VulnerableCode Vulnerability Details

Search for vulnerabilities

System	Score	Found at
epss	0.91998	https://api.first.org/data/v1/epss?cve=CVE-2013-2460
epss	0.91998	https://api.first.org/data/v1/epss?cve=CVE-2013-2460
epss	0.91998	https://api.first.org/data/v1/epss?cve=CVE-2013-2460
epss	0.92346	https://api.first.org/data/v1/epss?cve=CVE-2013-2460
epss	0.92346	https://api.first.org/data/v1/epss?cve=CVE-2013-2460
epss	0.92346	https://api.first.org/data/v1/epss?cve=CVE-2013-2460
epss	0.92346	https://api.first.org/data/v1/epss?cve=CVE-2013-2460
epss	0.92346	https://api.first.org/data/v1/epss?cve=CVE-2013-2460
epss	0.92346	https://api.first.org/data/v1/epss?cve=CVE-2013-2460
epss	0.92389	https://api.first.org/data/v1/epss?cve=CVE-2013-2460

System

Score

Found at

epss

0.91998

https://api.first.org/data/v1/epss?cve=CVE-2013-2460

epss

0.91998

https://api.first.org/data/v1/epss?cve=CVE-2013-2460

epss

0.91998

https://api.first.org/data/v1/epss?cve=CVE-2013-2460

epss

0.92346

https://api.first.org/data/v1/epss?cve=CVE-2013-2460

epss

0.92346

https://api.first.org/data/v1/epss?cve=CVE-2013-2460

epss

0.92346

https://api.first.org/data/v1/epss?cve=CVE-2013-2460

epss

0.92346

https://api.first.org/data/v1/epss?cve=CVE-2013-2460

epss

0.92346

https://api.first.org/data/v1/epss?cve=CVE-2013-2460

epss

0.92346

https://api.first.org/data/v1/epss?cve=CVE-2013-2460

epss

0.92389

https://api.first.org/data/v1/epss?cve=CVE-2013-2460

Reference id

Reference type

URL

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2460.json

https://api.first.org/data/v1/epss?cve=CVE-2013-2460

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1500

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2407

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2412

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2443

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2444

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2445

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2446

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2447

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2448

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2449

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2450

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2451

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2452

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2453

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2454

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2455

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2456

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2457

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2458

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2459

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2460

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2461

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2463

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2465

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2469

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2470

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2471

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2472

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2473

975122

https://bugzilla.redhat.com/show_bug.cgi?id=975122

CVE-2013-2460;OSVDB-94346

Exploit

https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/26529.rb

RHSA-2013:0957

https://access.redhat.com/errata/RHSA-2013:0957

RHSA-2013:0958

https://access.redhat.com/errata/RHSA-2013:0958

RHSA-2013:0963

https://access.redhat.com/errata/RHSA-2013:0963

RHSA-2013:1060

https://access.redhat.com/errata/RHSA-2013:1060

USN-1907-1

https://usn.ubuntu.com/1907-1/

Data source	Metasploit
Description	This module abuses the insecure invoke() method of the ProviderSkeleton class that allows to call arbitrary static methods with user supplied arguments. The vulnerability affects Java version 7u21 and earlier.
Note	Reliability: - unknown-reliability Stability: - unknown-stability SideEffects: - unknown-side-effects
Ransomware campaign use	Unknown
Source publication date	June 18, 2013
Platform	Java,Linux,OSX,Windows
Source URL	https://github.com/rapid7/metasploit-framework/tree/master/modules/exploits/multi/browser/java_jre17_provider_skeleton.rb

Metasploit

This module abuses the insecure invoke() method of the ProviderSkeleton class that allows to call arbitrary static methods with user supplied arguments. The vulnerability affects Java version 7u21 and earlier.

Reliability:
  - unknown-reliability
Stability:
  - unknown-stability
SideEffects:
  - unknown-side-effects

Unknown

June 18, 2013

Java,Linux,OSX,Windows

https://github.com/rapid7/metasploit-framework/tree/master/modules/exploits/multi/browser/java_jre17_provider_skeleton.rb

Data source	Exploit-DB
Date added	July 1, 2013
Description	Java Applet - ProviderSkeleton Insecure Invoke Method (Metasploit)
Ransomware campaign use	Known
Source publication date	July 1, 2013
Exploit type	remote
Platform	multiple
Source update date	July 1, 2013

Exploit-DB

July 1, 2013

Java Applet - ProviderSkeleton Insecure Invoke Method (Metasploit)

Known

July 1, 2013

remote

multiple

July 1, 2013

Date	Actor	Action	Source	VulnerableCode Version
2025-07-31T08:39:34.660077+00:00	Ubuntu USN Importer	Import	https://usn.ubuntu.com/1907-1/	37.0.0

2025-07-31T08:39:34.660077+00:00

Ubuntu USN Importer

Import

https://usn.ubuntu.com/1907-1/

37.0.0

Vulnerability ID	VCID-fpmx-4yjq-5udf
Aliases	CVE-2013-2460
Summary
Status	Published
Exploitability	2.0
Weighted Severity	0.8
Risk	1.6
Affected and Fixed Packages	Package Details

Percentile	0.99689
EPSS Score	0.91998
Published At	Aug. 8, 2025, 12:55 p.m.