CVE-2013-2448: CVE-2013-2448

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2013-2448

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Sound. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to insufficient "access restrictions" and "robustness of sound classes."

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Oracle Java SE JRE组件未明安全漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Oracle Java SE是美国甲骨文（Oracle）公司的一套标准版Java平台，用于开发和部署桌面、服务器以及嵌入设备和实时环境中的Java应用程序。JRE组件是Java的运行时环境。 Oracle Java SE 7 Update 21及之前的版本，6 Update 45及之前的版本，5.0 Update 45及之前的版本中的Java Runtime Environment (JRE)组件中存在漏洞。远程攻击者可通过与Sound相关的向量利用该漏洞影响保密性，完整性及可用性。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2013-2448

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2013-2448

Please Login to view more intelligence information

🔗 https://bugzilla.redhat.com/show_bug.cgi?id=975125x_refsource_CONFIRM
🔗 http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/91ce9432f88dx_refsource_MISC
🔗 http://www-01.ibm.com/support/docview.wss?uid=swg21642336x_refsource_CONFIRM
🔗 http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.htmlx_refsource_CONFIRM
🔗 http://advisories.mageia.org/MGASA-2013-0185.htmlx_refsource_CONFIRM
🔗 http://www.securityfocus.com/bid/60640vdb-entryx_refsource_BID
🔗 http://secunia.com/advisories/54154third-party-advisoryx_refsource_SECUNIA
🔗 http://www.us-cert.gov/ncas/alerts/TA13-169Athird-party-advisoryx_refsource_CERT
🔗 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880vendor-advisoryx_refsource_HP
🔗 '[security bulletin] HPSBUX02908 rev.1 - HP-UX Running Java6, Remote Unauthorized Access, Disclosure' - MARC Read full article vendor-advisoryx_refsource_HP
🔗 http://marc.info/?l=bugtraq&m=137545505800971&w=2vendor-advisoryx_refsource_HP
🔗 http://rhn.redhat.com/errata/RHSA-2013-1060.htmlvendor-advisoryx_refsource_REDHAT
🔗 http://rhn.redhat.com/errata/RHSA-2013-1455.htmlvendor-advisoryx_refsource_REDHAT
🔗 http://rhn.redhat.com/errata/RHSA-2013-1456.htmlvendor-advisoryx_refsource_REDHAT
🔗 http://rhn.redhat.com/errata/RHSA-2013-1059.htmlvendor-advisoryx_refsource_REDHAT
🔗 http://rhn.redhat.com/errata/RHSA-2013-0963.htmlvendor-advisoryx_refsource_REDHAT
🔗 http://security.gentoo.org/glsa/glsa-201406-32.xmlvendor-advisoryx_refsource_GENTOO
🔗 http://rhn.redhat.com/errata/RHSA-2013-1081.htmlvendor-advisoryx_refsource_REDHAT
🔗 http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.htmlvendor-advisoryx_refsource_SUSE
🔗 http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.htmlvendor-advisoryx_refsource_SUSE
🔗 http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.htmlvendor-advisoryx_refsource_SUSE
🔗 http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.htmlvendor-advisoryx_refsource_SUSE
🔗 http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.htmlvendor-advisoryx_refsource_SUSE
🔗 http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.htmlvendor-advisoryx_refsource_SUSE
🔗 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19669vdb-entrysignaturex_refsource_OVAL
🔗 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17052vdb-entrysignaturex_refsource_OVAL
🔗 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19632vdb-entrysignaturex_refsource_OVAL
🔗 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19692vdb-entrysignaturex_refsource_OVAL
https://nvd.nist.gov/vuln/detail/CVE-2013-2448

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2013-2448

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2013-2448

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2013-2448

III. Intelligence Information for CVE-2013-2448

IV. Related Vulnerabilities

V. Comments for CVE-2013-2448

Leave a comment