CVE-2013-5788

{"id": "CVE-2013-5788", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2013-10-16T15:55:34.587", "references": [{"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html", "tags": ["Third Party Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html", "tags": ["Third Party Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html", "tags": ["Third Party Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://secunia.com/advisories/56338", "tags": ["Not Applicable"], "source": "secalert_us@oracle.com"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201", "tags": ["Third Party Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html", "tags": ["Patch", "Vendor Advisory"], "source": "secalert_us@oracle.com"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18607", "tags": ["Broken Link"], "source": "secalert_us@oracle.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment."}, {"lang": "es", "value": "Vulnerabilidad no especificada en Oracle Java SE 7u40 y anteriores y Java SE Embedded 7u40 y anteriores permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a trav\u00e9s de vectores desconocidos relacionados con Deployment."}], "lastModified": "2024-04-01T15:50:29.317", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:jdk:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8586C281-5388-4B7A-AB6B-52804472D9F5", "versionEndExcluding": "1.7.0"}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ACABC935-5DD6-4F85-992E-70AD517EF41D"}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6152036D-6421-4AE4-9223-766FE07B5A44"}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update10:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FE8B0935-6637-413D-B896-28E0ED7F2CEC"}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update11:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "30B480BC-0886-4B19-B0A5-57B531077F40"}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update13:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7FA1990D-BBC2-429C-872C-6150459516B1"}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update15:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8DC2887E-610B-42FE-9A96-1E2F01BF17A3"}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update17:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "130849CD-A581-4FE6-B2AA-99134F16FE65"}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D375CECB-405C-4E18-A7E8-9C5A2F97BD69"}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update21:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "50AF5AE9-5314-4CE7-95A7-CE6D1B036D23"}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update25:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1B10B19C-FA60-4CD5-AA61-A9791F6CECA8"}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "52EEEA5A-E77C-43CF-A063-9D5C64EA1870"}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "003746F6-DEF0-4D0F-AD97-9E335868E301"}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CF830E0E-0169-4B6A-81FF-2E9FCD7D913B"}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6BAE3670-0938-480A-8472-DFF0B3A0D0BF"}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update7:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0EC967FF-26A6-4498-BC09-EC23B2B75CBA"}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update9:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "02781457-4E40-46A9-A5F7-945232A8C2B1"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3BD83469-FDD0-499F-AA08-88D555BDB350", "versionEndExcluding": "1.7.0"}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DFAA351A-93CD-46A8-A480-CE2783CCD620"}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F4B153FD-E20B-4909-8B10-884E48F5B590"}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update10:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F21933FB-A27C-4AF3-9811-2DE28484A5A6"}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update11:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B2B20041-EB5D-4FA4-AC7D-C35E7878BCFD"}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update13:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F3C3C9C7-73AE-4B1D-AA85-C7F5330A4DE6"}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update15:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1D8BB8D7-D5EC-42D6-BEAA-CB03D1D6513E"}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update17:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "37B5B98B-0E41-4397-8AB0-C18C6F10AED1"}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CB106FA9-26CE-48C5-AEA5-FD1A5454AEE2"}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update21:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4FF6C211-AD55-40FE-9130-77164E586F62"}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update25:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F40DB141-E5B3-4EC2-9E2F-2E27414FCCB1"}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5831D70B-3854-4CB8-B88D-40F1743DAEE0"}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EEB101C9-CA38-4421-BC0C-C1AD47AA2CC9"}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BA302DF3-ABBB-4262-B206-4C0F7B5B1E91"}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F9A8EBCB-5E6A-42F0-8D07-F3A3D1C850F0"}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update7:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0CD8A54E-185B-4D34-82EF-C0C05739EC12"}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update9:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4FFC7F0D-1F32-4235-8359-277CE41382DF"}], "operator": "OR"}]}], "evaluatorComment": "Per: http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html\n\n\n\n\"Applies to client deployment of Java only. This vulnerability can be exploited only through sandboxed Java Web Start applications and sandboxed Java applets.\"", "sourceIdentifier": "secalert_us@oracle.com"}