CVE-2013-1571

Oracle Java SE <7.21,6<45,5<45 - Info Disclosure

Title source: llm

Description

Unspecified vulnerability in the Javadoc component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier; JavaFX 2.2.21 and earlier; and OpenJDK 7 allows remote attackers to affect integrity via unknown vectors related to Javadoc. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to frame injection in HTML that is generated by Javadoc.

References (38)

Core 38

Core References

Vendor Advisory vendor-advisory x_refsource_redhat

http://rhn.redhat.com/errata/RHSA-2013-1060.html

Vendor Advisory vendor-advisory x_refsource_redhat

http://rhn.redhat.com/errata/RHSA-2013-1455.html

Vendor Advisory vendor-advisory x_refsource_redhat

http://rhn.redhat.com/errata/RHSA-2013-1059.html

Vendor Advisory vendor-advisory x_refsource_redhat

http://rhn.redhat.com/errata/RHSA-2013-1081.html

Vendor Advisory vendor-advisory x_refsource_redhat

http://rhn.redhat.com/errata/RHSA-2013-0963.html

Vendor Advisory vendor-advisory x_refsource_redhat

http://rhn.redhat.com/errata/RHSA-2013-1456.html

Mailing List vendor-advisory x_refsource_hp

http://marc.info/?l=bugtraq&m=137545592101387&w=2

Vendor Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2014:0414

Third Party Advisory vendor-advisory x_refsource_gentoo

http://security.gentoo.org/glsa/glsa-201406-32.xml

Vendor Advisory x_refsource_confirm

http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html

Mailing List vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html

Patch x_refsource_confirm

https://bugzilla.redhat.com/show_bug.cgi?id=973474

Mailing List vendor-advisory x_refsource_hp

http://marc.info/?l=bugtraq&m=137545505800971&w=2

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/54154

Vendor Advisory vendor-advisory x_refsource_hp

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17215

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19518

Mailing List vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html

Various Sources x_refsource_confirm

http://www-01.ibm.com/support/docview.wss?uid=swg21644197

US Government Resource third-party-advisory x_refsource_cert-vn

http://www.kb.cert.org/vuls/id/225657

Mailing List vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/60634

Exploit, Patch x_refsource_misc

http://hg.openjdk.java.net/jdk7u/jdk7u-dev/langtools/rev/17ee569d0c01

US Government Resource third-party-advisory x_refsource_cert

http://www.us-cert.gov/ncas/alerts/TA13-169A

Third Party Advisory x_refsource_confirm

http://advisories.mageia.org/MGASA-2013-0185.html

Mailing List vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19667

Vendor Advisory vendor-advisory x_refsource_mandriva

http://www.mandriva.com/security/advisories?name=MDVSA-2013:183

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19718

Various Sources x_refsource_confirm

http://www-01.ibm.com/support/docview.wss?uid=swg21642336

Mailing List vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html

Mailing List mailing-list x_refsource_mlist

https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E

Mailing List mailing-list x_refsource_mlist

https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E

Mailing List mailing-list x_refsource_mlist

https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E

Mailing List mailing-list x_refsource_mlist

https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E

Mailing List mailing-list x_refsource_mlist

https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E

Mailing List mailing-list x_refsource_mlist

https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E

Mailing List mailing-list x_refsource_mlist

https://lists.apache.org/thread.html/re0504f08000df786e51795940501e81a5d0ae981ecca68141e87ece0%40%3Ccommits.openoffice.apache.org%3E

Scores

EPSS 0.2660

EPSS Percentile 96.4%

Details

Status published

Products (16)

oracle/javafx 2.0

oracle/javafx 2.0.2

oracle/javafx 2.0.3

oracle/javafx 2.1

oracle/javafx 2.2

oracle/javafx 2.2.3

oracle/javafx 2.2.4

oracle/javafx 2.2.5

oracle/javafx 2.2.7

oracle/javafx < 2.2.21

... and 6 more

Published Jun 18, 2013

Tracked Since Feb 18, 2026