CVE-2013-5800

Severity

43%

Complexity

86%

Confidentiality

48%

Per http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html 'Applies to client deployment of Java only. This vulnerability can be exploited only through sandboxed Java Web Start applications and sandboxed Java applets.'

Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to JGSS.

Per http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html 'Applies to client deployment of Java only. This vulnerability can be exploited only through sandboxed Java Web Start applications and sandboxed Java applets.'

CVSS 2.0 Base Score 4.3. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N).

Overview

Type

Oracle

First reported 11 years ago

2013-10-16 17:55:00

Last updated 7 years ago

2017-09-19 01:36:00

Affected Software

Oracle JDK 1.7.0

1.7.0

Oracle JDK 1.7.0 update1

1.7.0

Oracle JDK 1.7.0 Update 10

1.7.0

Oracle JDK 1.7.0 Update 11

1.7.0

Oracle JDK 1.7.0 Update 13

1.7.0

Oracle JDK 1.7.0 Update 15

1.7.0

Oracle JDK 1.7.0 Update 17

1.7.0

Oracle JDK 1.7.0 update2

1.7.0

Oracle JDK 1.7.0 Update 21

1.7.0

Oracle JDK 1.7.0 Update 25

1.7.0

Oracle JDK 1.7.0 update3

1.7.0

Oracle JDK 1.7.0 Update 4

1.7.0

Oracle JDK 1.7.0 Update 5

1.7.0

Oracle JDK 1.7.0 Update 6

1.7.0

Oracle JDK 1.7.0 Update 7

1.7.0

Oracle JDK 1.7.0 Update 9

1.7.0

Oracle JRE 1.7.0

1.7.0

Oracle JRE 1.7.0 update1

1.7.0

Oracle JRE 1.7.0 Update 10

1.7.0

Oracle JRE 1.7.0 Update 11

1.7.0

Oracle JRE 1.7.0 Update 13

1.7.0

Oracle JRE 1.7.0 Update 15

1.7.0

Oracle JRE 1.7.0 Update 17

1.7.0

Oracle JRE 1.7.0 update2

1.7.0

Oracle JRE 1.7.0 Update 21

1.7.0

Oracle JRE 1.7.0 Update 25

1.7.0

Oracle JRE 1.7.0 update3

1.7.0

Oracle JRE 1.7.0 Update 4

1.7.0

Oracle JRE 1.7.0 Update 5

1.7.0

Oracle JRE 1.7.0 Update 6

1.7.0

Oracle JRE 1.7.0 Update 7

1.7.0

Oracle JRE 1.7.0 Update 9

1.7.0

References

SUSE-SU-2013:1666

SUSE-SU-2013:1677

openSUSE-SU-2013:1663

RHSA-2013:1440

RHSA-2013:1447

RHSA-2013:1451

RHSA-2013:1507

56338

GLSA-201406-32

http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html

Vendor Advisory

USN-2089-1

http://www-01.ibm.com/support/docview.wss?uid=swg21655201

oval:org.mitre.oval:def:19093

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.