Executive Summary

Informations
Name CVE-2013-2433 First vendor Publication 2013-04-17
Vendor Cve Last vendor Modification 2022-05-13

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:N/I:P/A:N)
Cvss Base Score 4.3 Attack Range Network
Cvss Impact Score 2.9 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-1540.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2433

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:16454
 
Oval ID: oval:org.mitre.oval:def:16454
Title: Vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and before and 6 Update 43 and before. Difficult to exploit vulnerability allows successful unauthenticated network attacks via multiple protocols. Successful attack of this vulnerability can result in unauthorized update, insert or delete access to some Java Runtime Environment accessible data.
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-1540.
Family: windows Class: vulnerability
Reference(s): CVE-2013-2433
 Version: 4
Platform(s): Microsoft Windows 2000
Microsoft Windows XP
Microsoft Windows Vista
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
 Product(s): Java Runtime Environment
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19461
 
Oval ID: oval:org.mitre.oval:def:19461
Title: HP-UX Running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-1540.
Family: unix Class: vulnerability
Reference(s): CVE-2013-2433
 Version: 12
Platform(s): HP-UX 11
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19577
 
Oval ID: oval:org.mitre.oval:def:19577
Title: HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-1540.
Family: unix Class: vulnerability
Reference(s): CVE-2013-2433
 Version: 12
Platform(s): HP-UX 11
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19589
 
Oval ID: oval:org.mitre.oval:def:19589
Title: HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-1540.
Family: unix Class: vulnerability
Reference(s): CVE-2013-2433
 Version: 12
Platform(s): HP-UX 11
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25093
 
Oval ID: oval:org.mitre.oval:def:25093
Title: SUSE-SU-2013:0835-1 -- Security update for IBM Java
Description: IBM Java 1.6.0 has been updated to SR13-FP2 fixing bugs and security issues. [http://www.ibm.com/developerworks/java/jdk/alerts/)(http:// www.ibm.com/developerworks/java/jdk/alerts/)
Family: unix Class: patch
Reference(s): SUSE-SU-2013:0835-1
CVE-2013-2422
CVE-2013-1491
CVE-2013-2435
CVE-2013-2420
CVE-2013-2432
CVE-2013-1569
CVE-2013-2384
CVE-2013-2383
CVE-2013-1557
CVE-2013-1537
CVE-2013-2440
CVE-2013-2429
CVE-2013-2430
CVE-2013-1563
CVE-2013-2394
CVE-2013-0401
CVE-2013-2424
CVE-2013-2419
CVE-2013-2417
CVE-2013-2418
CVE-2013-1540
CVE-2013-2433
 Version: 3
Platform(s): SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Server 10
 Product(s): IBM Java
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25563
 
Oval ID: oval:org.mitre.oval:def:25563
Title: SUSE-SU-2013:0835-2 -- Security update for Java 1.5.0
Description: IBM Java 1.5.0 has been updated to SR13-FP2 which fixes several bugs and security issues.
Family: unix Class: patch
Reference(s): SUSE-SU-2013:0835-2
CVE-2013-2422
CVE-2013-1491
CVE-2013-2435
CVE-2013-2420
CVE-2013-2432
CVE-2013-1569
CVE-2013-2384
CVE-2013-2383
CVE-2013-1557
CVE-2013-1537
CVE-2013-2440
CVE-2013-2429
CVE-2013-2430
CVE-2013-1563
CVE-2013-2394
CVE-2013-0401
CVE-2013-2424
CVE-2013-2419
CVE-2013-2417
CVE-2013-2418
CVE-2013-1540
CVE-2013-2433
 Version: 3
Platform(s): SUSE Linux Enterprise Server 10
SUSE Linux Enterprise Desktop 10
 Product(s): Java 1.5.0
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25669
 
Oval ID: oval:org.mitre.oval:def:25669
Title: SUSE-SU-2013:0871-2 -- Security update for IBM Java
Description: IBM Java 1.7.0 has been updated to SR4-FP2 which fixes bugs and security issues. http://www.ibm.com/developerworks/java/jdk/alerts/ <http://www.ibm.com/developerworks/java/jdk/alerts/>
Family: unix Class: patch
Reference(s): SUSE-SU-2013:0871-2
CVE-2013-2422
CVE-2013-1491
CVE-2013-2435
CVE-2013-2420
CVE-2013-2432
CVE-2013-1569
CVE-2013-2384
CVE-2013-2383
CVE-2013-1557
CVE-2013-1537
CVE-2013-2440
CVE-2013-2429
CVE-2013-2430
CVE-2013-1563
CVE-2013-2394
CVE-2013-0401
CVE-2013-2424
CVE-2013-2419
CVE-2013-2417
CVE-2013-2418
CVE-2013-1540
CVE-2013-2433
 Version: 3
Platform(s): SUSE Linux Enterprise Server 11
 Product(s): IBM Java
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25791
 
Oval ID: oval:org.mitre.oval:def:25791
Title: SUSE-SU-2013:0871-1 -- Security update for IBM Java 1.7.0
Description: IBM Java 1.7.0 has been updated to SR4-FP2 which fixes several bugs and security issues. http://www.ibm.com/developerworks/java/jdk/alerts/ <http://www.ibm.com/developerworks/java/jdk/alerts/>
Family: unix Class: patch
Reference(s): SUSE-SU-2013:0871-1
CVE-2013-2422
CVE-2013-1491
CVE-2013-2435
CVE-2013-2420
CVE-2013-2432
CVE-2013-1569
CVE-2013-2384
CVE-2013-2383
CVE-2013-1557
CVE-2013-1537
CVE-2013-2440
CVE-2013-2429
CVE-2013-2430
CVE-2013-1563
CVE-2013-2394
CVE-2013-0401
CVE-2013-2424
CVE-2013-2419
CVE-2013-2417
CVE-2013-2418
CVE-2013-1540
CVE-2013-2433
 Version: 3
Platform(s): SUSE Linux Enterprise Server 11
 Product(s): IBM Java 1.7.0
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26021
 
Oval ID: oval:org.mitre.oval:def:26021
Title: SUSE-SU-2013:0835-3 -- Security update for IBM Java
Description: IBM Java 1.6.0 has been updated to SR13-FP2 which fixes bugs and security issues. http://www.ibm.com/developerworks/java/jdk/alerts/ <http://www.ibm.com/developerworks/java/jdk/alerts/>
Family: unix Class: patch
Reference(s): SUSE-SU-2013:0835-3
CVE-2013-2422
CVE-2013-1491
CVE-2013-2435
CVE-2013-2420
CVE-2013-2432
CVE-2013-1569
CVE-2013-2384
CVE-2013-2383
CVE-2013-1557
CVE-2013-1537
CVE-2013-2440
CVE-2013-2429
CVE-2013-2430
CVE-2013-1563
CVE-2013-2394
CVE-2013-0401
CVE-2013-2424
CVE-2013-2419
CVE-2013-2417
CVE-2013-2418
CVE-2013-1540
CVE-2013-2433
 Version: 3
Platform(s): SUSE Linux Enterprise Server 11
 Product(s): IBM Java
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 269
Application 189
Application 21
Application 21

Nessus® Vulnerability Scanner

Date Description
2014-11-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1455.nasl - Type : ACT_GATHER_INFO
2014-11-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-1456.nasl - Type : ACT_GATHER_INFO
2014-01-27 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201401-30.nasl - Type : ACT_GATHER_INFO
2014-01-08 Name : The remote server is affected by multiple vulnerabilities.
File : domino_9_0_1.nasl - Type : ACT_GATHER_INFO
2014-01-08 Name : The remote host has software installed that is affected by multiple vulnerabi...
File : lotus_domino_9_0_1.nasl - Type : ACT_GATHER_INFO
2013-11-04 Name : The remote server is affected by multiple vulnerabilities.
File : domino_8_5_3fp5.nasl - Type : ACT_GATHER_INFO
2013-11-04 Name : The remote host has software installed that is affected by multiple vulnerabi...
File : lotus_domino_8_5_3_fp5.nasl - Type : ACT_GATHER_INFO
2013-11-04 Name : The remote host has software installed that is affected by multiple vulnerabi...
File : lotus_notes_8_5_3_fp5.nasl - Type : ACT_GATHER_INFO
2013-06-11 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_java-1_7_0-ibm-130529.nasl - Type : ACT_GATHER_INFO
2013-05-28 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_java-1_6_0-ibm-130517.nasl - Type : ACT_GATHER_INFO
2013-05-15 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-0822.nasl - Type : ACT_GATHER_INFO
2013-05-15 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-0823.nasl - Type : ACT_GATHER_INFO
2013-04-19 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-0757.nasl - Type : ACT_GATHER_INFO
2013-04-19 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2013-0758.nasl - Type : ACT_GATHER_INFO
2013-04-17 Name : The remote Windows host contains a programming platform that is potentially a...
File : oracle_java_cpu_apr_2013.nasl - Type : ACT_GATHER_INFO
2013-04-17 Name : The remote Unix host contains a programming platform that is potentially affe...
File : oracle_java_cpu_apr_2013_unix.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

