Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
10
CVSSv2

CVE-2013-5782

Published: 16/10/2013 Updated: 13/05/2022
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
VMScore: 890
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Sun

Vulnerability Summary

Unspecified vulnerability in Oracle Java SE 7u40 and previous versions, Java SE 6u60 and previous versions, Java SE 5.0u51 and previous versions, JRockit R28.2.8 and previous versions, JRockit R27.7.6 and previous versions, and Java SE Embedded 7u40 and previous versions allows remote malicious users to affect confidentiality, integrity, and availability via unknown vectors related to 2D.

Vulnerable Product Search on Vulmon Subscribe to Product

sun jre 1.6.0

oracle jre 1.6.0

oracle jre

sun jdk 1.5.0

oracle jdk 1.5.0

oracle jdk

sun jdk 1.6.0

oracle jdk 1.6.0

sun jre 1.5.0

oracle jre 1.5.0

oracle jrockit

oracle jrockit r28.2.3

oracle jrockit r28.1.0

oracle jrockit r28.1.1

oracle jrockit r28.1.3

oracle jrockit r28.0.1

oracle jrockit r28.1.5

oracle jrockit r28.2.6

oracle jrockit r28.2.2

oracle jrockit r28.0.2

oracle jrockit r28.2.4

oracle jrockit r28.1.4

oracle jrockit r28.0.0

oracle jrockit r28.2.5

oracle jre 1.7.0

oracle jdk 1.7.0

oracle jrockit r27.7.2

oracle jrockit r27.7.3

oracle jrockit r27.7.1

oracle jrockit r27.7.4

oracle jrockit r27.7.5

Vendor Advisories

Ubuntu Security Notice: openjdk-7 vulnerabilities
Several security issues were fixed in OpenJDK 7 ...
Ubuntu Security Notice: openjdk-6 vulnerabilities
Several security issues were fixed in OpenJDK 6 ...
Red Hat: Important: java-1.6.0-openjdk security update
Synopsis Important: java-160-openjdk security update Type/Severity Security Advisory: Important Topic Updated java-160-openjdk packages that fix various security issues arenow available for Red Hat Enterprise Linux 5 and 6The Red Hat Security Response Team has rated this update as havingimportant secur ...
Red Hat: Critical: java-1.6.0-ibm security update
Synopsis Critical: java-160-ibm security update Type/Severity Security Advisory: Critical Topic Updated java-160-ibm packages that fix several security issues are nowavailable for Red Hat Enterprise Linux 5 and 6 SupplementaryThe Red Hat Security Response Team has rated this update as having criticalse ...
Red Hat: Low: Red Hat Network Satellite server IBM Java Runtime security update
Synopsis Low: Red Hat Network Satellite server IBM Java Runtime security update Type/Severity Security Advisory: Low Topic Updated java-160-ibm packages that fix several security issues are nowavailable for Red Hat Network Satellite Server 54, 55 and 56The Red Hat Security Response Team has rated this ...
Red Hat: Critical: java-1.7.0-oracle security update
Synopsis Critical: java-170-oracle security update Type/Severity Security Advisory: Critical Topic Updated java-170-oracle packages that fix several security issues are nowavailable for Red Hat Enterprise Linux 5 and 6 SupplementaryThe Red Hat Security Response Team has rated this update as having crit ...
Red Hat: Critical: java-1.7.0-ibm security update
Synopsis Critical: java-170-ibm security update Type/Severity Security Advisory: Critical Topic Updated java-170-ibm packages that fix several security issues are nowavailable for Red Hat Enterprise Linux 5 and 6 SupplementaryThe Red Hat Security Response Team has rated this update as having criticalse ...
Red Hat: Important: java-1.5.0-ibm security update
Synopsis Important: java-150-ibm security update Type/Severity Security Advisory: Important Topic Updated java-150-ibm packages that fix several security issues are nowavailable for Red Hat Enterprise Linux 5 and 6 SupplementaryThe Red Hat Security Response Team has rated this update as havingimportant ...
Red Hat: Critical: java-1.7.0-openjdk security update
Synopsis Critical: java-170-openjdk security update Type/Severity Security Advisory: Critical Topic Updated java-170-openjdk packages that fix various security issues arenow available for Red Hat Enterprise Linux 6The Red Hat Security Response Team has rated this update as having criticalsecurity impac ...
Red Hat: Important: java-1.7.0-openjdk security update
Synopsis Important: java-170-openjdk security update Type/Severity Security Advisory: Important Topic Updated java-170-openjdk packages that fix various security issues arenow available for Red Hat Enterprise Linux 5The Red Hat Security Response Team has rated this update as havingimportant security im ...
Amazon Linux AMI: ALAS-2013-246
Multiple input checking flaws were found in the 2D component native image parsing code A specially crafted image file could trigger a Java Virtual Machine memory corruption and, possibly, lead to arbitrary code execution with the privileges of the user running the Java Virtual Machine (CVE-2013-5782) The class loader did not properly check the pa ...
Amazon Linux AMI: ALAS-2013-235
Multiple input checking flaws were found in the 2D component native image parsing code A specially crafted image file could trigger a Java Virtual Machine memory corruption and, possibly, lead to arbitrary code execution with the privileges of the user running the Java Virtual Machine (CVE-2013-5782) The class loader did not properly check the pa ...
Red Hat: CVE-2013-5782
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 50u51 and earlier, JRockit R2828 and earlier, JRockit R2776 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D ...

