[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2013-1488":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T20:55:29.923Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":62,"aliases":97,"duplicate_of":9,"upstream":98,"downstream":99,"duplicates":112,"related":113,"reserved_at":9,"published_at":115,"modified_at":116,"state":117,"summary":118,"references_raw":126,"kevs":232,"epss":233,"epss_history":236,"metrics":450,"affected":453},"CVE-2013-1488","The Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to execute arbitrary code via unspecified vectors involving reflection, Libraries, \"improper toString calls,\" and the JDBC driver manager, as demonstrated by James Forshaw during a Pwn2Own competition at CanSecWest 2013.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-94","Improper Control of Generation of Code ('Code Injection')","The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.","weakness","Draft","Base","Medium",[20,24,58],{"id":21,"name":22,"techniques":23},"CAPEC-242","Code Injection",[],{"id":25,"name":26,"techniques":27},"CAPEC-35","Leverage Executable Code in Non-Executable Files",[28,39,46],{"id":29,"name":30,"tactics":31,"countermeasures":38},"T1027.006","HTML Smuggling",[32,35],{"id":33,"name":34},"TA0030","Defense Evasion",{"id":36,"name":37},"TA0005","Stealth",[],{"id":40,"name":41,"tactics":42,"countermeasures":45},"T1027.009","Embedded Payloads",[43,44],{"id":33,"name":34},{"id":36,"name":37},[],{"id":47,"name":48,"tactics":49,"countermeasures":52},"T1564.009","Resource Forking",[50,51],{"id":33,"name":34},{"id":36,"name":37},[53],{"id":54,"name":55,"tactic":56},"D3-FFV","File Format Verification",{"name":57},"Isolate",{"id":59,"name":60,"techniques":61},"CAPEC-77","Manipulating User-Controlled Variables",[],[63,78],{"_key":64,"name":65,"source":66,"url":67,"maturity":68,"reliability_score":69,"verified":70,"type":71,"platforms":72,"requires_auth":9,"exploitdb":74,"metasploit":9},"26135","Java Applet - Driver Manager Privileged 'toString()' Remote Code Execution (Metasploit)","exploit-database","https://www.exploit-db.com/exploits/26135","weaponized",0.8,true,"remote",[73],"multiple",{"verified":70,"type":71,"platform":73,"file":75,"codes":76},"exploits/multiple/remote/26135.rb",[7,77],"OSVDB-91472",{"_key":79,"name":80,"source":81,"url":82,"maturity":68,"reliability_score":83,"verified":70,"type":71,"platforms":84,"requires_auth":85,"exploitdb":9,"metasploit":86},"MSF_EXPLOIT_MULTI_BROWSER_JAVA_JRE17_DRIVER_MANAGER","Java Applet Driver Manager Privileged toString() Remote Code Execution","metasploit","https://github.com/rapid7/metasploit-framework/blob/master/modules/exploit/multi/browser/java_jre17_driver_manager.rb",1,[],false,{"fullname":87,"rank":88,"rank_name":89,"post_auth":85,"check":85,"notes":90},"exploit/multi/browser/java_jre17_driver_manager",600,"excellent",{"Stability":91,"SideEffects":93,"Reliability":95},[92],"unknown-stability",[94],"unknown-side-effects",[96],"unknown-reliability",[],[],[100,102,104,106,108,110],{"_key":101},"RHSA-2013:0770",{"_key":103},"OPENSUSE-SU-2024:10534-1",{"_key":105},"RHSA-2013:0751",{"_key":107},"RHSA-2013:0752",{"_key":109},"RHSA-2013:0757",{"_key":111},"RHSA-2013:0822",[],[114],{"_key":103},"2013-03-08T18:00:00.000Z","2024-08-06T15:04:48.817Z","Modified",{"cisa_kev":85,"cisa_ransomware":85,"cisa_vendor":9,"epss_severity":119,"epss_score":120,"severity":121,"severity_score":122,"severity_version":123,"severity_source":124,"severity_vector":125,"severity_status":117},"critical",0.86252,"high",10,"v2.0","nvd","AV:N/AC:L/Au:N/C:C/I:C/A:C",[127,135,141,146,152,157,164,169,173,178,182,186,191,195,199,203,207,212,216,220,224,228],{"url":128,"sources":129,"tags":131},"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16511",[130,124],"cve.org",[132,133,134],"VDB Entry","Signature","X Refsource OVAL",{"url":136,"sources":137,"tags":138},"http://security.gentoo.org/glsa/glsa-201406-32.xml",[130,124],[139,140],"Vendor Advisory","X Refsource GENTOO",{"url":142,"sources":143,"tags":144},"http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/a19614a3dabb",[130,124],[145],"X Refsource MISC",{"url":147,"sources":148,"tags":149},"http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2013-April/022796.html",[130,124],[150,151],"Mailing List","X Refsource