CVE-2013-5907 : Detail

CVE-2013-5907

44.51%V3
Network
2014-01-15
00h33 +00:00
2018-01-04
18h57 +00:00
Notifications for a CVE
Stay informed of any changes for a specific CVE.
Notifications manage

CVE Descriptions

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is due to incorrect input validation in LookupProcessor.cpp in the ICU Layout Engine, which allows attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted font file.

CVE Informations

Related Weaknesses

CWE-ID Weakness Name Source
CWE Other No informations.

Metrics

Metrics Score Severity CVSS Vector Source
V2 10 AV:N/AC:L/Au:N/C:C/I:C/A:C [email protected]

EPSS

EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.

EPSS Score

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

EPSS Percentile

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.

Products Mentioned

Configuraton 0

Oracle>>Jdk >> Version 1.5.0

Oracle>>Jre >> Version 1.5.0

Configuraton 0

Oracle>>Jdk >> Version 1.7.0

Oracle>>Jre >> Version 1.7.0

Configuraton 0

Oracle>>Jrockit >> Version r27.7.7

Oracle>>Jrockit >> Version r28.2.9

Configuraton 0

Oracle>>Jdk >> Version 1.6.0

Oracle>>Jre >> Version 1.6.0

References

http://secunia.com/advisories/56432
Tags : third-party-advisory, x_refsource_SECUNIA
https://access.redhat.com/errata/RHSA-2014:0414
Tags : vendor-advisory, x_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2014-0136.html
Tags : vendor-advisory, x_refsource_REDHAT
http://marc.info/?l=bugtraq&m=139402749111889&w=2
Tags : vendor-advisory, x_refsource_HP
http://rhn.redhat.com/errata/RHSA-2014-0135.html
Tags : vendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/56535
Tags : third-party-advisory, x_refsource_SECUNIA
http://www.ubuntu.com/usn/USN-2089-1
Tags : vendor-advisory, x_refsource_UBUNTU
http://osvdb.org/101995
Tags : vdb-entry, x_refsource_OSVDB
http://rhn.redhat.com/errata/RHSA-2014-0030.html
Tags : vendor-advisory, x_refsource_REDHAT
http://www.securityfocus.com/bid/64894
Tags : vdb-entry, x_refsource_BID
http://rhn.redhat.com/errata/RHSA-2014-0097.html
Tags : vendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/56485
Tags : third-party-advisory, x_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=139402697611681&w=2
Tags : vendor-advisory, x_refsource_HP
http://marc.info/?l=bugtraq&m=139402697611681&w=2
Tags : vendor-advisory, x_refsource_HP
http://rhn.redhat.com/errata/RHSA-2014-0027.html
Tags : vendor-advisory, x_refsource_REDHAT
http://secunia.com/advisories/56486
Tags : third-party-advisory, x_refsource_SECUNIA
http://marc.info/?l=bugtraq&m=139402749111889&w=2
Tags : vendor-advisory, x_refsource_HP
http://www.securitytracker.com/id/1029608
Tags : vdb-entry, x_refsource_SECTRACK
http://www.ubuntu.com/usn/USN-2124-1
Tags : vendor-advisory, x_refsource_UBUNTU
http://secunia.com/advisories/56487
Tags : third-party-advisory, x_refsource_SECUNIA
http://rhn.redhat.com/errata/RHSA-2014-0026.html
Tags : vendor-advisory, x_refsource_REDHAT
http://www.securityfocus.com/bid/64758
Tags : vdb-entry, x_refsource_BID
http://rhn.redhat.com/errata/RHSA-2014-0134.html
Tags : vendor-advisory, x_refsource_REDHAT