server 12 SP2
1.7.0.111-33.1
fixed
suse enterprise server 12 SP5
1.7.0.231-43.27.2
fixed
java-1_7_0-openjdk-headless
suse enterprise sap 12 SP5
1.7.0.231-43.27.2
fixed
suse enterprise server 12 SP2
1.7.0.111-33.1
fixed
suse enterprise server 12 SP5
1.7.0.231-43.27.2
fixed
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
java-1.5.0-ibm
RHEL 6
1:1.5.0.16.3-1jpp.1.el6_4
fixed
java-1.5.0-ibm-demo
RHEL 6
1:1.5.0.16.3-1jpp.1.el6_4
fixed
java-1.5.0-ibm-devel
RHEL 6
1:1.5.0.16.3-1jpp.1.el6_4
fixed
java-1.5.0-ibm-javacomm
RHEL 6
1:1.5.0.16.3-1jpp.1.el6_4
fixed
java-1.5.0-ibm-jdbc
RHEL 6
1:1.5.0.16.3-1jpp.1.el6_4
fixed
java-1.5.0-ibm-plugin
RHEL 6
1:1.5.0.16.3-1jpp.1.el6_4
fixed
java-1.5.0-ibm-src
RHEL 6
1:1.5.0.16.3-1jpp.1.el6_4
fixed
java-1.6.0-ibm
RHEL 6
1:1.6.0.14.0-1jpp.1.el6_4
fixed
java-1.6.0-ibm-demo
RHEL 6
1:1.6.0.14.0-1jpp.1.el6_4
fixed
java-1.6.0-ibm-devel
RHEL 6
1:1.6.0.14.0-1jpp.1.el6_4
fixed
java-1.6.0-ibm-javacomm
RHEL 6
1:1.6.0.14.0-1jpp.1.el6_4
fixed
java-1.6.0-ibm-jdbc
RHEL 6
1:1.6.0.14.0-1jpp.1.el6_4
fixed
java-1.6.0-ibm-plugin
RHEL 6
1:1.6.0.14.0-1jpp.1.el6_4
fixed
java-1.6.0-ibm-src
RHEL 6
1:1.6.0.14.0-1jpp.1.el6_4
fixed
java-1.6.0-openjdk
RHEL 6
1:1.6.0.0-1.62.1.11.11.90.el6_4
fixed
java-1.6.0-openjdk-demo
RHEL 6
1:1.6.0.0-1.62.1.11.11.90.el6_4
fixed
java-1.6.0-openjdk-devel
RHEL 6
1:1.6.0.0-1.62.1.11.11.90.el6_4
fixed
java-1.6.0-openjdk-javadoc
RHEL 6
1:1.6.0.0-1.62.1.11.11.90.el6_4
fixed
java-1.6.0-openjdk-src
RHEL 6
1:1.6.0.0-1.62.1.11.11.90.el6_4
fixed
java-1.7.0-ibm
RHEL 6
1:1.7.0.5.0-1jpp.2.el6_4
fixed
java-1.7.0-ibm-demo
RHEL 6
1:1.7.0.5.0-1jpp.2.el6_4
fixed
java-1.7.0-ibm-devel
RHEL 6
1:1.7.0.5.0-1jpp.2.el6_4
fixed
java-1.7.0-ibm-jdbc
RHEL 6
1:1.7.0.5.0-1jpp.2.el6_4
fixed
java-1.7.0-ibm-plugin
RHEL 6
1:1.7.0.5.0-1jpp.2.el6_4
fixed
java-1.7.0-ibm-src
RHEL 6
1:1.7.0.5.0-1jpp.2.el6_4
fixed
java-1.7.0-openjdk
RHEL 6
1:1.7.0.25-2.3.10.3.el6_4
fixed
java-1.7.0-openjdk-demo
RHEL 6
1:1.7.0.25-2.3.10.3.el6_4
fixed
java-1.7.0-openjdk-devel
RHEL 6
1:1.7.0.25-2.3.10.3.el6_4
fixed
java-1.7.0-openjdk-javadoc
RHEL 6
1:1.7.0.25-2.3.10.3.el6_4
fixed
java-1.7.0-openjdk-src
RHEL 6
1:1.7.0.25-2.3.10.3.el6_4
fixed
java-1.7.0-oracle
RHEL 6
1:1.7.0.25-1jpp.1.el6_4
fixed
java-1.7.0-oracle-devel
RHEL 6
1:1.7.0.25-1jpp.1.el6_4
fixed
java-1.7.0-oracle-javafx
RHEL 6
1:1.7.0.25-1jpp.1.el6_4
fixed
java-1.7.0-oracle-jdbc
RHEL 6
1:1.7.0.25-1jpp.1.el6_4
fixed
java-1.7.0-oracle-plugin
RHEL 6
1:1.7.0.25-1jpp.1.el6_4
fixed
java-1.7.0-oracle-src
RHEL 6
1:1.7.0.25-1jpp.1.el6_4
fixed
References
http://advisories.mageia.org/MGASA-2013-0185.html
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880
http://hg.openjdk.java.net/jdk7u/jdk7u-dev/langtools/rev/17ee569d0c01
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html
http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html
http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html
http://marc.info/?l=bugtraq&m=137545505800971&w=2
