{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2013-10-15T00:00:00", "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-09-18T12:57:01", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle"}, "references": [{"name": "RHSA-2013:1440", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"}, {"name": "SUSE-SU-2013:1677", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"}, {"name": "oval:org.mitre.oval:def:18607", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18607"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"}, {"name": "RHSA-2013:1507", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"}, {"name": "56338", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/56338"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert_us@oracle.com", "ID": "CVE-2013-5788", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "RHSA-2013:1440", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"}, {"name": "SUSE-SU-2013:1677", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"}, {"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"}, {"name": "oval:org.mitre.oval:def:18607", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18607"}, {"name": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"}, {"name": "RHSA-2013:1507", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"}, {"name": "56338", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/56338"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T17:22:30.628Z"}, "title": "CVE Program Container", "references": [{"name": "RHSA-2013:1440", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"}, {"name": "SUSE-SU-2013:1677", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"}, {"name": "oval:org.mitre.oval:def:18607", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18607"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"}, {"name": "RHSA-2013:1507", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"}, {"name": "56338", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/56338"}]}]}, "cveMetadata": {"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2013-5788", "datePublished": "2013-10-16T15:00:00", "dateReserved": "2013-09-18T00:00:00", "dateUpdated": "2024-08-06T17:22:30.628Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oracle:jdk:*:*:*:*:*:*:*:*", "matchCriteriaId": "8586C281-5388-4B7A-AB6B-52804472D9F5", "versionEndExcluding": "1.7.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:-:*:*:*:*:*:*", "matchCriteriaId": "ACABC935-5DD6-4F85-992E-70AD517EF41D", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*", "matchCriteriaId": "6152036D-6421-4AE4-9223-766FE07B5A44", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update10:*:*:*:*:*:*", "matchCriteriaId": "FE8B0935-6637-413D-B896-28E0ED7F2CEC", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update11:*:*:*:*:*:*", "matchCriteriaId": "30B480BC-0886-4B19-B0A5-57B531077F40", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update13:*:*:*:*:*:*", "matchCriteriaId": "7FA1990D-BBC2-429C-872C-6150459516B1", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update15:*:*:*:*:*:*", "matchCriteriaId": "8DC2887E-610B-42FE-9A96-1E2F01BF17A3", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update17:*:*:*:*:*:*", "matchCriteriaId": "130849CD-A581-4FE6-B2AA-99134F16FE65", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*", "matchCriteriaId": "D375CECB-405C-4E18-A7E8-9C5A2F97BD69", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update21:*:*:*:*:*:*", "matchCriteriaId": "50AF5AE9-5314-4CE7-95A7-CE6D1B036D23", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update25:*:*:*:*:*:*", "matchCriteriaId": "1B10B19C-FA60-4CD5-AA61-A9791F6CECA8", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*", "matchCriteriaId": "52EEEA5A-E77C-43CF-A063-9D5C64EA1870", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*", "matchCriteriaId": "003746F6-DEF0-4D0F-AD97-9E335868E301", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update5:*:*:*:*:*:*", "matchCriteriaId": "CF830E0E-0169-4B6A-81FF-2E9FCD7D913B", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update6:*:*:*:*:*:*", "matchCriteriaId": "6BAE3670-0938-480A-8472-DFF0B3A0D0BF", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update7:*:*:*:*:*:*", "matchCriteriaId": "0EC967FF-26A6-4498-BC09-EC23B2B75CBA", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update9:*:*:*:*:*:*", "matchCriteriaId": "02781457-4E40-46A9-A5F7-945232A8C2B1", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*", "matchCriteriaId": "3BD83469-FDD0-499F-AA08-88D555BDB350", "versionEndExcluding": "1.7.