Recent Articles

Oracle drops shedload of CRITICAL vuln-busting Java patches
The Register • John Leyden • 16 Oct 2013

Sysadmins, look away - Oracle's biz suites have more holes than a Swiss cheese

Oracle's autumn batch of quarterly updates included no fewer than 127 security fixes, including 51 for Java alone. The arrival of the Critical Patch Update (CPU) from Oracle means pretty much all of the enterprise server packages from the software giant need patching. Oracle Database Server, Oracle E-Business Suite, Oracle PeopleSoft Products, Oracle Siebel CRM, Oracle and Sun Systems Products Suite, Oracle Virtualization and Oracle MySQL all need security fixes for one reason or another. Many o...

Read more...

References

NVD-CWE-noinfohttp://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.htmlhttp://rhn.redhat.com/errata/RHSA-2013-1440.htmlhttp://rhn.redhat.com/errata/RHSA-2013-1451.htmlhttp://rhn.redhat.com/errata/RHSA-2013-1447.htmlhttp://support.apple.com/kb/HT5982http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.htmlhttp://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.htmlhttp://www-01.ibm.com/support/docview.wss?uid=swg21655201http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.htmlhttp://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=1019108http://rhn.redhat.com/errata/RHSA-2013-1507.htmlhttp://rhn.redhat.com/errata/RHSA-2013-1505.htmlhttp://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.htmlhttp://rhn.redhat.com/errata/RHSA-2013-1508.htmlhttp://www.ubuntu.com/usn/USN-2033-1http://rhn.redhat.com/errata/RHSA-2013-1793.htmlhttp://rhn.redhat.com/errata/RHSA-2013-1509.htmlhttp://marc.info/?l=bugtraq&m=138674073720143&w=2http://marc.info/?l=bugtraq&m=138674031212883&w=2http://secunia.com/advisories/56338http://www.ubuntu.com/usn/USN-2089-1http://security.gentoo.org/glsa/glsa-201406-32.xmlhttp://www.securityfocus.com/bid/63103https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18645https://access.redhat.com/errata/RHSA-2014:0414https://usn.ubuntu.com/2089-1/https://nvd.nist.govhttps://access.redhat.com/security/cve/cve-2013-5782
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
race conditionCVE-2024-4249CVE-2024-4244CVE-2023-20198TCPCVE-2022-48648CVE-2022-48636CVE-2024-21345SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook