CVE-2013-2465: Java storeImageArray() Invalid Array Indexing Vulnerability

Exploitation Summary

CVE-2013-2465 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added March 28, 2022, with confirmed use in ransomware campaigns. EIP tracks 2 public exploits from researchers including Metasploit, Unknown, sinn3r, juan vazquez, including a Metasploit module exploits/multi/browser/java_storeimagearray.

AI-analyzed exploit summary This Metasploit module exploits CVE-2013-2465, an invalid array indexing vulnerability in Java's storeImageArray() function, to achieve remote code execution by escaping the Java Sandbox. It targets Java 7u21 and earlier, delivering a malicious JAR file via an HTML page with an embedded applet.

Description

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect image channel verification" in 2D.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotemultiple

https://www.exploit-db.com/exploits/27705

View Code ZIP pw:eip

This Metasploit module exploits CVE-2013-2465, an invalid array indexing vulnerability in Java's storeImageArray() function, to achieve remote code execution by escaping the Java Sandbox. It targets Java 7u21 and earlier, delivering a malicious JAR file via an HTML page with an embedded applet.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Java Runtime Environment (JRE) 7u21 and earlier

No auth needed

Prerequisites: Victim must visit a malicious webpage hosting the exploit · Java applet must be executed in the victim's browser

MITRE ATT&CK

T1189 - Drive-by Compromise T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 18, 2026 Full analysis →

metasploit WORKING POC GREAT

by Unknown, sinn3r, juan vazquez · rubypocjava

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/browser/java_storeimagearray.rb

View Code ZIP pw:eip

This Metasploit module exploits CVE-2013-2465, an invalid array indexing vulnerability in Java's storeImageArray() function, to achieve remote code execution by escaping the Java Sandbox. It targets Java 7u21 and earlier, delivering a malicious JAR file via an HTML page with an embedded applet.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Java Runtime Environment (JRE) 7u21 and earlier

No auth needed

Prerequisites: Victim must visit a malicious webpage hosting the exploit · Java 7u21 or earlier must be installed and enabled in the browser

MITRE ATT&CK

T1189 - Drive-by Compromise T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (34)

Core 34

Core References

Third Party Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2014:0414

Third Party Advisory vendor-advisory x_refsource_gentoo

http://security.gentoo.org/glsa/glsa-201406-32.xml

Broken Link, Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/60657

Vendor Advisory x_refsource_confirm

http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html

Not Applicable third-party-advisory x_refsource_secunia

http://secunia.com/advisories/54154

Third Party Advisory, US Government Resource

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2013-2465

Third Party Advisory vendor-advisory x_refsource_redhat

http://rhn.redhat.com/errata/RHSA-2013-1455.html

Broken Link vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19455

Broken Link vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19703

Broken Link vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19074

Broken Link vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17106

Third Party Advisory, US Government Resource third-party-advisory x_refsource_cert

http://www.us-cert.gov/ncas/alerts/TA13-169A

Issue Tracking x_refsource_confirm

https://bugzilla.redhat.com/show_bug.cgi?id=975118

Third Party Advisory vendor-advisory x_refsource_redhat

http://rhn.redhat.com/errata/RHSA-2013-1456.html

Not Applicable vendor-advisory x_refsource_mandriva

http://www.mandriva.com/security/advisories?name=MDVSA-2013:183

Third Party Advisory x_refsource_confirm

http://www-01.ibm.com/support/docview.wss?uid=swg21642336

Third Party Advisory

https://www.vicarius.io/vsociety/posts/cve-2013-2465-detect-java-vulnerability

Third Party Advisory

https://www.vicarius.io/vsociety/posts/cve-2013-2465-mitigate-java-vulnerability

Third Party Advisory vendor-advisory x_refsource_redhat

http://rhn.redhat.com/errata/RHSA-2013-1060.html

Mailing List, Third Party Advisory vendor-advisory x_refsource_hp

http://marc.info/?l=bugtraq&m=137545592101387&w=2

Mailing List, Third Party Advisory vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00031.html

Mailing List, Third Party Advisory vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html

Mailing List, Third Party Advisory vendor-advisory x_refsource_hp

http://marc.info/?l=bugtraq&m=137545505800971&w=2

Mailing List, Third Party Advisory vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html

Broken Link vendor-advisory x_refsource_hp

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880

Patch x_refsource_misc

http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/2a9c79db0040

Mailing List, Third Party Advisory vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html

Third Party Advisory vendor-advisory x_refsource_redhat

http://rhn.redhat.com/errata/RHSA-2013-1059.html

Mailing List, Third Party Advisory vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html

Third Party Advisory vendor-advisory x_refsource_redhat

http://rhn.redhat.com/errata/RHSA-2013-1081.html

Broken Link x_refsource_confirm

http://advisories.mageia.org/MGASA-2013-0185.html

Third Party Advisory vendor-advisory x_refsource_redhat

http://rhn.redhat.com/errata/RHSA-2013-0963.html

Mailing List, Third Party Advisory vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html

Mailing List, Third Party Advisory vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html

CVE-2013-2465

Java storeImageArray() Invalid Array Indexing Vulnerability

Exploitation Summary

Description

Exploits (2)

References (34)

Scores

CISA SSVC

Details