Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, and 5.0 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect integrity via unknown vectors related to Networking. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to avoid triggering an exception during the deserialization of invalid InetSocketAddress data.

Metrics

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:N/AC:L/Au:N/C:N/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Oracle
  • Jdk
  • Jre
Redhat
  • Enterprise Linux
  • Network Satellite
  • Rhel Extras
Sun
  • Jdk
  • Jre

Configuration 1 [-]

OR cpe:2.3:a:oracle:jre:1.7.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update10:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update11:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update7:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update9:*:*:*:*:*:*

Configuration 2 [-]

OR cpe:2.3:a:oracle:jdk:1.7.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update10:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update11:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update5:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update6:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update7:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update9:*:*:*:*:*:*

Configuration 3 [-]

OR cpe:2.3:a:oracle:jre:1.6.0:update22:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update23:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update24:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update25:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update26:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update27:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update29:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update30:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update31:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update32:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update33:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update34:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update35:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update37:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update38:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_1:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_10:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_11:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_12:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_13:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_14:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_15:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_16:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_17:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_18:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_19:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_2:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_20:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_21:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_3:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_4:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_5:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_6:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_7:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_9:*:*:*:*:*:*

Configuration 4 [-]

OR cpe:2.3:a:oracle:jdk:1.6.0:update22:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update23:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update24:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update25:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update26:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update27:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update29:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update30:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update31:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update32:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update33:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update34:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update35:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update37:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update38:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:*:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_10:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_11:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_12:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_13:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_14:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_15:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_16:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_17:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_18:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_19:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_20:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_21:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_3:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_4:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_5:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_6:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_7:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update1:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update1_b06:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update2:*:*:*:*:*:*

Configuration 5 [-]

OR cpe:2.3:a:oracle:jre:1.5.0:update36:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.5.0:update38:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update1:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update10:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update11:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update12:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update13:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update14:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update15:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update16:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update17:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update18:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update19:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update2:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update20:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update21:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update22:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update23:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update24:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update25:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update26:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update27:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update28:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update29:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update3:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update31:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update33:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update4:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update5:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update6:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update7:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update8:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update9:*:*:*:*:*:*

Configuration 6 [-]

