CVE-2013-0448 : Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 allows r

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 allows remote attackers to affect integrity via unknown vectors related to Libraries.

Published 2013-02-02 00:55:02

Updated 2017-09-19 01:35:42

Source Oracle

View at NVD, CVE.org

Threat overview for CVE-2013-0448

Top countries where our scanners detected CVE-2013-0448

Top open port discovered on systems with this issue 80

IPs affected by CVE-2013-0448 47

Threat actors abusing to this issue? Yes

Find out if you^* are affected by CVE-2013-0448!

^*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2013-0448

Probability of exploitation activity in the next 30 days: 0.82%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 80 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2013-0448

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
5.0	MEDIUM	AV:N/AC:L/Au:N/C:N/I:P/A:N	10.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: Partial Availability Impact: None

References for CVE-2013-0448

http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html

Java CPU Feb 2013
Vendor Advisory

CVEs referencing this url
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16264

Repository / Oval Repository
http://www.kb.cert.org/vuls/id/858729

VU#858729 - Oracle Java contains multiple vulnerabilities
US Government Resource

CVEs referencing this url
http://marc.info/?l=bugtraq&m=136733161405818&w=2

'[security bulletin] HPSBMU02874 SSRT101184 rev.1 - HP Service Manager, Java Runtime Environment (JRE' - MARC

CVEs referencing this url
http://www.us-cert.gov/cas/techalerts/TA13-032A.html

Oracle Java Multiple Vulnerabilities | CISA
US Government Resource

CVEs referencing this url
http://rhn.redhat.com/errata/RHSA-2013-0237.html

RHSA-2013:0237 - Security Advisory - Red Hat Customer Portal

CVEs referencing this url

Products affected by CVE-2013-0448

Oracle » JDK » Version: 1.7.0
cpe:2.3:a:oracle:jdk:1.7.0:*:*:*:*:*:*:*
Matching versions
Oracle » JDK » Version: 1.7.0 Update Update1
cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*
Matching versions
Oracle » JDK » Version: 1.7.0 Update Update2
cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*
Matching versions
Oracle » JDK » Version: 1.7.0 Update Update5
cpe:2.3:a:oracle:jdk:1.7.0:update5:*:*:*:*:*:*
Matching versions
Oracle » JDK » Version: 1.7.0 Update Update6
cpe:2.3:a:oracle:jdk:1.7.0:update6:*:*:*:*:*:*
Matching versions
Oracle » JDK » Version: 1.7.0 Update Update3
cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*
Matching versions
Oracle » JDK » Version: 1.7.0 Update Update4
cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*
Matching versions
Oracle » JDK » Version: 1.7.0 Update Update10
cpe:2.3:a:oracle:jdk:1.7.0:update10:*:*:*:*:*:*
Matching versions
Oracle » JDK » Version: 1.7.0 Update Update11
cpe:2.3:a:oracle:jdk:1.7.0:update11:*:*:*:*:*:*
Matching versions
Oracle » JDK » Version: 1.7.0 Update Update7
cpe:2.3:a:oracle:jdk:1.7.0:update7:*:*:*:*:*:*
Matching versions
Oracle » JDK » Version: 1.7.0 Update Update9
cpe:2.3:a:oracle:jdk:1.7.0:update9:*:*:*:*:*:*
Matching versions
Oracle » JRE » Version: 1.7.0
cpe:2.3:a:oracle:jre:1.7.0:*:*:*:*:*:*:*
Matching versions
Oracle » JRE » Version: 1.7.0 Update Update1
cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*
Matching versions
Oracle » JRE » Version: 1.7.0 Update Update4
cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*
Matching versions
Oracle » JRE » Version: 1.7.0 Update Update5
cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*
Matching versions
Oracle » JRE » Version: 1.7.0 Update Update2
cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*
Matching versions
Oracle » JRE » Version: 1.7.0 Update Update3
cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*
Matching versions
Oracle » JRE » Version: 1.7.0 Update Update6
cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*
Matching versions
Oracle » JRE » Version: 1.7.0 Update Update7
cpe:2.3:a:oracle:jre:1.7.0:update7:*:*:*:*:*:*
Matching versions
Oracle » JRE » Version: 1.7.0 Update Update9
cpe:2.3:a:oracle:jre:1.7.0:update9:*:*:*:*:*:*
Matching versions
Oracle » JRE » Version: 1.7.0 Update Update10
cpe:2.3:a:oracle:jre:1.7.0:update10:*:*:*:*:*:*
Matching versions
Oracle » JRE » Version: 1.7.0 Update Update11
cpe:2.3:a:oracle:jre:1.7.0:update11:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2013-0448

Threat overview for CVE-2013-0448

Exploit prediction scoring system (EPSS) score for CVE-2013-0448

CVSS scores for CVE-2013-0448

References for CVE-2013-0448

Products affected by CVE-2013-0448