CVE-2013-1493

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (crash) via an image with crafted raster parameters, which triggers (1) an out-of-bounds read or (2) memory corruption in the JVM, as exploited in the wild in February 2013.

References

http://blog.fireeye.com/research/2013/02/yaj0-yet-another-java-zero-day-2.html

http://h20565.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04117626-1

http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00009.html

http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00011.html

http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00012.html

http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00020.html

http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2013-March/022145.html

http://marc.info/?l=bugtraq&m=136439120408139&w=2

http://marc.info/?l=bugtraq&m=136570436423916&w=2

http://rhn.redhat.com/errata/RHSA-2013-0601.html

http://rhn.redhat.com/errata/RHSA-2013-0603.html

http://rhn.redhat.com/errata/RHSA-2013-0604.html

http://rhn.redhat.com/errata/RHSA-2013-1455.html

http://rhn.redhat.com/errata/RHSA-2013-1456.html

http://security.gentoo.org/glsa/glsa-201406-32.xml

http://www.exploit-db.com/exploits/24904

http://www.kb.cert.org/vuls/id/688246

http://www.mandriva.com/security/advisories?name=MDVSA-2013:095

http://www.oracle.com/ocom/groups/public/@otn/documents/webcontent/1915099.xml

http://www.oracle.com/technetwork/topics/security/alert-cve-2013-1493-1915081.html

http://www.securityfocus.com/bid/58238

http://www.securitytracker.com/id/1029803

http://www.symantec.com/connect/blogs/latest-java-zero-day-shares-connections-bit9-security-incident

http://www.ubuntu.com/usn/USN-1755-2

http://www.us-cert.gov/ncas/alerts/TA13-064A

https://bugzilla.redhat.com/show_bug.cgi?id=917553

https://krebsonsecurity.com/2013/03/new-java-0-day-attack-echoes-bit9-breach/

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19246

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19477

https://twitter.com/jduck1337/status/307629902574800897

https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0088

Details

Source: MITRE

Published: 2013-03-05

Updated: 2017-09-19

Type: CWE-119

Risk Information

CVSS v2

Base Score: 10

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 10

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:oracle:jre:1.7.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.7.0:update10:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.7.0:update11:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.7.0:update13:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:*:update15:*:*:*:*:*:* versions up to 1.7.0 (inclusive)

cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.7.0:update7:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.7.0:update9:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:a:oracle:jre:1.5.0:update_36:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.5.0:update_38:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:*:update_40:*:*:*:*:*:* versions up to 1.5.0 (inclusive)

cpe:2.3:a:sun:jre:1.5.0:*:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.5.0:update1:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.5.0:update10:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.5.0:update11:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.5.0:update12:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.5.0:update13:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.5.0:update14:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.5.0:update15:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.5.0:update16:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.5.0:update17:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.5.0:update18:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.5.0:update19:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.5.0:update2:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.5.0:update20:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.5.0:update21:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.5.0:update22:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.5.0:update23:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.5.0:update24:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.5.0:update25:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.5.0:update26:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.5.0:update27:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.5.0:update28:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.5.0:update29:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.5.0:update3:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.5.0:update31:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.5.0:update33:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.5.0:update4:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.5.0:update5:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.5.0:update6:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.5.0:update7:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.5.0:update8:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.5.0:update9:*:*:*:*:*:*

Configuration 3

OR

cpe:2.3:a:oracle:jdk:1.6.0:update_22:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.6.0:update_23:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.6.0:update_24:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.6.0:update_25:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.6.0:update_26:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.6.0:update_27:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.6.0:update_29:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.6.0:update_30:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.6.0:update_31:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.6.0:update_32:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.6.0:update_33:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.6.0:update_34:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.6.0:update_35:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.6.0:update_37:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.6.0:update_38:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.6.0:update_39:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:*:update_41:*:*:*:*:*:* versions up to 1.6.0 (inclusive)

cpe:2.3:a:sun:jdk:1.6.0:*:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.6.0:update1:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.6.0:update1_b06:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.6.0:update2:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.6.0:update_10:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.6.0:update_11:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.6.0:update_12:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.6.0:update_13:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.6.0:update_14:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.6.0:update_15:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.6.0:update_16:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.6.0:update_17:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.6.0:update_18:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.6.0:update_19:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.6.0:update_20:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.6.0:update_21:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.6.0:update_3:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.6.0:update_4:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.6.0:update_5:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.6.0:update_6:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.6.0:update_7:*:*:*:*:*:*

