CVE-2013-2407

Advisory lineage Upstream: 0 Downstream: 14
Modified
Published: 18 Jun 2013, 22:00
Last modified:06 Aug 2024, 15:36

Vulnerability Summary

Overall Risk (default)
medium
27/100
CVSS Score
6.4 MEDIUM
v2.0 (nvd)
EPSS Score
5.42% LOW
5% probability 0.00%
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

18 Jun 2013, 22:00
Published
Vulnerability first disclosed
06 Aug 2024, 15:36
Last Modified
Vulnerability information updated

Description

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality and availability via unknown vectors related to Libraries. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "XML security and the class loader."

CVSS Metrics

  • v2.0MEDIUMScore: 6.4AV:N/AC:L/Au:N/C:P/I:N/A:P

EPSS Trends

Current EPSS score: 5.42% Percentile: 90%

Affected Systems

  • oraclejdk

    ≤ 1.7.0 | 1.7.0 | 1.7.0:update1 | 1.7.0:update10 | 1.7.0:update11 | 1.7.0:update13 | 1.7.0:update15 | 1.7.0:update17 | 1.7.0:update2 | 1.7.0:update3 | 1.7.0:update4 | 1.7.0:update5 | 1.7.0:update6 | 1.7.0:update7 | 1.7.0:update9 | ≤ 1.6.0 | 1.6.0:update22 | 1.6.0:update23 | 1.6.0:update24 | 1.6.0:update25 | 1.6.0:update26 | 1.6.0:update27 | 1.6.0:update29 | 1.6.0:update30 | 1.6.0:update31 | 1.6.0:update32 | 1.6.0:update33 | 1.6.0:update34 | 1.6.0:update35 | 1.6.0:update37 | 1.6.0:update38 | 1.6.0:update39 | 1.6.0:update41 | 1.6.0:update43

  • oraclejre

    ≤ 1.7.0 | 1.7.0 | 1.7.0:update1 | 1.7.0:update10 | 1.7.0:update11 | 1.7.0:update13 | 1.7.0:update15 | 1.7.0:update17 | 1.7.0:update2 | 1.7.0:update3 | 1.7.0:update4 | 1.7.0:update5 | 1.7.0:update6 | 1.7.0:update7 | 1.7.0:update9 | ≤ 1.6.0 | 1.6.0:update22 | 1.6.0:update23 | 1.6.0:update24 | 1.6.0:update25 | 1.6.0:update26 | 1.6.0:update27 | 1.6.0:update29 | 1.6.0:update30 | 1.6.0:update31 | 1.6.0:update32 | 1.6.0:update33 | 1.6.0:update34 | 1.6.0:update35 | 1.6.0:update37 | 1.6.0:update38 | 1.6.0:update39 | 1.6.0:update41 | 1.6.0:update43

  • sunjdk

    1.6.0 | 1.6.0:update_10 | 1.6.0:update_11 | 1.6.0:update_12 | 1.6.0:update_13 | 1.6.0:update_14 | 1.6.0:update_15 | 1.6.0:update_16 | 1.6.0:update_17 | 1.6.0:update_18 | 1.6.0:update_19 | 1.6.0:update_20 | 1.6.0:update_21 | 1.6.0:update_3 | 1.6.0:update_4 | 1.6.0:update_5 | 1.6.0:update_6 | 1.6.0:update_7 | 1.6.0:update1 | 1.6.0:update1_b06 | 1.6.0:update2

  • sunjre

    1.6.0 | 1.6.0:update_1 | 1.6.0:update_10 | 1.6.0:update_11 | 1.6.0:update_12 | 1.6.0:update_13 | 1.6.0:update_14 | 1.6.0:update_15 | 1.6.0:update_16 | 1.6.0:update_17 | 1.6.0:update_18 | 1.6.0:update_19 | 1.6.0:update_2 | 1.6.0:update_20 | 1.6.0:update_21 | 1.6.0:update_3 | 1.6.0:update_4 | 1.6.0:update_5 | 1.6.0:update_6 | 1.6.0:update_7 | 1.6.0:update_9

References (26)