VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-w3vj-xk33-aaad

Essentials
Severities (99)
References (58)
Severity details (71)
Exploits (3)
EPSS
History (0)

Vulnerability ID	VCID-w3vj-xk33-aaad
Aliases	CVE-2013-2423
Summary	CVE-2013-2423 OpenJDK: incorrect setter access checks in MethodHandles (Hostspot, 8009677)
Status	Published
Exploitability	2.0
Weighted Severity	9.0
Risk	10.0
Affected and Fixed Packages	Package Details

Weaknesses (0)

There are no known CWE.

System	Score	Found at
cvssv3.1	3.7	http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released/
cvssv3.1	3.7	http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released/
ssvc	Track	http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released/
ssvc	Track	http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released/
cvssv3.1	3.7	http://blog.spiderlabs.com/2013/04/java-is-so-confusing.html
cvssv3.1	3.7	http://blog.spiderlabs.com/2013/04/java-is-so-confusing.html
ssvc	Track	http://blog.spiderlabs.com/2013/04/java-is-so-confusing.html
ssvc	Track	http://blog.spiderlabs.com/2013/04/java-is-so-confusing.html
cvssv3.1	3.7	http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/b453d9be6b3f
cvssv3.1	3.7	http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/b453d9be6b3f
ssvc	Track	http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/b453d9be6b3f
ssvc	Track	http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/b453d9be6b3f
cvssv3.1	3.7	http://lists.opensuse.org/opensuse-updates/2013-06/msg00099.html
cvssv3.1	3.7	http://lists.opensuse.org/opensuse-updates/2013-06/msg00099.html
ssvc	Track	http://lists.opensuse.org/opensuse-updates/2013-06/msg00099.html
ssvc	Track	http://lists.opensuse.org/opensuse-updates/2013-06/msg00099.html
cvssv3.1	3.7	http://rhn.redhat.com/errata/RHSA-2013-0752.html
cvssv3.1	3.7	http://rhn.redhat.com/errata/RHSA-2013-0752.html
ssvc	Track	http://rhn.redhat.com/errata/RHSA-2013-0752.html
ssvc	Track	http://rhn.redhat.com/errata/RHSA-2013-0752.html
cvssv3.1	3.7	http://rhn.redhat.com/errata/RHSA-2013-0757.html
cvssv3.1	3.7	http://rhn.redhat.com/errata/RHSA-2013-0757.html
ssvc	Track	http://rhn.redhat.com/errata/RHSA-2013-0757.html
ssvc	Track	http://rhn.redhat.com/errata/RHSA-2013-0757.html
rhas	Critical	https://access.redhat.com/errata/RHSA-2013:0751
rhas	Important	https://access.redhat.com/errata/RHSA-2013:0752
rhas	Critical	https://access.redhat.com/errata/RHSA-2013:0757
rhas	Critical	https://access.redhat.com/errata/RHSA-2013:0822
epss	0.93504	https://api.first.org/data/v1/epss?cve=CVE-2013-2423
epss	0.93504	https://api.first.org/data/v1/epss?cve=CVE-2013-2423
epss	0.93539	https://api.first.org/data/v1/epss?cve=CVE-2013-2423
epss	0.93539	https://api.first.org/data/v1/epss?cve=CVE-2013-2423
epss	0.93539	https://api.first.org/data/v1/epss?cve=CVE-2013-2423
epss	0.93539	https://api.first.org/data/v1/epss?cve=CVE-2013-2423
epss	0.93539	https://api.first.org/data/v1/epss?cve=CVE-2013-2423
epss	0.93539	https://api.first.org/data/v1/epss?cve=CVE-2013-2423
epss	0.93609	https://api.first.org/data/v1/epss?cve=CVE-2013-2423
epss	0.93609	https://api.first.org/data/v1/epss?cve=CVE-2013-2423
epss	0.93609	https://api.first.org/data/v1/epss?cve=CVE-2013-2423
epss	0.93609	https://api.first.org/data/v1/epss?cve=CVE-2013-2423
epss	0.93609	https://api.first.org/data/v1/epss?cve=CVE-2013-2423
epss	0.93609	https://api.first.org/data/v1/epss?cve=CVE-2013-2423
epss	0.93609	https://api.first.org/data/v1/epss?cve=CVE-2013-2423
epss	0.93609	https://api.first.org/data/v1/epss?cve=CVE-2013-2423
epss	0.93627	https://api.first.org/data/v1/epss?cve=CVE-2013-2423