Configuration 4

OR

cpe:2.3:a:oracle:jre:1.6.0:update_22:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.6.0:update_23:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.6.0:update_24:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.6.0:update_25:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.6.0:update_26:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.6.0:update_27:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.6.0:update_29:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.6.0:update_30:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.6.0:update_31:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.6.0:update_32:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.6.0:update_33:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.6.0:update_34:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.6.0:update_35:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.6.0:update_37:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.6.0:update_38:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.6.0:update_39:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:*:update_41:*:*:*:*:*:* versions up to 1.6.0 (inclusive)

cpe:2.3:a:sun:jre:1.6.0:*:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.6.0:update_1:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.6.0:update_10:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.6.0:update_11:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.6.0:update_12:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.6.0:update_13:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.6.0:update_14:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.6.0:update_15:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.6.0:update_16:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.6.0:update_17:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.6.0:update_18:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.6.0:update_19:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.6.0:update_2:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.6.0:update_20:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.6.0:update_21:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.6.0:update_3:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.6.0:update_4:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.6.0:update_5:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.6.0:update_6:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.6.0:update_7:*:*:*:*:*:*

cpe:2.3:a:sun:jre:1.6.0:update_9:*:*:*:*:*:*

Configuration 5

OR

cpe:2.3:a:oracle:jdk:1.5.0:update_36:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.5.0:update_38:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:*:update_40:*:*:*:*:*:* versions up to 1.5.0 (inclusive)

cpe:2.3:a:sun:jdk:1.5.0:*:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.5.0:update1:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.5.0:update10:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.5.0:update11:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.5.0:update11_b03:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.5.0:update12:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.5.0:update13:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.5.0:update14:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.5.0:update15:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.5.0:update16:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.5.0:update17:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.5.0:update18:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.5.0:update19:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.5.0:update2:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.5.0:update20:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.5.0:update21:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.5.0:update22:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.5.0:update23:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.5.0:update24:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.5.0:update25:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.5.0:update26:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.5.0:update27:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.5.0:update28:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.5.0:update29:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.5.0:update3:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.5.0:update31:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.5.0:update33:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.5.0:update4:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.5.0:update5:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.5.0:update6:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.5.0:update7:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.5.0:update7_b03:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.5.0:update8:*:*:*:*:*:*

cpe:2.3:a:sun:jdk:1.5.0:update9:*:*:*:*:*:*

Configuration 6

OR

cpe:2.3:a:oracle:jdk:1.7.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.7.0:update10:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.7.0:update11:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.7.0:update13:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:*:update15:*:*:*:*:*:* versions up to 1.7.0 (inclusive)

cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.7.0:update5:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.7.0:update6:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.7.0:update7:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.7.0:update9:*:*:*:*:*:*

Tenable Plugins

View all (53 total)

