Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality via vectors related to JAXP. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to the public declaration of the loadPropertyFile method in the JAXP FuncSystemProperty class, which allows remote attackers to obtain sensitive information.

Metrics

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

This CVE is not in the KEV list.

The EPSS score is 0.00452.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Oracle
  • Jdk
  • Jre
Redhat
  • Enterprise Linux
  • Network Satellite
  • Rhel Extras
Sun
  • Jdk
  • Jre

Configuration 1 [-]

OR cpe:2.3:a:oracle:jre:1.7.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update10:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update11:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update7:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update9:*:*:*:*:*:*

Configuration 2 [-]

OR cpe:2.3:a:oracle:jdk:1.7.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update10:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update11:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update5:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update6:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update7:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update9:*:*:*:*:*:*

Configuration 3 [-]

OR cpe:2.3:a:oracle:jre:1.6.0:update22:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update23:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update24:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update25:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update26:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update27:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update29:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update30:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update31:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update32:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update33:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update34:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update35:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update37:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update38:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_1:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_10:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_11:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_12:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_13:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_14:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_15:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_16:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_17:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_18:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_19:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_2:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_20:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_21:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_3:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_4:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_5:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_6:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_7:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.6.0:update_9:*:*:*:*:*:*

Configuration 4 [-]

OR cpe:2.3:a:oracle:jdk:1.6.0:update22:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update23:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update24:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update25:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update26:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update27:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update29:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update30:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update31:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update32:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update33:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update34:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update35:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update37:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update38:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:*:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_10:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_11:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_12:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_13:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_14:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_15:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_16:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_17:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_18:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_19:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_20:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_21:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_3:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_4:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_5:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_6:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update_7:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update1:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update1_b06:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.6.0:update2:*:*:*:*:*:*

Configuration 5 [-]

OR cpe:2.3:a:oracle:jre:1.5.0:update36:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.5.0:update38:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update1:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update10:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update11:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update12:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update13:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update14:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update15:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update16:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update17:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update18:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update19:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update2:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update20:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update21:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update22:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update23:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update24:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update25:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update26:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update27:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update28:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update29:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update3:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update31:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update33:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update4:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update5:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update6:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update7:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update8:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.5.0:update9:*:*:*:*:*:*

Configuration 6 [-]

OR cpe:2.3:a:oracle:jdk:1.5.0:update36:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.5.0:update38:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:*:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update1:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update10:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update11:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update11_b03:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update12:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update13:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update14:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update15:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update16:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update17:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update18:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update19:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update2:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update20:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update21:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update22:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update23:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update24:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update25:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update26:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update27:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update28:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update29:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update3:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update31:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update33:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update4:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update5:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update6:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update7:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update7_b03:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update8:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.5.0:update9:*:*:*:*:*:*

Configuration 7 [-]

OR cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.4.2_38:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_1:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_2:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_3:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_4:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_5:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_6:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_7:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_8:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_9:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_10:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_11:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_12:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_13:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_14:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_15:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_16:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_17:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_18:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_19:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_20:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_21:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_22:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_23:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_24:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_25:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_26:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_27:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_28:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_29:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_30:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_31:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_32:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_33:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_34:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_35:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_36:*:*:*:*:*:*:*
cpe:2.3:a:sun:jre:1.4.2_37:*:*:*:*:*:*:*

Configuration 8 [-]

