CVE-2013-2452

MEDIUM

Description

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Libraries, a different vulnerability than CVE-2013-2443 and CVE-2013-2455. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "network address handling in virtual machine identifiers" and the lack of "unique and unpredictable IDs" in the java.rmi.dgc.VMID class.

ID	Name	Product	Family	Severity
89668	VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2013-0012) (remote check)	Nessus	Misc.	critical
79011	RHEL 5 / 6 : java-1.6.0-sun (RHSA-2014:0414)	Nessus	Red Hat Local Security Checks	critical
78976	RHEL 5 / 6 : IBM Java Runtime in Satellite Server (RHSA-2013:1456) (ROBOT)	Nessus	Red Hat Local Security Checks	critical
78975	RHEL 5 / 6 : IBM Java Runtime in Satellite Server (RHSA-2013:1455) (BEAST) (ROBOT)	Nessus	Red Hat Local Security Checks	critical
76303	GLSA-201406-32 : IcedTea JDK: Multiple vulnerabilities (BEAST) (ROBOT)	Nessus	Gentoo Local Security Checks	critical
75101	openSUSE Security Update : java-1_7_0-openjdk (openSUSE-SU-2013:1288-1)	Nessus	SuSE Local Security Checks	critical
72139	GLSA-201401-30 : Oracle JRE/JDK: Multiple vulnerabilities (ROBOT)	Nessus	Gentoo Local Security Checks	critical
71861	IBM Domino 9.x < 9.0.1 Multiple Vulnerabilities (credentialed check)	Nessus	Windows	critical
71859	IBM Domino 9.x < 9.0.1 Multiple Vulnerabilities (uncredentialed check)	Nessus	Misc.	critical
70744	IBM Notes 8.5.x < 8.5.3 FP5 Multiple Vulnerabilities	Nessus	Windows	critical
70743	IBM Domino 8.5.x < 8.5.3 FP5 Multiple Vulnerabilities	Nessus	Windows	critical
70742	IBM Domino 8.5.x < 8.5.3 FP 5 Multiple Vulnerabilities	Nessus	Misc.	critical
70612	VMware Security Updates for vCenter Server (VMSA-2013-0012)	Nessus	Misc.	critical
69765	Amazon Linux AMI : java-1.6.0-openjdk (ALAS-2013-207)	Nessus	Amazon Linux Local Security Checks	critical
69762	Amazon Linux AMI : java-1.7.0-openjdk (ALAS-2013-204)	Nessus	Amazon Linux Local Security Checks	critical
69093	SuSE 10 Security Update : java-1_5_0-ibm (ZYPP Patch Number 8653)	Nessus	SuSE Local Security Checks	critical
69092	SuSE 10 Security Update : java-1_4_2-ibm (ZYPP Patch Number 8652)	Nessus	SuSE Local Security Checks	critical
69090	SuSE 11.2 Security Update : java-1_4_2-ibm (SAT Patch Number 8109)	Nessus	SuSE Local Security Checks	critical
69084	Debian DSA-2727-1 : openjdk-6 - several vulnerabilities	Nessus	Debian Local Security Checks	critical
69072	SuSE 10 Security Update : java-1_6_0-ibm (ZYPP Patch Number 8657)	Nessus	SuSE Local Security Checks	critical
69071	SuSE 11.3 Security Update : java-1_7_0-openjdk (SAT Patch Number 8090)	Nessus	SuSE Local Security Checks	critical
69070	SuSE 11.2 / 11.3 Security Update : java-1_7_0-ibm (SAT Patch Numbers 8106 / 8108)	Nessus	SuSE Local Security Checks	critical
69069	SuSE 11.2 / 11.3 Security Update : java-1_6_0-ibm (SAT Patch Numbers 8105 / 8107)	Nessus	SuSE Local Security Checks	critical
69031	Ubuntu 10.04 LTS / 12.04 LTS : openjdk-6 vulnerabilities (USN-1908-1)	Nessus	Ubuntu Local Security Checks	critical
