Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2013-1571 | First vendor Publication | 2013-06-18 |
| Vendor | Cve | Last vendor Modification | 2024-11-21 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:M/Au:N/C:N/I:P/A:N) | |||
|---|---|---|---|
| Cvss Base Score | 4.3 | Attack Range | Network |
| Cvss Impact Score | 2.9 | Attack Complexity | Medium |
| Cvss Expoit Score | 8.6 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Unspecified vulnerability in the Javadoc component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier; JavaFX 2.2.21 and earlier; and OpenJDK 7 allows remote attackers to affect integrity via unknown vectors related to Javadoc. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to frame injection in HTML that is generated by Javadoc. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1571 |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:17215 | |||
| Oval ID: | oval:org.mitre.oval:def:17215 | ||
| Title: | Unspecified vulnerability in the Javadoc component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, 5.0 Update 45 and earlier, and JavaFX 2.2.21 and earlier allows remote attackers to affect integrity via unknown vectors related to Javadoc. | ||
| Description: | Unspecified vulnerability in the Javadoc component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier; JavaFX 2.2.21 and earlier; and OpenJDK 7 allows remote attackers to affect integrity via unknown vectors related to Javadoc. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to frame injection in HTML that is generated by Javadoc. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-1571 | Version: | 8 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Java Runtime Environment JavaFX |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:19518 | |||
| Oval ID: | oval:org.mitre.oval:def:19518 | ||
| Title: | HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities | ||
| Description: | Unspecified vulnerability in the Javadoc component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier; JavaFX 2.2.21 and earlier; and OpenJDK 7 allows remote attackers to affect integrity via unknown vectors related to Javadoc. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to frame injection in HTML that is generated by Javadoc. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2013-1571 | Version: | 11 |
| Platform(s): | HP-UX 11 | Product(s): | |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
Information Assurance Vulnerability Management (IAVM)
| Date | Description |
|---|---|
| 2014-02-27 | IAVM : 2014-B-0019 - Multiple Vulnerabilities in Apache Tomcat Severity : Category I - VMSKEY : V0044527 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2014-01-10 | Oracle Javadoc generated frame replacement attempt RuleID : 26994 - Revision : 4 - Type : BROWSER-PLUGINS |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2016-03-04 | Name : The remote VMware ESX / ESXi host is missing a security-related patch. File : vmware_esx_VMSA-2013-0012_remote.nasl - Type : ACT_GATHER_INFO |
| 2015-01-19 | Name : The remote Solaris system is missing a security patch for third-party software. File : solaris11_tomcat_20140522.nasl - Type : ACT_GATHER_INFO |
| 2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0414.nasl - Type : ACT_GATHER_INFO |
| 2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1456.nasl - Type : ACT_GATHER_INFO |
| 2014-11-08 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1455.nasl - Type : ACT_GATHER_INFO |
| 2014-06-30 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201406-32.nasl - Type : ACT_GATHER_INFO |
| 2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-622.nasl - Type : ACT_GATHER_INFO |
| 2014-06-06 | Name : The version of IBM Tivoli Directory Server is affected by a frame injection v... File : tivoli_directory_svr_63025.nasl - Type : ACT_GATHER_INFO |
| 2014-02-25 | Name : The remote Apache Tomcat server is affected by multiple vulnerabilities. File : tomcat_6_0_39.nasl - Type : ACT_GATHER_INFO |
| 2014-02-20 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2014-042.nasl - Type : ACT_GATHER_INFO |
| 2014-01-27 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201401-30.nasl - Type : ACT_GATHER_INFO |
| 2014-01-08 | Name : The remote host has software installed that is affected by multiple vulnerabi... File : lotus_domino_9_0_1.nasl - Type : ACT_GATHER_INFO |
| 2014-01-08 | Name : The remote server is affected by multiple vulnerabilities. File : domino_9_0_1.nasl - Type : ACT_GATHER_INFO |
| 2013-11-04 | Name : The remote host has software installed that is affected by multiple vulnerabi... File : lotus_notes_8_5_3_fp5.nasl - Type : ACT_GATHER_INFO |
| 2013-11-04 | Name : The remote host has software installed that is affected by multiple vulnerabi... File : lotus_domino_8_5_3_fp5.nasl - Type : ACT_GATHER_INFO |
| 2013-11-04 | Name : The remote server is affected by multiple vulnerabilities. File : domino_8_5_3fp5.nasl - Type : ACT_GATHER_INFO |
| 2013-10-25 | Name : The remote host has a virtualization management application installed that is... File : vmware_vcenter_vmsa-2013-0012.nasl - Type : ACT_GATHER_INFO |
| 2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-207.nasl - Type : ACT_GATHER_INFO |
| 2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-204.nasl - Type : ACT_GATHER_INFO |
| 2013-07-28 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2727.nasl - Type : ACT_GATHER_INFO |