epss	0.93714	https://api.first.org/data/v1/epss?cve=CVE-2013-2423
epss	0.93714	https://api.first.org/data/v1/epss?cve=CVE-2013-2423
epss	0.93714	https://api.first.org/data/v1/epss?cve=CVE-2013-2423
epss	0.93714	https://api.first.org/data/v1/epss?cve=CVE-2013-2423
epss	0.93714	https://api.first.org/data/v1/epss?cve=CVE-2013-2423
epss	0.96399	https://api.first.org/data/v1/epss?cve=CVE-2013-2423
epss	0.96399	https://api.first.org/data/v1/epss?cve=CVE-2013-2423
epss	0.96971	https://api.first.org/data/v1/epss?cve=CVE-2013-2423
epss	0.97091	https://api.first.org/data/v1/epss?cve=CVE-2013-2423
epss	0.97091	https://api.first.org/data/v1/epss?cve=CVE-2013-2423
epss	0.97091	https://api.first.org/data/v1/epss?cve=CVE-2013-2423
cvssv3.1	3.7	https://bugzilla.redhat.com/show_bug.cgi?id=952398
cvssv3.1	3.7	https://bugzilla.redhat.com/show_bug.cgi?id=952398
ssvc	Track	https://bugzilla.redhat.com/show_bug.cgi?id=952398
ssvc	Track	https://bugzilla.redhat.com/show_bug.cgi?id=952398
cvssv3.1	3.7	http://security.gentoo.org/glsa/glsa-201406-32.xml
cvssv3.1	3.7	http://security.gentoo.org/glsa/glsa-201406-32.xml
generic_textual	HIGH	http://security.gentoo.org/glsa/glsa-201406-32.xml
ssvc	Track	http://security.gentoo.org/glsa/glsa-201406-32.xml
ssvc	Track	http://security.gentoo.org/glsa/glsa-201406-32.xml
cvssv2	4.3	https://nvd.nist.gov/vuln/detail/CVE-2013-2423
cvssv3.1	3.7	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16700
cvssv3.1	3.7	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16700
ssvc	Track	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16700
ssvc	Track	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16700
cvssv3.1	3.7	https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0130
cvssv3.1	3.7	https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0130
ssvc	Track	https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0130
ssvc	Track	https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0130
cvssv3.1	3.7	http://weblog.ikvm.net/PermaLink.aspx?guid=acd2dd6d-1028-4996-95df-efa42ac237f0
cvssv3.1	3.7	http://weblog.ikvm.net/PermaLink.aspx?guid=acd2dd6d-1028-4996-95df-efa42ac237f0
ssvc	Track	http://weblog.ikvm.net/PermaLink.aspx?guid=acd2dd6d-1028-4996-95df-efa42ac237f0
ssvc	Track	http://weblog.ikvm.net/PermaLink.aspx?guid=acd2dd6d-1028-4996-95df-efa42ac237f0
cvssv3.1	3.7	http://www.exploit-db.com/exploits/24976
cvssv3.1	3.7	http://www.exploit-db.com/exploits/24976
ssvc	Track	http://www.exploit-db.com/exploits/24976
ssvc	Track	http://www.exploit-db.com/exploits/24976
cvssv3.1	3.7	http://www.mandriva.com/security/advisories?name=MDVSA-2013:161
cvssv3.1	3.7	http://www.mandriva.com/security/advisories?name=MDVSA-2013:161
ssvc	Track	http://www.mandriva.com/security/advisories?name=MDVSA-2013:161
ssvc	Track	http://www.mandriva.com/security/advisories?name=MDVSA-2013:161
cvssv3.1	3.7	http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html
cvssv3.1	3.7	http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html
generic_textual	Medium	http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html
ssvc	Track	http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html
ssvc	Track	http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html
cvssv3.1	3.7	http://www.ubuntu.com/usn/USN-1806-1
cvssv3.1	3.7	http://www.ubuntu.com/usn/USN-1806-1
ssvc	Track	http://www.ubuntu.com/usn/USN-1806-1
ssvc	Track	http://www.ubuntu.com/usn/USN-1806-1
cvssv3.1	3.7	http://www.us-cert.gov/ncas/alerts/TA13-107A
cvssv3.1	3.7	http://www.us-cert.gov/ncas/alerts/TA13-107A
ssvc	Track	http://www.us-cert.gov/ncas/alerts/TA13-107A
ssvc	Track	http://www.us-cert.gov/ncas/alerts/TA13-107A