MLIST",{"url":153,"sources":154,"tags":155},"http://www.mandriva.com/security/advisories?name=MDVSA-2013:145",[130,124],[139,156],"X Refsource MANDRIVA",{"url":158,"sources":159,"tags":160},"http://www.us-cert.gov/ncas/alerts/TA13-107A",[130,124],[161,162,163],"Third Party Advisory","X Refsource CERT","US Government Resource",{"url":165,"sources":166,"tags":167},"http://blog.fuseyism.com/index.php/2013/04/25/security-icedtea-1-11-11-1-12-5-for-openjdk-6-released/",[130,124],[168],"X Refsource CONFIRM",{"url":170,"sources":171,"tags":172},"https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0130",[130,124],[168],{"url":174,"sources":175,"tags":176},"http://rhn.redhat.com/errata/RHSA-2013-0757.html",[130,124],[139,177],"X Refsource REDHAT",{"url":179,"sources":180,"tags":181},"https://twitter.com/thezdi/status/309425888188043264",[130,124],[145],{"url":183,"sources":184,"tags":185},"https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0124",[130,124],[168],{"url":187,"sources":188,"tags":189},"http://lists.opensuse.org/opensuse-updates/2013-05/msg00017.html",[130,124],[139,190],"X Refsource SUSE",{"url":192,"sources":193,"tags":194},"http://www.mandriva.com/security/advisories?name=MDVSA-2013:161",[130,124],[139,156],{"url":196,"sources":197,"tags":198},"http://lists.opensuse.org/opensuse-updates/2013-06/msg00099.html",[130,124],[139,190],{"url":200,"sources":201,"tags":202},"http://www.zdnet.com/pwn2own-down-go-all-the-browsers-7000012283/",[130,124],[145],{"url":204,"sources":205,"tags":206},"http://rhn.redhat.com/errata/RHSA-2013-0752.html",[130,124],[139,177],{"url":208,"sources":209,"tags":210},"http://www.ubuntu.com/usn/USN-1806-1",[130,124],[139,211],"X Refsource UBUNTU",{"url":213,"sources":214,"tags":215},"http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00007.html",[130,124],[139,190],{"url":217,"sources":218,"tags":219},"https://bugzilla.redhat.com/show_bug.cgi?id=920247",[130,124],[145],{"url":221,"sources":222,"tags":223},"http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html",[130,124],[168],{"url":225,"sources":226,"tags":227},"http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released/",[130,124],[168],{"url":229,"sources":230,"tags":231},"http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/Pwn2Own-2013/ba-p/5981157",[130,124],[145],[],{"date":234,"score":120,"percentile":235},"2026-06-04",0.99418,[237,241,244,246,248,251,253,255,257,259,261,263,265,267,269,272,274,277,279,281,283,285,288,290,292,294,298,301,304,307,309,311,313,315,318,321,324,326,328,330,332,334,336,339,342,344,346,348,351,353,356,358,360,362,365,368,370,372,375,378,381,383,385,387,389,391,393,395,397,401,404,406,408,410,413,416,418,420,422,424,426,428,430,432,434,436,438,440,444,447],{"date":238,"score":239,"percentile":240},"2025-11-04",0.86772,0.99381,{"date":242,"score":239,"percentile":243},"2025-11-05",0.99382,{"date":245,"score":239,"percentile":240},"2025-11-06",{"date":247,"score":239,"percentile":243},"2025-11-07",{"date":249,"score":239,"percentile":250},"2025-11-08",0.9938,{"date":252,"score":239,"percentile":250},"2025-11-09",{"date":254,"score":239,"percentile":250},"2025-11-10",{"date":256,"score":239,"percentile":240},"2025-11-11",{"date":258,"score":239,"percentile":240},"2025-11-12",{"date":260,"score":239,"percentile":243},"2025-11-13",{"date":262,"score":239,"percentile":240},"2025-11-14",{"date":264,"score":239,"percentile":240},"2025-11-15",{"date":266,"score":239,"percentile":240},"2025-11-16",{"date":268,"score":239,"percentile":240},"2025-11-17",{"date":270,"score":239,"percentile":271},"2025-11-18",0.99508,{"date":273,"score":239,"percentile":271},"2025-11-19",{"date":275,"score":239,"percentile":276},"2025-11-20",0.99507,{"date":278,"score":239,"percentile":240},"2025-11-21",{"date":280,"score":239,"percentile":240},"2025-11-22",{"date":282,"score":239,"percentile":243},"2025-11-23",{"date":284,"score":239,"percentile":240},"2025-11-24",{"date":286,"score":239,"percentile":287},"2025-11-25",0.99383,{"date":289,"score":239,"percentile":243},"2025-11-26",{"date":291,"score":239,"percentile":287},"2025-11-27",{"date":293,"score":239,"percentile":287},"2025-11-28",{"date":295,"score":296,"percentile":297},"2025-11-29",0.85092,0.99304,{"date":299,"score":296,"percentile":300},"2025-11-30",0.99303,{"date":302,"score":296,"percentile":303},"2025-12-01",0.99314,{"date":305,"score":296,"percentile":306},"2025-12-02",0.99315,{"date":308,"score":296,"percentile":306},"2025-12-03",{"date":310,"score":296,"percentile":300},"2025-12-04",{"date":312,"score":296,"percentile":297},"2025-12-05",{"date":314,"score":296,"percentile":297},"2025-12-06",{"date":316,"score":296,"percentile":317},"2025-12-07",0.99305,{"date":319,"score":296,"percentile":320},"2025-12-08",0.99306,{"date":322,"score":296,"percentile":323},"2025-12-09",0.99307,{"date":325,"score":296,"percentile":323},"2025-12-10",{"date":327,"score":296,"percentile":323},"2025-12-11",{"date":329,"score":296,"percentile":323},"2025-12-12",{"date":331,"score":296,"percentile":323},"2025-12-13",{"date":333,"score":296,"percentile":323},"2025-12-14",{"date":335,"score":296,"percentile":323},"2025-12-15",{"date":337,"score":296,"percentile":338},"2025-12-16",0.99309,{"date":340,"score":296,"percentile":341},"2025-12-17",0.9931,{"date":343,"score":296,"percentile":338},"2025-12-18",{"date":345,"score":296,"percentile":338},"2025-12-19",{"date":347,"score":296,"percentile":341},"2025-12-20",{"date":349,"score":296,"percentile":350},"2025-12-21",0.99311,{"date":352,"score":296,"percentile":350},"2025-12-22",{"date":354,"score":296,"percentile":355},"2025-12-23",0.99312,{"date":357,"score":296,"percentile":303},"2025-12-24",{"date":359,"score":296,"percentile":303},"2025-12-25",{"date":361,"score":296,"percentile":303},"2025-12-26",{"date":363,"score":296,"percentile":364},"2025-12-27",0.99318,{"date":366,"score":296,"percentile":367},"2025-12-28",0.99316,{"date":369,"score":296,"percentile":367},"2025-12-29",{"date":371,"score":296,"percentile":367},"2025-12-30",{"date":373,"score":296,"percentile":374},"2025-12-31",0.99317,{"date":376,"score":296,"percentile":377},"2026-01-01",0.99329,{"date":379,"score":296,"percentile":380},"2026-01-02",0.9933,{"date":382,"score":296,"percentile":380},"2026-01-03",{"date":384,"score":296,"percentile":364},"2026-01-04",{"date":386,"score":296,"percentile":364},"2026-01-05",{"date":388,"score":296,"percentile":364},"2026-01-06",{"date":390,"score":296,"percentile":374},"2026-01-07",{"date":392,"score":296,"percentile":374},"2026-01-08",{"date":394,"score":296,"percentile":364},"2026-01-09",{"date":396,"score":296,"percentile":364},"2026-01-10",{"date":398,"score":399,"percentile":400},"2026-01-11",0.85705,0.99344,{"date":402,"score":399,"percentile":403},"2026-01-12",0.99345,{"date":405,"score":399,"percentile":403},"2026-01-13",{"date":407,"score":399,"percentile":403},"2026-01-14",{"date":409,"score":399,"percentile":403},"2026-01-15",{"date":411,"score":399,"percentile":412},"2026-01-16",0.99346,{"date":414,"score":399,"percentile":415},"2026-01-17",0.99348,{"date":417,"score":399,"percentile":415},"2026-01-18",{"date":419,"score":120,"percentile":240},"2026-01-19",{"date":421,"score":120,"percentile":240},"2026-01-20",{"date":423,"score":120,"percentile":240},"2026-01-21",{"date":425,"score":120,"percentile":240},"2026-01-22",{"date":427,"score":120,"percentile":287},"2026-01-23",{"date":429,"score":120,"percentile":243},"2026-01-24",{"date":431,"score":120,"percentile":240},"2026-01-25",{"date":433,"score":120,"percentile":240},"2026-01-26",{"date":435,"score":120,"percentile":243},"2026-01-27",{"date":437,"score":120,"percentile":243},"2026-01-28",{"date":439,"score":120,"percentile":243},"2026-01-29",{"date":441,"score":442,"percentile":443},"2026-01-30",0.91588,0.99657,{"date":445,"score":442,"percentile":446},"2026-01-31",0.99658,{"date":448,"score":442,"percentile":449},"2026-02-01",0.99664,[451],{"source":124,"cvss_v2_0":452,"cvss_v3_0":9,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":122,"baseSeverity":9,"vectorString":125,"impactScore":122,"exploitabilityScore":122},[454,462],{"ecosystem":9,"name":455,"vendor":456,"product":455,"cpe_part":457,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":458},"jdk","oracle","a",[459],{"version":460,"is_range":85,"range_type":461,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"1.7.0:update17","cpe",{"ecosystem":9,"name":463,"vendor":456,"product":463,"cpe_part":457,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":464},"jre",[465],{"version":460,"is_range":85,"range_type":461,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9}]