CVE-2013-0430

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to the installation process of the client.

References

http://marc.info/?l=bugtraq&m=136733161405818&w=2

http://rhn.redhat.com/errata/RHSA-2013-0236.html

http://rhn.redhat.com/errata/RHSA-2013-0237.html

http://www.kb.cert.org/vuls/id/858729

http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html

http://www.securityfocus.com/bid/57722

http://www.us-cert.gov/cas/techalerts/TA13-032A.html

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16600

Details

Source: MITRE

Published: 2013-02-02

Updated: 2017-09-19

Risk Information

CVSS v2

Base Score: 6.9

Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 3.4

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:oracle:jre:1.7.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.7.0:update10:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.7.0:update11:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.7.0:update7:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.7.0:update9:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:a:oracle:jdk:1.7.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.7.0:update10:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.7.0:update11:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.7.0:update5:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.7.0:update6:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.7.0:update7:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.7.0:update9:*:*:*:*:*:*

Configuration 3

OR

cpe:2.3:a:oracle:jre:1.6.0:update_22:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.6.0:update_23:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.6.0:update_24:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.6.0:update_25:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.6.0:update_26:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.6.0:update_27:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.6.0:update_29:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.6.0:update_30:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.6.0:update_31:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.6.0:update_32:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.6.0:update_33:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.6.0:update_34:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.6.0:update_35:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.6.0:update_37:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.6.0:update_38:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.6.0:*:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.6.0:update_1:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.6.0:update_10:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.6.0:update_11:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.6.0:update_12:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.6.0:update_13:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.6.0:update_14:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.6.0:update_15:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.6.0:update_16:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.6.0:update_17:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.6.0:update_18:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.6.0:update_19:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.6.0:update_2:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.6.0:update_20:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.6.0:update_21:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.6.0:update_3:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.6.0:update_4:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.6.0:update_5:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.6.0:update_6:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.6.0:update_7:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.6.0:update_9:*:*:*:*:*:*

Configuration 4

OR

cpe:2.3:a:oracle:jdk:1.6.0:update_22:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.6.0:update_23:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.6.0:update_24:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.6.0:update_25:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.6.0:update_26:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.6.0:update_27:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.6.0:update_29:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.6.0:update_30:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.6.0:update_31:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.6.0:update_32:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.6.0:update_33:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.6.0:update_34:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.6.0:update_35:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.6.0:update_37:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.6.0:update_38:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.6.0:*:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.6.0:update1:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.6.0:update1_b06:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.6.0:update2:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.6.0:update_10:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.6.0:update_11:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.6.0:update_12:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.6.0:update_13:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.6.0:update_14:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.6.0:update_15:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.6.0:update_16:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.6.0:update_17:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.6.0:update_18:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.6.0:update_19:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.6.0:update_20:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.6.0:update_21:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.6.0:update_3:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.6.0:update_4:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.6.0:update_5:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.6.0:update_6:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.6.0:update_7:*:*:*:*:*:*

Tenable Plugins

View all (13 total)

IDNameProductFamilySeverity
72139GLSA-201401-30 : Oracle JRE/JDK: Multiple vulnerabilities (ROBOT)NessusGentoo Local Security Checks
critical
71861IBM Domino 9.x < 9.0.1 Multiple Vulnerabilities (credentialed check)NessusWindows
critical
71859IBM Domino 9.x < 9.0.1 Multiple Vulnerabilities (uncredentialed check)NessusMisc.
critical
70744IBM Notes 8.5.x < 8.5.3 FP5 Multiple VulnerabilitiesNessusWindows
critical
70743IBM Domino 8.5.x < 8.5.3 FP5 Multiple VulnerabilitiesNessusWindows
critical
70742IBM Domino 8.5.x < 8.5.3 FP 5 Multiple VulnerabilitiesNessusMisc.
critical
64850Oracle Java SE Multiple Vulnerabilities (February 2013 CPU) (Unix)NessusMisc.
critical
64639Ubuntu 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : openjdk-6, openjdk-7 vulnerabilities (USN-1724-1)NessusUbuntu Local Security Checks
critical
64605Scientific Linux Security Update : jdk-1.6.0 on SL 5.0 - 5.8 (i386 x86_64) (20130205)NessusScientific Linux Local Security Checks
critical
64468RHEL 5 / 6 : java-1.7.0-oracle (RHSA-2013:0237)NessusRed Hat Local Security Checks
critical
64467RHEL 5 / 6 : java-1.6.0-sun (RHSA-2013:0236)NessusRed Hat Local Security Checks
critical
64454Oracle Java SE Multiple Vulnerabilities (February 2013 CPU)NessusWindows
critical
6685Oracle Java SE 7 <= Update 11 Multiple Vulnerabilities (February 2013 CPU)Nessus Network MonitorWeb Clients
critical