Source Url
BID http://www.securityfocus.com/bid/59220
CERT http://www.us-cert.gov/ncas/alerts/TA13-107A
CONFIRM http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html
HP http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880
http://marc.info/?l=bugtraq&m=137283787217316&w=2
http://marc.info/?l=bugtraq&m=137545592101387&w=2
OVAL https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova...
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova...
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova...
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ova...
REDHAT http://rhn.redhat.com/errata/RHSA-2013-0757.html
http://rhn.redhat.com/errata/RHSA-2013-0758.html
http://rhn.redhat.com/errata/RHSA-2013-1455.html
http://rhn.redhat.com/errata/RHSA-2013-1456.html
SUSE http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00013.html
http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00001.html

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
Date Informations
2024-04-02 01:20:54
  • Multiple Updates
2024-02-02 01:23:06
  • Multiple Updates
2024-02-01 12:06:51
  • Multiple Updates
2023-09-05 12:21:49
  • Multiple Updates
2023-09-05 01:06:44
  • Multiple Updates
2023-09-02 12:21:51
  • Multiple Updates
2023-09-02 01:06:50
  • Multiple Updates
2023-08-22 12:19:34
  • Multiple Updates
2023-03-28 12:06:52
  • Multiple Updates
2022-10-11 01:06:31
  • Multiple Updates
2022-05-14 09:28:02
  • Multiple Updates
2022-05-14 00:28:03
  • Multiple Updates
2022-05-13 21:28:11
  • Multiple Updates
2022-01-22 01:14:18
  • Multiple Updates
2021-09-23 01:12:41
  • Multiple Updates
2021-07-27 01:12:19
  • Multiple Updates
2021-05-05 01:12:39
  • Multiple Updates
2021-05-04 12:25:07
  • Multiple Updates
2021-04-22 01:30:04
  • Multiple Updates
2020-10-27 01:17:52
  • Multiple Updates
2020-09-09 12:09:18
  • Multiple Updates
2020-09-09 01:09:39
  • Multiple Updates
2020-07-17 01:08:45
  • Multiple Updates
2020-05-24 01:11:14
  • Multiple Updates
2020-05-23 00:37:02
  • Multiple Updates
2019-07-31 12:05:34
  • Multiple Updates
2019-05-10 12:05:23
  • Multiple Updates
2018-10-30 12:05:53
  • Multiple Updates
2018-10-23 12:04:40
  • Multiple Updates
2018-07-25 12:03:48
  • Multiple Updates
2018-04-28 12:01:05
  • Multiple Updates
2018-02-02 12:02:11
  • Multiple Updates
2017-10-25 12:01:01
  • Multiple Updates
2017-09-19 09:25:58
  • Multiple Updates
2017-08-16 09:22:53
  • Multiple Updates
2017-05-12 12:04:37
  • Multiple Updates
2017-02-10 12:00:43
  • Multiple Updates
2016-11-01 12:04:13
  • Multiple Updates
2016-07-27 12:00:46
  • Multiple Updates
2016-06-28 19:29:35
  • Multiple Updates
2016-04-26 23:08:14
  • Multiple Updates
2014-11-08 13:30:53
  • Multiple Updates
2014-02-17 11:19:34
  • Multiple Updates
2014-01-08 13:19:33
  • Multiple Updates
2013-12-05 17:20:11
  • Multiple Updates
2013-11-04 21:26:55
  • Multiple Updates
2013-10-31 13:20:12
  • Multiple Updates
2013-10-11 13:26:22
  • Multiple Updates
2013-09-12 13:20:16
  • Multiple Updates
2013-08-22 17:20:04
  • Multiple Updates
2013-06-21 13:19:49
  • Multiple Updates
2013-06-05 13:20:32
  • Multiple Updates
2013-05-10 22:30:21
  • Multiple Updates
2013-04-18 21:20:01
  • Multiple Updates
2013-04-18 00:19:49
  • First insertion