Reference id	Reference type	URL
		http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released/
		http://blog.spiderlabs.com/2013/04/java-is-so-confusing.html
		http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/b453d9be6b3f
		http://lists.opensuse.org/opensuse-updates/2013-06/msg00099.html
		http://rhn.redhat.com/errata/RHSA-2013-0752.html
		http://rhn.redhat.com/errata/RHSA-2013-0757.html
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2423.json
		https://api.first.org/data/v1/epss?cve=CVE-2013-2423
		https://bugzilla.redhat.com/show_bug.cgi?id=952398
		http://security.gentoo.org/glsa/glsa-201406-32.xml
		https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16700
		https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0130
		http://weblog.ikvm.net/PermaLink.aspx?guid=acd2dd6d-1028-4996-95df-efa42ac237f0
		http://www.exploit-db.com/exploits/24976
		http://www.mandriva.com/security/advisories?name=MDVSA-2013:161
		http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html
		http://www.ubuntu.com/usn/USN-1806-1
		http://www.us-cert.gov/ncas/alerts/TA13-107A
cpe:2.3:a:oracle:jdk:1.7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:::::::*
cpe:2.3:a:oracle:jdk:1.7.0:update1::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update1::::::
cpe:2.3:a:oracle:jdk:1.7.0:update10::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update10::::::
cpe:2.3:a:oracle:jdk:1.7.0:update11::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update11::::::
cpe:2.3:a:oracle:jdk:1.7.0:update13::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update13::::::
cpe:2.3:a:oracle:jdk:1.7.0:update15::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update15::::::
cpe:2.3:a:oracle:jdk:1.7.0:update2::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update2::::::
cpe:2.3:a:oracle:jdk:1.7.0:update3::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update3::::::
cpe:2.3:a:oracle:jdk:1.7.0:update4::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update4::::::
cpe:2.3:a:oracle:jdk:1.7.0:update5::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update5::::::
cpe:2.3:a:oracle:jdk:1.7.0:update6::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update6::::::
cpe:2.3:a:oracle:jdk:1.7.0:update7::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update7::::::
cpe:2.3:a:oracle:jdk:1.7.0:update9::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update9::::::
cpe:2.3:a:oracle:jdk::update17::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk::update17::::::*
cpe:2.3:a:oracle:jre:1.7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:::::::*
cpe:2.3:a:oracle:jre:1.7.0:-::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:-::::::
cpe:2.3:a:oracle:jre:1.7.0:update1::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update1::::::
cpe:2.3:a:oracle:jre:1.7.0:update10::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update10::::::
cpe:2.3:a:oracle:jre:1.7.0:update11::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update11::::::
cpe:2.3:a:oracle:jre:1.7.0:update13::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update13::::::
cpe:2.3:a:oracle:jre:1.7.0:update15::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update15::::::
cpe:2.3:a:oracle:jre:1.7.0:update2::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update2::::::
cpe:2.3:a:oracle:jre:1.7.0:update3::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update3::::::
cpe:2.3:a:oracle:jre:1.7.0:update4::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update4::::::
cpe:2.3:a:oracle:jre:1.7.0:update5::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update5::::::
cpe:2.3:a:oracle:jre:1.7.0:update6::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update6::::::
cpe:2.3:a:oracle:jre:1.7.0:update7::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update7::::::
cpe:2.3:a:oracle:jre:1.7.0:update9::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update9::::::
cpe:2.3:a:oracle:jre::update17::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre::update17::::::*
cpe:2.3:o:canonical:ubuntu_linux:12.10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.10:::::::*
cpe:2.3:o:opensuse:opensuse:12.3:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.3:::::::*
CVE-2013-2423		https://nvd.nist.gov/vuln/detail/CVE-2013-2423
CVE-2013-2423;OSVDB-92348	Exploit	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/24976.rb
GLSA-201401-30		https://security.gentoo.org/glsa/201401-30
GLSA-201406-32		https://security.gentoo.org/glsa/201406-32
RHSA-2013:0751		https://access.redhat.com/errata/RHSA-2013:0751
RHSA-2013:0752		https://access.redhat.com/errata/RHSA-2013:0752
RHSA-2013:0757		https://access.redhat.com/errata/RHSA-2013:0757
RHSA-2013:0822		https://access.redhat.com/errata/RHSA-2013:0822
USN-1806-1		https://usn.ubuntu.com/1806-1/

Data source	Exploit-DB
Date added	April 23, 2013
Description	Java Applet - Reflection Type Confusion Remote Code Execution (Metasploit)
Ransomware campaign use	Known
Source publication date	April 23, 2013
Exploit type	remote
Platform	multiple
Source update date	April 23, 2013

Data source	Metasploit
Description	This module abuses Java Reflection to generate a Type Confusion, due to a weak access control when setting final fields on static classes, and run code outside of the Java Sandbox. The vulnerability affects Java version 7u17 and earlier. This exploit bypasses click-to-play throw a specially crafted JNLP file. This bypass is applied mainly to IE, when Java Web Start can be launched automatically throw the ActiveX control. Otherwise the applet is launched without click-to-play bypass.
Note	{}
Ransomware campaign use	Unknown
Source publication date	Jan. 10, 2013
Platform	Java,Linux,OSX,Windows
Source URL	https://github.com/rapid7/metasploit-framework/tree/master/modules/exploits/multi/browser/java_jre17_reflection_types.rb

Data source	KEV
Date added	May 25, 2022
Description	Unspecified vulnerability in hotspot for Java Runtime Environment (JRE) allows remote attackers to affect integrity.
Required action	Apply updates per vendor instructions.
Due date	June 15, 2022
Note	https://nvd.nist.gov/vuln/detail/CVE-2013-2423
Ransomware campaign use	Unknown

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N Found at http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N Found at http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T19:49:17Z/ Found at http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released/

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N Found at http://blog.spiderlabs.com/2013/04/java-is-so-confusing.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N Found at http://blog.spiderlabs.com/2013/04/java-is-so-confusing.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T19:49:17Z/ Found at http://blog.spiderlabs.com/2013/04/java-is-so-confusing.html

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N Found at http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/b453d9be6b3f

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N Found at http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/b453d9be6b3f

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T19:49:17Z/ Found at http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/b453d9be6b3f

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N Found at http://lists.opensuse.org/opensuse-updates/2013-06/msg00099.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N Found at http://lists.opensuse.org/opensuse-updates/2013-06/msg00099.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T19:49:17Z/ Found at http://lists.opensuse.org/opensuse-updates/2013-06/msg00099.html

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N Found at http://rhn.redhat.com/errata/RHSA-2013-0752.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N Found at http://rhn.redhat.com/errata/RHSA-2013-0752.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T19:49:17Z/ Found at http://rhn.redhat.com/errata/RHSA-2013-0752.html

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N Found at http://rhn.redhat.com/errata/RHSA-2013-0757.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N Found at http://rhn.redhat.com/errata/RHSA-2013-0757.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T19:49:17Z/ Found at http://rhn.redhat.com/errata/RHSA-2013-0757.html

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N Found at https://bugzilla.redhat.com/show_bug.cgi?id=952398

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N Found at https://bugzilla.redhat.com/show_bug.cgi?id=952398

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T19:49:17Z/ Found at https://bugzilla.redhat.com/show_bug.cgi?id=952398

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N Found at http://security.gentoo.org/glsa/glsa-201406-32.xml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N Found at http://security.gentoo.org/glsa/glsa-201406-32.xml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T19:49:17Z/ Found at http://security.gentoo.org/glsa/glsa-201406-32.xml

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2013-2423

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N Found at https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16700

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N Found at https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16700

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T19:49:17Z/ Found at https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16700

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N Found at https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0130

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N Found at https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0130

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T19:49:17Z/ Found at https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0130

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N Found at http://weblog.ikvm.net/PermaLink.aspx?guid=acd2dd6d-1028-4996-95df-efa42ac237f0

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N Found at http://weblog.ikvm.net/PermaLink.aspx?guid=acd2dd6d-1028-4996-95df-efa42ac237f0

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T19:49:17Z/ Found at http://weblog.ikvm.net/PermaLink.aspx?guid=acd2dd6d-1028-4996-95df-efa42ac237f0

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N Found at http://www.exploit-db.com/exploits/24976

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N Found at http://www.exploit-db.com/exploits/24976

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T19:49:17Z/ Found at http://www.exploit-db.com/exploits/24976

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N Found at http://www.mandriva.com/security/advisories?name=MDVSA-2013:161

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N Found at http://www.mandriva.com/security/advisories?name=MDVSA-2013:161

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T19:49:17Z/ Found at http://www.mandriva.com/security/advisories?name=MDVSA-2013:161

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N Found at http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N Found at http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T19:49:17Z/ Found at http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N Found at http://www.ubuntu.com/usn/USN-1806-1

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N Found at http://www.ubuntu.com/usn/USN-1806-1

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T19:49:17Z/ Found at http://www.ubuntu.com/usn/USN-1806-1

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N Found at http://www.us-cert.gov/ncas/alerts/TA13-107A

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N Found at http://www.us-cert.gov/ncas/alerts/TA13-107A

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T19:49:17Z/ Found at http://www.us-cert.gov/ncas/alerts/TA13-107A

Exploit Prediction Scoring System (EPSS)

Percentile	0.99813
EPSS Score	0.93504
Published At	April 29, 2025, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
There are no relevant records.

Reference id	Reference type	URL
		http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released/
		http://blog.spiderlabs.com/2013/04/java-is-so-confusing.html
		http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/b453d9be6b3f
		http://lists.opensuse.org/opensuse-updates/2013-06/msg00099.html
		http://rhn.redhat.com/errata/RHSA-2013-0752.html
		http://rhn.redhat.com/errata/RHSA-2013-0757.html
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2423.json
		https://api.first.org/data/v1/epss?cve=CVE-2013-2423
		https://bugzilla.redhat.com/show_bug.cgi?id=952398
		http://security.gentoo.org/glsa/glsa-201406-32.xml
		https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16700
		https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0130
		http://weblog.ikvm.net/PermaLink.aspx?guid=acd2dd6d-1028-4996-95df-efa42ac237f0
		http://www.exploit-db.com/exploits/24976
		http://www.mandriva.com/security/advisories?name=MDVSA-2013:161
		http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html
		http://www.ubuntu.com/usn/USN-1806-1
		http://www.us-cert.gov/ncas/alerts/TA13-107A
cpe:2.3:a:oracle:jdk:1.7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:::::::*
cpe:2.3:a:oracle:jdk:1.7.0:update1::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update1::::::
cpe:2.3:a:oracle:jdk:1.7.0:update10::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update10::::::
cpe:2.3:a:oracle:jdk:1.7.0:update11::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update11::::::
cpe:2.3:a:oracle:jdk:1.7.0:update13::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update13::::::
cpe:2.3:a:oracle:jdk:1.7.0:update15::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update15::::::
cpe:2.3:a:oracle:jdk:1.7.0:update2::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update2::::::
cpe:2.3:a:oracle:jdk:1.7.0:update3::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update3::::::
cpe:2.3:a:oracle:jdk:1.7.0:update4::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update4::::::
cpe:2.3:a:oracle:jdk:1.7.0:update5::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update5::::::
cpe:2.3:a:oracle:jdk:1.7.0:update6::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update6::::::
cpe:2.3:a:oracle:jdk:1.7.0:update7::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update7::::::
cpe:2.3:a:oracle:jdk:1.7.0:update9::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update9::::::
cpe:2.3:a:oracle:jdk::update17::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk::update17::::::*
cpe:2.3:a:oracle:jre:1.7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:::::::*
cpe:2.3:a:oracle:jre:1.7.0:-::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:-::::::
cpe:2.3:a:oracle:jre:1.7.0:update1::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update1::::::
cpe:2.3:a:oracle:jre:1.7.0:update10::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update10::::::
cpe:2.3:a:oracle:jre:1.7.0:update11::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update11::::::
cpe:2.3:a:oracle:jre:1.7.0:update13::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update13::::::
cpe:2.3:a:oracle:jre:1.7.0:update15::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update15::::::
cpe:2.3:a:oracle:jre:1.7.0:update2::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update2::::::
cpe:2.3:a:oracle:jre:1.7.0:update3::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update3::::::
cpe:2.3:a:oracle:jre:1.7.0:update4::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update4::::::
cpe:2.3:a:oracle:jre:1.7.0:update5::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update5::::::
cpe:2.3:a:oracle:jre:1.7.0:update6::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update6::::::
cpe:2.3:a:oracle:jre:1.7.0:update7::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update7::::::
cpe:2.3:a:oracle:jre:1.7.0:update9::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update9::::::
cpe:2.3:a:oracle:jre::update17::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre::update17::::::*
cpe:2.3:o:canonical:ubuntu_linux:12.10:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.10:::::::*
cpe:2.3:o:opensuse:opensuse:12.3:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.3:::::::*
CVE-2013-2423		https://nvd.nist.gov/vuln/detail/CVE-2013-2423
CVE-2013-2423;OSVDB-92348	Exploit	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/24976.rb
GLSA-201401-30		https://security.gentoo.org/glsa/201401-30
GLSA-201406-32		https://security.gentoo.org/glsa/201406-32
RHSA-2013:0751		https://access.redhat.com/errata/RHSA-2013:0751
RHSA-2013:0752		https://access.redhat.com/errata/RHSA-2013:0752
RHSA-2013:0757		https://access.redhat.com/errata/RHSA-2013:0757
RHSA-2013:0822		https://access.redhat.com/errata/RHSA-2013:0822
USN-1806-1		https://usn.ubuntu.com/1806-1/