http://marc.info/?l=bugtraq&m=137545592101387&w=2
http://rhn.redhat.com/errata/RHSA-2013-0963.html
http://rhn.redhat.com/errata/RHSA-2013-1059.html
http://rhn.redhat.com/errata/RHSA-2013-1060.html
http://rhn.redhat.com/errata/RHSA-2013-1081.html
http://rhn.redhat.com/errata/RHSA-2013-1455.html
http://rhn.redhat.com/errata/RHSA-2013-1456.html
http://secunia.com/advisories/54154
http://security.gentoo.org/glsa/glsa-201406-32.xml
http://www-01.ibm.com/support/docview.wss?uid=swg21642336
http://www-01.ibm.com/support/docview.wss?uid=swg21644197
http://www.kb.cert.org/vuls/id/225657
http://www.mandriva.com/security/advisories?name=MDVSA-2013:183
http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html
http://www.securityfocus.com/bid/60634
http://www.us-cert.gov/ncas/alerts/TA13-169A
https://access.redhat.com/errata/RHSA-2014:0414
https://bugzilla.redhat.com/show_bug.cgi?id=973474
https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/re0504f08000df786e51795940501e81a5d0ae981ecca68141e87ece0%40%3Ccommits.openoffice.apache.org%3E
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17215
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19518
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19667
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19718
http://advisories.mageia.org/MGASA-2013-0185.html
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880
http://hg.openjdk.java.net/jdk7u/jdk7u-dev/langtools/rev/17ee569d0c01
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html
http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html
http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html
http://marc.info/?l=bugtraq&m=137545505800971&w=2
http://marc.info/?l=bugtraq&m=137545592101387&w=2
http://rhn.redhat.com/errata/RHSA-2013-0963.html
http://rhn.redhat.com/errata/RHSA-2013-1059.html
http://rhn.redhat.com/errata/RHSA-2013-1060.html
http://rhn.redhat.com/errata/RHSA-2013-1081.html
http://rhn.redhat.com/errata/RHSA-2013-1455.html
http://rhn.redhat.com/errata/RHSA-2013-1456.html
http://secunia.com/advisories/54154
http://security.gentoo.org/glsa/glsa-201406-32.xml
http://www-01.ibm.com/support/docview.wss?uid=swg21642336
http://www-01.ibm.com/support/docview.wss?uid=swg21644197
http://www.kb.cert.org/vuls/id/225657
http://www.mandriva.com/security/advisories?name=MDVSA-2013:183
http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html
http://www.securityfocus.com/bid/60634
http://www.us-cert.gov/ncas/alerts/TA13-169A
https://access.redhat.com/errata/RHSA-2014:0414
https://bugzilla.redhat.com/show_bug.cgi?id=973474
https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/re0504f08000df786e51795940501e81a5d0ae981ecca68141e87ece0%40%3Ccommits.openoffice.apache.org%3E
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17215
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19518
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19667
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19718