69029	SuSE 11.2 Security Update : java-1_6_0-openjdk (SAT Patch Number 8084)	Nessus	SuSE Local Security Checks	critical
68926	Ubuntu 12.04 LTS / 12.10 / 13.04 : icedtea-web update (USN-1907-2)	Nessus	Ubuntu Local Security Checks	critical
68925	Ubuntu 12.10 / 13.04 : openjdk-7 vulnerabilities (USN-1907-1)	Nessus	Ubuntu Local Security Checks	critical
68922	RHEL 5 / 6 : java-1.5.0-ibm (RHSA-2013:1081)	Nessus	Red Hat Local Security Checks	critical
68901	RHEL 5 / 6 : java-1.7.0-ibm (RHSA-2013:1060)	Nessus	Red Hat Local Security Checks	critical
68900	RHEL 5 / 6 : java-1.6.0-ibm (RHSA-2013:1059)	Nessus	Red Hat Local Security Checks	critical
68889	Debian DSA-2722-1 : openjdk-7 - several vulnerabilities	Nessus	Debian Local Security Checks	critical
68842	Oracle Linux 5 / 6 : java-1.6.0-openjdk (ELSA-2013-1014)	Nessus	Oracle Linux Local Security Checks	critical
68837	Oracle Linux 5 : java-1.7.0-openjdk (ELSA-2013-0958)	Nessus	Oracle Linux Local Security Checks	critical
68836	Oracle Linux 6 : java-1.7.0-openjdk (ELSA-2013-0957)	Nessus	Oracle Linux Local Security Checks	critical
67185	Scientific Linux Security Update : java-1.6.0-openjdk on SL5.x, SL6.x i386/x86_64 (20130703)	Nessus	Scientific Linux Local Security Checks	critical
67184	RHEL 5 / 6 : java-1.6.0-openjdk (RHSA-2013:1014)	Nessus	Red Hat Local Security Checks	critical
67183	CentOS 5 / 6 : java-1.6.0-openjdk (CESA-2013:1014)	Nessus	CentOS Local Security Checks	critical
67012	Mandriva Linux Security Advisory : java-1.7.0-openjdk (MDVSA-2013:183)	Nessus	Mandriva Local Security Checks	critical
66951	Scientific Linux Security Update : java-1.7.0-openjdk on SL6.x i386/x86_64 (20130620)	Nessus	Scientific Linux Local Security Checks	critical
66950	Scientific Linux Security Update : java-1.7.0-openjdk on SL5.x i386/x86_64 (20130620)	Nessus	Scientific Linux Local Security Checks	critical
66948	RHEL 5 / 6 : java-1.7.0-oracle (RHSA-2013:0963)	Nessus	Red Hat Local Security Checks	critical
66947	CentOS 5 : java-1.7.0-openjdk (CESA-2013:0958)	Nessus	CentOS Local Security Checks	critical
66946	CentOS 6 : java-1.7.0-openjdk (CESA-2013:0957)	Nessus	CentOS Local Security Checks	critical
66943	Oracle Java SE Multiple Vulnerabilities (June 2013 CPU) (Unix)	Nessus	Misc.	critical
66940	RHEL 5 : java-1.7.0-openjdk (RHSA-2013:0958)	Nessus	Red Hat Local Security Checks	critical
66939	RHEL 6 : java-1.7.0-openjdk (RHSA-2013:0957)	Nessus	Red Hat Local Security Checks	critical
6877	Oracle Java SE Multiple Vulnerabilities (June 2013 CPU Update)	Nessus Network Monitor	Web Clients	critical
66932	Oracle Java SE Multiple Vulnerabilities (June 2013 CPU)	Nessus	Windows	critical
66929	Mac OS X : Java for Mac OS X 10.6 Update 16	Nessus	MacOS X Local Security Checks	critical
66928	Mac OS X : Java for OS X 2013-004	Nessus	MacOS X Local Security Checks	critical

CVE-2013-2452

MEDIUM

Description

References

Details

Risk Information

CVSS v2.0

Vulnerable Software

Configuration 1

Configuration 2

Configuration 3

Configuration 4

Configuration 5

Configuration 6

Tenable Plugins

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical