Vulnerabilities
By Date By Type Known Exploited Assigners CVSS Scores EPSS Scores Search
Vulnerable Software
Vendors Products Version Search
Metasploit Modules CWE Definitions
Articles Blog

Vulnerability Details : CVE-2013-2429

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to ImageIO. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "JPEGImageWriter state corruption" when using native code, which triggers memory corruption.
Vulnerability category: Memory Corruption
Published 2013-04-17 18:55:07
Updated 2022-05-13 14:52:56
Source Oracle
View at NVD,   CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2013-2429

Probability of exploitation activity in the next 30 days: 24.46%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 96 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2013-2429

Base Score Base Severity CVSS Vector Exploitability Score Impact Score Source
7.6
 HIGH AV:N/AC:H/Au:N/C:C/I:C/A:C
4.9
10.0
 [email protected]

References for CVE-2013-2429

Products affected by CVE-2013-2429

This web site uses cookies for managing your session and website analytics (Google analytics) purposes as described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close