CVE-2013-2452 in Javaالمعلومات

الملخص

بحسب MITRE

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Libraries, a different vulnerability than CVE-2013-2443 and CVE-2013-2455. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "network address handling in virtual machine identifiers" and the lack of "unique and unpredictable IDs" in the java.rmi.dgc.VMID class.

Be aware that VulDB is the high quality source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

حجز

05/03/2013

إفشاء

18/06/2013

الاعتدال

تمت الموافقة

إدخال

VDB-9221

CPE

جاهز

CWE

CWE-192 (مؤكد)

CVSS

5.0 (NVD)

EPSS

0.04326

KEV

لا

النشاطات

منخفض جدًا

القطاع

Finance, Telecommunication, ...

المصادر

MITRE	https://www.cve.org/CVERecord?id=CVE-2013-2452
NVD	https://nvd.nist.gov/vuln/detail/CVE-2013-2452
CVE Details	https://www.cvedetails.com/cve/CVE-2013-2452/

التالي ▸نظرة عامة ◂ السابق

Interested in the pricing of exploits?

See the underground prices here!