OR cpe:2.3:a:oracle:jdk:1.5.0:update36:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.5.0:update38:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:*:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update1:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update10:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update11:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update11_b03:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update12:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update13:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update14:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update15:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update16:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update17:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update18:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update19:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update2:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update20:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update21:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update22:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update23:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update24:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update25:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update26:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update27:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update28:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update29:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update3:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update31:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update33:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update4:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update5:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update6:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update7:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update7_b03:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update8:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update9:*:*:*:*:*:*
Package CPE Advisory Released Date
Red Hat Enterprise Linux 5
java-1.6.0-openjdk-1:1.6.0.0-1.33.1.11.6.el5_9 cpe:/o:redhat:enterprise_linux:5 RHSA-2013:0246 2013-02-08T00:00:00Z
java-1.7.0-openjdk-1:1.7.0.9-2.3.5.3.el5_9 cpe:/o:redhat:enterprise_linux:5 RHSA-2013:0247 2013-02-08T00:00:00Z
Red Hat Enterprise Linux 6
java-1.6.0-openjdk-1:1.6.0.0-1.54.1.11.6.el6_3 cpe:/o:redhat:enterprise_linux:6 RHSA-2013:0245 2013-02-08T00:00:00Z
java-1.7.0-openjdk-1:1.7.0.9-2.3.5.3.el6_3 cpe:/o:redhat:enterprise_linux:6 RHSA-2013:0247 2013-02-08T00:00:00Z
Red Hat Network Satellite Server v 5.4
java-1.6.0-ibm-1:1.6.0.14.0-1jpp.1.el6_4 cpe:/a:redhat:network_satellite:5.4::el5 RHSA-2013:1455 2013-10-23T00:00:00Z
Red Hat Network Satellite Server v 5.5
java-1.6.0-ibm-1:1.6.0.14.0-1jpp.1.el6_4 cpe:/a:redhat:network_satellite:5.5::el5 RHSA-2013:1456 2013-10-23T00:00:00Z
Supplementary for Red Hat Enterprise Linux 5
java-1.6.0-sun-1:1.6.0.39-1jpp.4.el5_9 cpe:/a:redhat:rhel_extras:5 RHSA-2013:0236 2013-02-04T00:00:00Z
java-1.7.0-oracle-1:1.7.0.13-1jpp.1.el5_9 cpe:/a:redhat:rhel_extras:5 RHSA-2013:0237 2013-02-04T00:00:00Z
java-1.5.0-ibm-1:1.5.0.16.0-1jpp.1.el5_9 cpe:/a:redhat:rhel_extras:5 RHSA-2013:0624 2013-03-11T00:00:00Z
java-1.6.0-ibm-1:1.6.0.13.0-1jpp.2.el5_9 cpe:/a:redhat:rhel_extras:5 RHSA-2013:0625 2013-03-11T00:00:00Z
java-1.7.0-ibm-1:1.7.0.4.0-1jpp.2.el5_9 cpe:/a:redhat:rhel_extras:5 RHSA-2013:0626 2013-03-11T00:00:00Z
Supplementary for Red Hat Enterprise Linux 6
java-1.6.0-sun-1:1.6.0.39-1jpp.1.el6_3 cpe:/a:redhat:rhel_extras:6 RHSA-2013:0236 2013-02-04T00:00:00Z
java-1.7.0-oracle-1:1.7.0.13-1jpp.3.el6_3 cpe:/a:redhat:rhel_extras:6 RHSA-2013:0237 2013-02-04T00:00:00Z
java-1.5.0-ibm-1:1.5.0.16.0-1jpp.1.el6_4 cpe:/a:redhat:rhel_extras:6 RHSA-2013:0624 2013-03-11T00:00:00Z
java-1.6.0-ibm-1:1.6.0.13.0-1jpp.3.el6_4 cpe:/a:redhat:rhel_extras:6 RHSA-2013:0625 2013-03-11T00:00:00Z
java-1.7.0-ibm-1:1.7.0.4.0-1jpp.2.el6_4 cpe:/a:redhat:rhel_extras:6 RHSA-2013:0626 2013-03-11T00:00:00Z
References
Link Providers
http://icedtea.classpath.org/hg/release/icedtea6-1.11/file/icedtea6-1.11.6/NEWS cve-icon cve-icon
http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk/rev/ab011765c4e8 cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00014.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00001.html cve-icon cve-icon
http://marc.info/?l=bugtraq&m=136439120408139&w=2 cve-icon cve-icon
http://marc.info/?l=bugtraq&m=136570436423916&w=2 cve-icon cve-icon
http://marc.info/?l=bugtraq&m=136733161405818&w=2 cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2013-0236.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2013-0237.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2013-0245.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2013-0246.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2013-0247.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2013-1455.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2013-1456.html cve-icon cve-icon
http://security.gentoo.org/glsa/glsa-201406-32.xml cve-icon cve-icon
http://www.kb.cert.org/vuls/id/858729 cve-icon cve-icon
http://www.mandriva.com/security/advisories?name=MDVSA-2013:095 cve-icon cve-icon
http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html cve-icon cve-icon cve-icon
http://www.securityfocus.com/bid/57719 cve-icon cve-icon
http://www.us-cert.gov/cas/techalerts/TA13-032A.html cve-icon cve-icon
https://bugzilla.redhat.com/show_bug.cgi?id=907456 cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2013-0433 cve-icon
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16537 cve-icon cve-icon
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19405 cve-icon cve-icon
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19459 cve-icon cve-icon
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19468 cve-icon cve-icon
https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0056 cve-icon cve-icon
https://www.cve.org/CVERecord?id=CVE-2013-0433 cve-icon
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: oracle

Published: 2013-02-02T00:00:00

Updated: 2024-08-06T14:25:10.337Z

Reserved: 2012-12-07T00:00:00

Link: CVE-2013-0433

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2013-02-02T00:55:01.880

Modified: 2024-11-21T01:47:32.493

Link: CVE-2013-0433

cve-icon Redhat

Severity : Moderate

Publid Date: 2013-02-01T00:00:00Z

Links: CVE-2013-0433 - Bugzilla