| 2013-07-26 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_7_0-ibm-130723.nasl - Type : ACT_GATHER_INFO |
| 2013-07-26 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_7_0-openjdk-130719.nasl - Type : ACT_GATHER_INFO |
| 2013-07-26 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-ibm-130723.nasl - Type : ACT_GATHER_INFO |
| 2013-07-24 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1908-1.nasl - Type : ACT_GATHER_INFO |
| 2013-07-24 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_java-1_6_0-openjdk-130718.nasl - Type : ACT_GATHER_INFO |
| 2013-07-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1081.nasl - Type : ACT_GATHER_INFO |
| 2013-07-17 | Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1907-2.nasl - Type : ACT_GATHER_INFO |
| 2013-07-17 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1907-1.nasl - Type : ACT_GATHER_INFO |
| 2013-07-16 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2722.nasl - Type : ACT_GATHER_INFO |
| 2013-07-16 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1059.nasl - Type : ACT_GATHER_INFO |
| 2013-07-16 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1060.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0958.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-1014.nasl - Type : ACT_GATHER_INFO |
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0957.nasl - Type : ACT_GATHER_INFO |
| 2013-07-05 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130703_java_1_6_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2013-07-05 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-1014.nasl - Type : ACT_GATHER_INFO |
| 2013-07-05 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-1014.nasl - Type : ACT_GATHER_INFO |
| 2013-06-28 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2013-183.nasl - Type : ACT_GATHER_INFO |
| 2013-06-21 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130620_java_1_7_0_openjdk_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
| 2013-06-21 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130620_java_1_7_0_openjdk_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2013-06-21 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0958.nasl - Type : ACT_GATHER_INFO |
| 2013-06-21 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0957.nasl - Type : ACT_GATHER_INFO |
| 2013-06-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0963.nasl - Type : ACT_GATHER_INFO |
| 2013-06-20 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0957.nasl - Type : ACT_GATHER_INFO |
| 2013-06-20 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0958.nasl - Type : ACT_GATHER_INFO |
| 2013-06-20 | Name : The remote Unix host contains a programming platform that is potentially affe... File : oracle_java_cpu_jun_2013_unix.nasl - Type : ACT_GATHER_INFO |
| 2013-06-19 | Name : The remote Windows host contains a programming platform that is potentially a... File : oracle_java_cpu_jun_2013.nasl - Type : ACT_GATHER_INFO |
| 2013-06-19 | Name : The remote host has a version of Java that is affected by multiple vulnerabil... File : macosx_java_2013-004.nasl - Type : ACT_GATHER_INFO |
| 2013-06-19 | Name : The remote host has a version of Java that is affected by multiple vulnerabil... File : macosx_java_10_6_update16.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
| Date | Informations |
|---|---|
| 2024-11-28 12:34:06 |
|
| 2024-08-02 12:23:05 |
|
| 2024-08-02 01:06:49 |
|
| 2024-07-25 01:21:20 |
|
| 2024-06-29 01:20:30 |
|
| 2024-04-02 01:20:20 |
|
| 2024-02-02 01:22:25 |
|
| 2024-02-01 12:06:36 |
|
| 2023-11-07 21:46:05 |
|
| 2023-09-05 12:21:11 |
|
| 2023-09-05 01:06:30 |
|
| 2023-09-02 12:21:12 |
|
| 2023-09-02 01:06:36 |
|
| 2023-08-22 12:18:54 |
|
| 2023-03-28 12:06:40 |
|
| 2022-10-11 01:06:18 |
|
| 2022-05-14 09:28:01 |
|
| 2022-05-14 00:28:02 |
|
| 2022-05-13 21:28:10 |
|
| 2022-01-22 01:13:56 |
|
| 2021-09-23 01:12:21 |
|
| 2021-07-27 01:11:57 |
|
| 2021-05-05 01:12:22 |
|
| 2021-05-04 12:24:24 |
|
| 2021-04-22 01:29:13 |
|
| 2020-10-27 01:17:23 |
|
| 2020-09-09 12:09:03 |
|
| 2020-09-09 01:09:24 |
|
| 2020-07-17 01:08:32 |
|
| 2020-05-24 01:10:49 |
|
| 2020-05-23 00:36:33 |
|
| 2019-07-31 12:05:28 |
|
| 2019-05-10 12:05:17 |
|
| 2019-04-15 21:18:58 |
|
| 2019-04-15 17:18:44 |
|
| 2019-03-25 17:18:58 |
|
| 2019-03-21 21:19:10 |
|
| 2018-10-30 12:05:45 |
|
| 2018-10-23 12:04:35 |
|
| 2018-07-25 12:03:42 |
|
| 2018-04-28 12:01:00 |
|
| 2018-02-02 12:02:06 |
|
| 2018-01-05 09:23:16 |
|
| 2017-11-29 09:21:43 |
|
| 2017-10-25 12:00:55 |
|
| 2017-09-19 09:25:54 |
|
| 2017-08-16 09:22:52 |
|
| 2017-08-13 09:23:33 |
|
| 2017-05-12 12:04:32 |
|
| 2017-02-10 12:00:38 |
|
| 2016-11-01 12:04:09 |
|
| 2016-07-27 12:00:41 |
|
| 2016-06-28 19:22:34 |
|
| 2016-04-26 22:58:43 |
|
| 2016-03-05 13:26:42 |
|
| 2015-01-21 13:26:03 |
|
| 2014-11-08 13:30:39 |
|
| 2014-10-04 13:30:21 |
|
| 2014-07-01 13:25:11 |
|
| 2014-06-14 13:34:50 |
|
| 2014-06-07 13:23:17 |
|
| 2014-02-28 17:19:11 |
|
| 2014-02-26 13:21:13 |
|
| 2014-02-21 13:21:07 |
|
| 2014-02-17 11:17:55 |
|
| 2014-02-07 13:20:18 |
|
| 2014-01-30 13:19:17 |
|
| 2014-01-19 21:29:16 |
|
| 2014-01-08 13:19:28 |
|
| 2013-12-31 13:19:16 |
|
| 2013-12-05 17:19:53 |
|
| 2013-11-04 21:26:19 |
|
| 2013-10-31 13:20:00 |
|
| 2013-09-12 13:20:06 |
|
| 2013-08-22 17:19:44 |
|
| 2013-08-20 17:22:39 |
|
| 2013-08-16 13:22:06 |
|
| 2013-08-16 00:19:45 |
|
| 2013-07-24 13:19:36 |
|
| 2013-06-27 13:20:06 |
|
| 2013-06-20 00:18:43 |
|
| 2013-06-19 13:19:02 |
|