IDNameProductFamilySeverity
78976RHEL 5 / 6 : IBM Java Runtime in Satellite Server (RHSA-2013:1456) (ROBOT)NessusRed Hat Local Security Checks
critical
78975RHEL 5 / 6 : IBM Java Runtime in Satellite Server (RHSA-2013:1455) (BEAST) (ROBOT)NessusRed Hat Local Security Checks
critical
76303GLSA-201406-32 : IcedTea JDK: Multiple vulnerabilities (BEAST) (ROBOT)NessusGentoo Local Security Checks
critical
74933openSUSE Security Update : java-1_7_0-openjdk (openSUSE-SU-2013:0509-1)NessusSuSE Local Security Checks
critical
74919openSUSE Security Update : java-1_6_0-openjdk (openSUSE-SU-2013:0430-1)NessusSuSE Local Security Checks
critical
72139GLSA-201401-30 : Oracle JRE/JDK: Multiple vulnerabilities (ROBOT)NessusGentoo Local Security Checks
critical
71861IBM Domino 9.x < 9.0.1 Multiple Vulnerabilities (credentialed check)NessusWindows
critical
71859IBM Domino 9.x < 9.0.1 Multiple Vulnerabilities (uncredentialed check)NessusMisc.
critical
70744IBM Notes 8.5.x < 8.5.3 FP5 Multiple VulnerabilitiesNessusWindows
critical
70743IBM Domino 8.5.x < 8.5.3 FP5 Multiple VulnerabilitiesNessusWindows
critical
70742IBM Domino 8.5.x < 8.5.3 FP 5 Multiple VulnerabilitiesNessusMisc.
critical
69727Amazon Linux AMI : java-1.7.0-openjdk (ALAS-2013-168)NessusAmazon Linux Local Security Checks
critical
69726Amazon Linux AMI : java-1.6.0-openjdk (ALAS-2013-167)NessusAmazon Linux Local Security Checks
critical
68778Oracle Linux 6 : java-1.6.0-openjdk (ELSA-2013-0605)NessusOracle Linux Local Security Checks
critical
68777Oracle Linux 5 : java-1.6.0-openjdk (ELSA-2013-0604)NessusOracle Linux Local Security Checks
critical
68776Oracle Linux 5 : java-1.7.0-openjdk (ELSA-2013-0603)NessusOracle Linux Local Security Checks
critical
68775Oracle Linux 6 : java-1.7.0-openjdk (ELSA-2013-0602)NessusOracle Linux Local Security Checks
critical
66198SuSE 10 Security Update : java-1_6_0-ibm (ZYPP Patch Number 8544)NessusSuSE Local Security Checks
critical
66197SuSE 10 Security Update : IBM Java (ZYPP Patch Number 8542)NessusSuSE Local Security Checks
critical
66196SuSE 10 Security Update : IBM Java (ZYPP Patch Number 8543)NessusSuSE Local Security Checks
critical
66194SuSE 11.2 Security Update : IBM Java (SAT Patch Number 7627)NessusSuSE Local Security Checks
critical
66193SuSE 11.2 Security Update : IBM Java (SAT Patch Number 7618)NessusSuSE Local Security Checks
critical
66107Mandriva Linux Security Advisory : java-1.7.0-openjdk (MDVSA-2013:095)NessusMandriva Local Security Checks
critical
66031SuSE 11.2 Security Update : java-1_7_0-ibm (SAT Patch Number 7623)NessusSuSE Local Security Checks
critical
65245SuSE 11.2 Security Update : Java (SAT Patch Number 7457)NessusSuSE Local Security Checks
critical
65204RHEL 5 / 6 : java-1.7.0-ibm (RHSA-2013:0626)NessusRed Hat Local Security Checks
critical
65203RHEL 5 / 6 : java-1.6.0-ibm (RHSA-2013:0625)NessusRed Hat Local Security Checks
critical
65202RHEL 5 / 6 : java-1.5.0-ibm (RHSA-2013:0624)NessusRed Hat Local Security Checks
critical
65163CentOS 6 : java-1.6.0-openjdk (CESA-2013:0605)NessusCentOS Local Security Checks
critical
65162CentOS 6 : java-1.7.0-openjdk (CESA-2013:0602)NessusCentOS Local Security Checks
critical
65095Ubuntu 12.10 : openjdk-7 vulnerabilities (USN-1755-2)NessusUbuntu Local Security Checks
critical
65089Scientific Linux Security Update : java-1.7.0-openjdk on SL6.x i386/x86_64 (20130306)NessusScientific Linux Local Security Checks
critical
65088Scientific Linux Security Update : java-1.7.0-openjdk on SL5.x i386/x86_64 (20130306)NessusScientific Linux Local Security Checks
critical
65087Scientific Linux Security Update : java-1.6.0-openjdk on SL6.x i386/x86_64 (20130306)NessusScientific Linux Local Security Checks
critical
65086Scientific Linux Security Update : java-1.6.0-openjdk on SL5.x i386/x86_64 (20130306)NessusScientific Linux Local Security Checks
critical
65079CentOS 5 : java-1.7.0-openjdk (CESA-2013:0603)NessusCentOS Local Security Checks
critical
65075RHEL 6 : java-1.6.0-openjdk (RHSA-2013:0605)NessusRed Hat Local Security Checks
critical
65074RHEL 5 : java-1.6.0-openjdk (RHSA-2013:0604)NessusRed Hat Local Security Checks
critical
65073RHEL 5 : java-1.7.0-openjdk (RHSA-2013:0603)NessusRed Hat Local Security Checks
critical
65072RHEL 6 : java-1.7.0-openjdk (RHSA-2013:0602)NessusRed Hat Local Security Checks
critical
65071RHEL 5 / 6 : java-1.6.0-sun (RHSA-2013:0601)NessusRed Hat Local Security Checks
critical
65070RHEL 5 / 6 : java-1.7.0-oracle (RHSA-2013:0600)NessusRed Hat Local Security Checks
critical
65064CentOS 5 : java-1.6.0-openjdk (CESA-2013:0604)NessusCentOS Local Security Checks
critical
65053Oracle Java JDK / JRE 7 < Update 17 Remote Code Execution (Unix)NessusMisc.
critical
65052Oracle Java JDK / JRE 7 < Update 17 Remote Code Execution (Windows)NessusWindows
critical
65051Oracle Java JDK / JRE 6 < Update 43 Remote Code Execution (Unix)NessusMisc.
critical
65050Oracle Java JDK / JRE 6 < Update 43 Remote Code Execution (Windows)NessusWindows
critical
65049Oracle Java JDK / JRE 5 < Update 41 Remote Code Execution (Unix)NessusMisc.
critical
65048Oracle Java JDK / JRE 5 < Update 41 Remote Code Execution (Windows)NessusWindows
critical
65045Ubuntu 10.04 LTS / 11.10 / 12.04 LTS : openjdk-6 vulnerabilities (USN-1755-1)NessusUbuntu Local Security Checks
critical
65028Mac OS X : Java for OS X 2013-002NessusMacOS X Local Security Checks
critical
65027Mac OS X : Java for Mac OS X 10.6 Update 14NessusMacOS X Local Security Checks
critical
6711Oracle Java JDK / JRE 7 < Update 17 Remote Code ExecutionNessus Network MonitorWeb Clients
high