OR cpe:2.3:a:oracle:jdk:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.4.2_38:*:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.4.2:*:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.4.2_1:*:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.4.2_2:*:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.4.2_3:*:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.4.2_4:*:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.4.2_5:*:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.4.2_6:*:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.4.2_7:*:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.4.2_8:*:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.4.2_9:*:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.4.2_10:*:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.4.2_11:*:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.4.2_12:*:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.4.2_13:*:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.4.2_14:*:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.4.2_15:*:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.4.2_16:*:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.4.2_17:*:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.4.2_18:*:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.4.2_19:*:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.4.2_22:*:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.4.2_23:*:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.4.2_25:*:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.4.2_26:*:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.4.2_27:*:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.4.2_28:*:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.4.2_29:*:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.4.2_30:*:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.4.2_31:*:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.4.2_32:*:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.4.2_33:*:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.4.2_34:*:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.4.2_35:*:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.4.2_36:*:*:*:*:*:*:*
cpe:2.3:a:sun:jdk:1.4.2_37:*:*:*:*:*:*:*
Package CPE Advisory Released Date
Red Hat Enterprise Linux 5
java-1.6.0-openjdk-1:1.6.0.0-1.33.1.11.6.el5_9 cpe:/o:redhat:enterprise_linux:5 RHSA-2013:0246 2013-02-08T00:00:00Z
java-1.7.0-openjdk-1:1.7.0.9-2.3.5.3.el5_9 cpe:/o:redhat:enterprise_linux:5 RHSA-2013:0247 2013-02-08T00:00:00Z
Red Hat Enterprise Linux 6
java-1.6.0-openjdk-1:1.6.0.0-1.54.1.11.6.el6_3 cpe:/o:redhat:enterprise_linux:6 RHSA-2013:0245 2013-02-08T00:00:00Z
java-1.7.0-openjdk-1:1.7.0.9-2.3.5.3.el6_3 cpe:/o:redhat:enterprise_linux:6 RHSA-2013:0247 2013-02-08T00:00:00Z
Red Hat Network Satellite Server v 5.4
java-1.6.0-ibm-1:1.6.0.14.0-1jpp.1.el6_4 cpe:/a:redhat:network_satellite:5.4::el5 RHSA-2013:1455 2013-10-23T00:00:00Z
Red Hat Network Satellite Server v 5.5
java-1.6.0-ibm-1:1.6.0.14.0-1jpp.1.el6_4 cpe:/a:redhat:network_satellite:5.5::el5 RHSA-2013:1456 2013-10-23T00:00:00Z
Supplementary for Red Hat Enterprise Linux 5
java-1.6.0-sun-1:1.6.0.39-1jpp.4.el5_9 cpe:/a:redhat:rhel_extras:5 RHSA-2013:0236 2013-02-04T00:00:00Z
java-1.7.0-oracle-1:1.7.0.13-1jpp.1.el5_9 cpe:/a:redhat:rhel_extras:5 RHSA-2013:0237 2013-02-04T00:00:00Z
java-1.5.0-ibm-1:1.5.0.16.0-1jpp.1.el5_9 cpe:/a:redhat:rhel_extras:5 RHSA-2013:0624 2013-03-11T00:00:00Z
java-1.6.0-ibm-1:1.6.0.13.0-1jpp.2.el5_9 cpe:/a:redhat:rhel_extras:5 RHSA-2013:0625 2013-03-11T00:00:00Z
java-1.7.0-ibm-1:1.7.0.4.0-1jpp.2.el5_9 cpe:/a:redhat:rhel_extras:5 RHSA-2013:0626 2013-03-11T00:00:00Z
Supplementary for Red Hat Enterprise Linux 6
java-1.6.0-sun-1:1.6.0.39-1jpp.1.el6_3 cpe:/a:redhat:rhel_extras:6 RHSA-2013:0236 2013-02-04T00:00:00Z
java-1.7.0-oracle-1:1.7.0.13-1jpp.3.el6_3 cpe:/a:redhat:rhel_extras:6 RHSA-2013:0237 2013-02-04T00:00:00Z
java-1.5.0-ibm-1:1.5.0.16.0-1jpp.1.el6_4 cpe:/a:redhat:rhel_extras:6 RHSA-2013:0624 2013-03-11T00:00:00Z
java-1.6.0-ibm-1:1.6.0.13.0-1jpp.3.el6_4 cpe:/a:redhat:rhel_extras:6 RHSA-2013:0625 2013-03-11T00:00:00Z
java-1.7.0-ibm-1:1.7.0.4.0-1jpp.2.el6_4 cpe:/a:redhat:rhel_extras:6 RHSA-2013:0626 2013-03-11T00:00:00Z

No data.

Advisories
Source ID Title
EUVD EUVD EUVD-2013-0445 Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.2_40 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality via vectors related to JAXP. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to the public declaration of the loadPropertyFile method in the JAXP FuncSystemProperty class, which allows remote attackers to obtain sensitive information.
Ubuntu USN Ubuntu USN USN-1724-1 OpenJDK vulnerabilities
Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=907453 cve-icon cve-icon
http://icedtea.classpath.org/hg/release/icedtea6-1.11/file/icedtea6-1.11.6/NEWS cve-icon cve-icon
http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jaxp/rev/91fcc41a0b4b cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00014.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00001.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00034.html cve-icon cve-icon
http://marc.info/?l=bugtraq&m=136439120408139&w=2 cve-icon cve-icon
http://marc.info/?l=bugtraq&m=136570436423916&w=2 cve-icon cve-icon
http://marc.info/?l=bugtraq&m=136733161405818&w=2 cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2013-0236.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2013-0237.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2013-0245.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2013-0246.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2013-0247.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2013-1455.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2013-1456.html cve-icon cve-icon
http://security.gentoo.org/glsa/glsa-201406-32.xml cve-icon cve-icon
http://www.kb.cert.org/vuls/id/858729 cve-icon cve-icon
http://www.mandriva.com/security/advisories?name=MDVSA-2013:095 cve-icon cve-icon
http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html cve-icon cve-icon cve-icon
http://www.securityfocus.com/bid/57730 cve-icon cve-icon
http://www.us-cert.gov/cas/techalerts/TA13-032A.html cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2013-0434 cve-icon
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16528 cve-icon cve-icon
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19272 cve-icon cve-icon
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19430 cve-icon cve-icon
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19505 cve-icon cve-icon
https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0056 cve-icon cve-icon
https://www.cve.org/CVERecord?id=CVE-2013-0434 cve-icon
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: oracle

Published:

Updated: 2024-08-06T14:25:10.232Z

Reserved: 2012-12-07T00:00:00

Link: CVE-2013-0434

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Deferred

Published: 2013-02-02T00:55:01.927

Modified: 2025-04-11T00:51:21.963

Link: CVE-2013-0434

cve-icon Redhat

Severity : Moderate

Publid Date: 2013-02-01T00:00:00Z

Links: CVE-2013-0434 - Bugzilla

cve-icon OpenCVE Enrichment

No data.