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:-:*:*:*:*:*:*", "matchCriteriaId": "DFAA351A-93CD-46A8-A480-CE2783CCD620", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*", "matchCriteriaId": "F4B153FD-E20B-4909-8B10-884E48F5B590", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update10:*:*:*:*:*:*", "matchCriteriaId": "F21933FB-A27C-4AF3-9811-2DE28484A5A6", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update11:*:*:*:*:*:*", "matchCriteriaId": "B2B20041-EB5D-4FA4-AC7D-C35E7878BCFD", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update13:*:*:*:*:*:*", "matchCriteriaId": "F3C3C9C7-73AE-4B1D-AA85-C7F5330A4DE6", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update15:*:*:*:*:*:*", "matchCriteriaId": "1D8BB8D7-D5EC-42D6-BEAA-CB03D1D6513E", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update17:*:*:*:*:*:*", "matchCriteriaId": "37B5B98B-0E41-4397-8AB0-C18C6F10AED1", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*", "matchCriteriaId": "CB106FA9-26CE-48C5-AEA5-FD1A5454AEE2", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update21:*:*:*:*:*:*", "matchCriteriaId": "4FF6C211-AD55-40FE-9130-77164E586F62", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update25:*:*:*:*:*:*", "matchCriteriaId": "F40DB141-E5B3-4EC2-9E2F-2E27414FCCB1", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*", "matchCriteriaId": "5831D70B-3854-4CB8-B88D-40F1743DAEE0", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*", "matchCriteriaId": "EEB101C9-CA38-4421-BC0C-C1AD47AA2CC9", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*", "matchCriteriaId": "BA302DF3-ABBB-4262-B206-4C0F7B5B1E91", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*", "matchCriteriaId": "F9A8EBCB-5E6A-42F0-8D07-F3A3D1C850F0", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update7:*:*:*:*:*:*", "matchCriteriaId": "0CD8A54E-185B-4D34-82EF-C0C05739EC12", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update9:*:*:*:*:*:*", "matchCriteriaId": "4FFC7F0D-1F32-4235-8359-277CE41382DF", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment."}, {"lang": "es", "value": "Vulnerabilidad no especificada en Oracle Java SE 7u40 y anteriores y Java SE Embedded 7u40 y anteriores permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a trav\u00e9s de vectores desconocidos relacionados con Deployment."}], "evaluatorComment": "Per: http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html\n\n\n\n\"Applies to client deployment of Java only. This vulnerability can be exploited only through sandboxed Java Web Start applications and sandboxed Java applets.\"", "id": "CVE-2013-5788", "lastModified": "2024-04-01T15:50:29.317", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2013-10-16T15:55:34.587", "references": [{"source": "secalert_us@oracle.com", "tags": ["Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"}, {"source": "secalert_us@oracle.com", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"}, {"source": "secalert_us@oracle.com", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"}, {"source": "secalert_us@oracle.com", "tags": ["Not Applicable"], "url": "http://secunia.com/advisories/56338"}, {"source": "secalert_us@oracle.com", "tags": ["Third Party Advisory"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"}, {"source": "secalert_us@oracle.com", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"}, {"source": "secalert_us@oracle.com", "tags": ["Broken Link"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18607"}], "sourceIdentifier": "secalert_us@oracle.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2013:1440", "cpe": "cpe:/a:redhat:rhel_extras:5", "package": "java-1.7.0-oracle-1:1.7.0.45-1jpp.1.el5_10", "product_name": "Supplementary for Red Hat Enterprise Linux 5", "release_date": "2013-10-17T00:00:00Z"}, {"advisory": "RHSA-2013:1507", "cpe": "cpe:/a:redhat:rhel_extras:5", "package": "java-1.7.0-ibm-1:1.7.0.6.0-1jpp.1.el5_10", "product_name": "Supplementary for Red Hat Enterprise Linux 5", "release_date": "2013-11-07T00:00:00Z"}, {"advisory": "RHSA-2013:1440", "cpe": "cpe:/a:redhat:rhel_extras:6", "package": "java-1.7.0-oracle-1:1.7.0.45-1jpp.2.el6_4", "product_name": "Supplementary for Red Hat Enterprise Linux 6", "release_date": "2013-10-17T00:00:00Z"}, {"advisory": "RHSA-2013:1507", "cpe": "cpe:/a:redhat:rhel_extras:6", "package": "java-1.7.0-ibm-1:1.7.0.6.0-1jpp.1.el6_4", "product_name": "Supplementary for Red Hat Enterprise Linux 6", "release_date": "2013-11-07T00:00:00Z"}], "bugzilla": {"description": "JDK: unspecified vulnerability fixed in 7u45 (Deployment)", "id": "1019692", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1019692"}, "csaw": false, "cvss": {"cvss_base_score": "6.8", "cvss_scoring_vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "status": "verified"}, "details": ["Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment."], "name": "CVE-2013-5788", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "java-1.5.0-ibm", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "java-1.6.0-ibm", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "java-1.5.0-ibm", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "java-1.6.0-ibm", "product_name": "Red Hat Enterprise Linux 6"}], "public_date": "2013-10-15T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2013-5788\nhttps://nvd.nist.gov/vuln/detail/CVE-2013-5788\nhttp://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"], "threat_severity": "Critical"}