CVE-2013-5848

Published Oct 16, 2013
Last updated a month ago
CVSS info 5.0
Overview

Description: Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, and JavaFX 2.2.40 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment.
Source: secalert_us@oracle.com
NVD status: Deferred
Risk scores

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:P/A:N
Weaknesses

nvd@nist.gov: NVD-CWE-noinfo
Hype score: Not currently trending
Evaluator

Comment: Per http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html 'Applies to client deployment of Java only. This vulnerability can be exploited only through sandboxed Java Web Start applications and sandboxed Java applets'
Impact: -
Solution: -
Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:oracle:jdk:*:update40:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5DE61035-9270-4CFE-A331-98D9203929F4",
            "versionEndIncluding": "1.7.0"
          },
          {
            "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E44FC8AF-F76F-4A8E-8D03-4F8BCA8CB031"
          },
          {
            "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6152036D-6421-4AE4-9223-766FE07B5A44"
          },
          {
            "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update10:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FE8B0935-6637-413D-B896-28E0ED7F2CEC"
          },
          {
            "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update11:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "30B480BC-0886-4B19-B0A5-57B531077F40"
          },
          {
            "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update13:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7FA1990D-BBC2-429C-872C-6150459516B1"
          },
          {
            "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update15:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8DC2887E-610B-42FE-9A96-1E2F01BF17A3"
          },
          {
            "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update17:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "130849CD-A581-4FE6-B2AA-99134F16FE65"
          },
          {
            "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D375CECB-405C-4E18-A7E8-9C5A2F97BD69"
          },
          {
            "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update21:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "50AF5AE9-5314-4CE7-95A7-CE6D1B036D23"
          },
          {
            "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update25:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1B10B19C-FA60-4CD5-AA61-A9791F6CECA8"
          },
          {
            "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "52EEEA5A-E77C-43CF-A063-9D5C64EA1870"
          },
          {
            "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "003746F6-DEF0-4D0F-AD97-9E335868E301"
          },
          {
            "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CF830E0E-0169-4B6A-81FF-2E9FCD7D913B"
          },
          {
            "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6BAE3670-0938-480A-8472-DFF0B3A0D0BF"
          },
          {
            "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update7:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0EC967FF-26A6-4498-BC09-EC23B2B75CBA"
          },
          {
            "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update9:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "02781457-4E40-46A9-A5F7-945232A8C2B1"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:oracle:jre:*:update40:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "480E1DC3-A93D-4566-A87B-0147202273CF",
            "versionEndIncluding": "1.7.0"
          },
          {
            "criteria": "cpe:2.3:a:oracle:jre:1.7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5C27372B-A091-46D5-AE39-A44BBB1D9EE2"
          },
          {
            "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F4B153FD-E20B-4909-8B10-884E48F5B590"
          },
          {
            "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update10:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F21933FB-A27C-4AF3-9811-2DE28484A5A6"
          },
          {
            "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update11:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B2B20041-EB5D-4FA4-AC7D-C35E7878BCFD"
          },
          {
            "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update13:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F3C3C9C7-73AE-4B1D-AA85-C7F5330A4DE6"
          },
          {
            "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update15:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1D8BB8D7-D5EC-42D6-BEAA-CB03D1D6513E"
          },
          {
            "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update17:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "37B5B98B-0E41-4397-8AB0-C18C6F10AED1"
          },
          {
            "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CB106FA9-26CE-48C5-AEA5-FD1A5454AEE2"
          },
          {
            "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update21:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4FF6C211-AD55-40FE-9130-77164E586F62"
          },
          {
            "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update25:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F40DB141-E5B3-4EC2-9E2F-2E27414FCCB1"
          },
          {
            "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5831D70B-3854-4CB8-B88D-40F1743DAEE0"
          },
          {
            "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EEB101C9-CA38-4421-BC0C-C1AD47AA2CC9"
          },
          {
            "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BA302DF3-ABBB-4262-B206-4C0F7B5B1E91"
          },
          {
            "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F9A8EBCB-5E6A-42F0-8D07-F3A3D1C850F0"
          },
          {
            "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update7:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0CD8A54E-185B-4D34-82EF-C0C05739EC12"
          },
          {
            "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update9:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4FFC7F0D-1F32-4235-8359-277CE41382DF"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:oracle:javafx:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "211D20FA-1F11-4B12-9B18-7A9F17CC1984",
            "versionEndIncluding": "2.2.40"
          },
          {
            "criteria": "cpe:2.3:a:oracle:javafx:2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "64BDB79F-96E0-43A4-81CD-BADF0B039006"
          },
          {
            "criteria": "cpe:2.3:a:oracle:javafx:2.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EC0E861D-AEBC-46EF-8CA6-CF7DE2518DB6"
          },
          {
            "criteria": "cpe:2.3:a:oracle:javafx:2.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EB4477BB-9B0A-4874-9A5B-1B6193DC94E4"
          },
          {
            "criteria": "cpe:2.3:a:oracle:javafx:2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BBA3A1CE-1531-426A-A600-4DD6FB63D01A"
          },
          {
            "criteria": "cpe:2.3:a:oracle:javafx:2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1E2179A9-513A-46AA-BC4D-ED988B38650F"
          },
          {
            "criteria": "cpe:2.3:a:oracle:javafx:2.2.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F37311B5-5404-435B-BBB6-76DA3EA19730"
          },
          {
            "criteria": "cpe:2.3:a:oracle:javafx:2.2.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "55CB5B80-C778-456D-8871-CA79DED61078"
          },
          {
            "criteria": "cpe:2.3:a:oracle:javafx:2.2.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "00472766-CED3-42FD-AD93-811EDBC45790"
          },
          {
            "criteria": "cpe:2.3:a:oracle:javafx:2.2.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A2598CD0-B320-4A99-B291-0D901ADCF871"
          },
          {
            "criteria": "cpe:2.3:a:oracle:javafx:2.2.21:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FAFDCE11-A697-4E2F-A803-41D02CE15917"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]
References

Sources include official advisories and independent security research.
Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Evaluator

Configurations

References
