CVE-2013-2439

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5.0 Update 41 and earlier, and JavaFX 2.2.7 and earlier allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Install.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.9 UNKNOWN
LOCAL
MEDIUM
AV:L/AC:M/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 27%
Affected Products (NVD)
VendorProductVersion
oraclejre
𝑥
≤ 1.7.0
oraclejre
1.7.0
oraclejre
1.7.0
oraclejre
1.7.0
oraclejre
1.7.0
oraclejre
1.7.0
oraclejre
1.7.0
oraclejre
1.7.0
oraclejre
1.7.0
oraclejre
1.7.0
oraclejre
1.7.0
oraclejre
1.7.0
oraclejre
1.7.0
oraclejre
1.7.0
oraclejdk
𝑥
≤ 1.7.0
oraclejdk
1.7.0
oraclejdk
1.7.0
oraclejdk
1.7.0
oraclejdk
1.7.0
oraclejdk
1.7.0
oraclejdk
1.7.0
oraclejdk
1.7.0
oraclejdk
1.7.0
oraclejdk
1.7.0
oraclejdk
1.7.0
oraclejdk
1.7.0
oraclejdk
1.7.0
oraclejdk
1.7.0
oraclejre
𝑥
≤ 1.6.0
oraclejre
1.6.0
oraclejre
1.6.0
oraclejre
1.6.0
oraclejre
1.6.0
oraclejre
1.6.0
oraclejre
1.6.0
oraclejre
1.6.0
oraclejre
1.6.0
oraclejre
1.6.0
oraclejre
1.6.0
oraclejre
1.6.0
oraclejre
1.6.0
oraclejre
1.6.0
oraclejre
1.6.0
oraclejre
1.6.0
oraclejre
1.6.0
oraclejre
1.6.0
sunjre
1.6.0
sunjre
1.6.0
sunjre
1.6.0
sunjre
1.6.0
sunjre
1.6.0
sunjre
1.6.0
sunjre
1.6.0
sunjre
1.6.0
sunjre
1.6.0
sunjre
1.6.0
sunjre
1.6.0
sunjre
1.6.0
sunjre
1.6.0
sunjre
1.6.0
sunjre
1.6.0
sunjre
1.6.0
sunjre
1.6.0
sunjre
1.6.0
sunjre
1.6.0
sunjre
1.6.0
sunjre
1.6.0
oraclejdk
𝑥
≤ 1.6.0
oraclejdk
1.6.0
oraclejdk
1.6.0
oraclejdk
1.6.0
oraclejdk
1.6.0
oraclejdk
1.6.0
oraclejdk
1.6.0
oraclejdk
1.6.0
oraclejdk
1.6.0
oraclejdk
1.6.0
oraclejdk
1.6.0
oraclejdk
1.6.0
oraclejdk
1.6.0
oraclejdk
1.6.0
oraclejdk
1.6.0
oraclejdk
1.6.0
oraclejdk
1.6.0
oraclejdk
1.6.0
sunjdk
1.6.0
sunjdk
1.6.0
sunjdk
1.6.0
sunjdk
1.6.0
sunjdk
1.6.0
sunjdk
1.6.0
sunjdk
1.6.0
sunjdk
1.6.0
sunjdk
1.6.0
sunjdk
1.6.0
sunjdk
1.6.0
sunjdk
1.6.0
sunjdk
1.6.0
sunjdk
1.6.0
sunjdk
1.6.0
sunjdk
1.6.0
sunjdk
1.6.0
sunjdk
1.6.0
sunjdk
1.6.0
sunjdk
1.6.0
sunjdk
1.6.0
oraclejre
𝑥
≤ 1.5.0
oraclejre
1.5.0
oraclejre
1.5.0
oraclejre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
sunjre
1.5.0
oraclejdk
𝑥
≤ 1.5.0
oraclejdk
1.5.0
oraclejdk
1.5.0
oraclejdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
sunjdk
1.5.0
oraclejavafx
𝑥
≤ 2.2.7
oraclejavafx
2.0
oraclejavafx
2.0.2
oraclejavafx
2.0.3
oraclejavafx
2.1
oraclejavafx
2.2
oraclejavafx
2.2.3
oraclejavafx
2.2.4
oraclejavafx
2.2.5
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
icedtea-web
hardy
dne
lucid
not-affected
oneiric
not-affected
precise
not-affected
quantal
not-affected
openjdk-6
hardy
ignored
lucid
not-affected
oneiric
not-affected
precise
not-affected
quantal
not-affected
openjdk-6b18
hardy
dne
lucid
ignored
oneiric
ignored
precise
dne
quantal
dne
openjdk-7
hardy
dne
lucid
dne
oneiric
not-affected
precise
not-affected
quantal
not-affected
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
java-1.6.0-sun
RHEL 6
1:1.6.0.45-1jpp.1.el6
fixed
java-1.6.0-sun-demo
RHEL 6
1:1.6.0.45-1jpp.1.el6
fixed
java-1.6.0-sun-devel
RHEL 6
1:1.6.0.45-1jpp.1.el6
fixed
java-1.6.0-sun-jdbc
RHEL 6
1:1.6.0.45-1jpp.1.el6
fixed
java-1.6.0-sun-plugin
RHEL 6
1:1.6.0.45-1jpp.1.el6
fixed
java-1.6.0-sun-src
RHEL 6
1:1.6.0.45-1jpp.1.el6
fixed
java-1.7.0-oracle
RHEL 6
1:1.7.0.21-1jpp.1.el6
fixed
java-1.7.0-oracle-devel
RHEL 6
1:1.7.0.21-1jpp.1.el6
fixed
java-1.7.0-oracle-javafx
RHEL 6
1:1.7.0.21-1jpp.1.el6
fixed
java-1.7.0-oracle-jdbc
RHEL 6
1:1.7.0.21-1jpp.1.el6
fixed
java-1.7.0-oracle-plugin
RHEL 6
1:1.7.0.21-1jpp.1.el6
fixed
java-1.7.0-oracle-src
RHEL 6
1:1.7.0.21-1jpp.1.el6
fixed
References
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880
http://marc.info/?l=bugtraq&m=137283787217316&w=2
http://rhn.redhat.com/errata/RHSA-2013-0757.html
http://rhn.redhat.com/errata/RHSA-2013-0758.html
http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html
http://www.securityfocus.com/bid/59178
http://www.us-cert.gov/ncas/alerts/TA13-107A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19473
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19541
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880
http://marc.info/?l=bugtraq&m=137283787217316&w=2
http://rhn.redhat.com/errata/RHSA-2013-0757.html
http://rhn.redhat.com/errata/RHSA-2013-0758.html
http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html
http://www.securityfocus.com/bid/59178
http://www.us-cert.gov/ncas/alerts/TA13-107A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19473
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19541