Vulnerability Details : CVE-2013-2465
Public exploit exists!
Used for ransomware!
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect image channel verification" in 2D.
Products affected by CVE-2013-2465
- cpe:2.3:a:sun:jre:1.5.0:update4:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update5:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update1:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update2:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update3:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update6:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update8:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update7:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update9:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update10:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_1:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update11:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update12:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update13:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update14:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_4:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_3:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update15:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update16:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_10:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_5:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_6:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_7:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_9:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_11:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_12:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update17:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_13:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update18:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update19:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update21:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update20:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_15:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_14:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_16:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_17:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update23:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_18:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update22:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_19:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_20:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update24:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_21:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update25:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update26:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update27:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update29:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update28:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update31:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update33:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:-:*:*:*
- cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:-:*:*
- cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:vmware:*:*
- cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:ltss:*:*:*
- cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:-:*:*:*
- cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*
- cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*
- cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp2:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_java:10:sp4:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_java:11:sp2:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_java:11:sp3:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update7:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update9:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update10:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update11:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update17:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update15:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update13:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update21:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update45:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update30:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update33:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update32:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update24:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update35:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update25:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update39:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update31:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update22:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update38:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update37:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update29:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update27:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update23:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update41:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update43:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update34:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update26:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.5.0:update38:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.5.0:update36:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.5.0:update40:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.5.0:update41:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.5.0:update45:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.5.0:update39:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:-:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:-:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.5.0:-:*:*:*:*:*:*
Threat overview for CVE-2013-2465
Top countries where our scanners detected CVE-2013-2465
Top open port discovered on systems with this issue
80
IPs affected by CVE-2013-2465 1,732
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2013-2465!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
CVE-2013-2465 is in the CISA Known Exploited Vulnerabilities Catalog
This issue is known to have been leveraged as part of a ransomware campaign.
CISA vulnerability name:
Oracle Java SE Unspecified Vulnerability
CISA required action:
Apply updates per vendor instructions.
CISA description:
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE allows remote attackers to affect confidentiality, integrity, and availability via Unknown vectors related to 2D
Notes:
https://nvd.nist.gov/vuln/detail/CVE-2013-2465
Added on
2022-03-28
Action due date
2022-04-18
Exploit prediction scoring system (EPSS) score for CVE-2013-2465
87.33%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 99 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2013-2465
-
Java storeImageArray() Invalid Array Indexing Vulnerability
Disclosure Date: 2013-08-12First seen: 2020-04-26exploit/multi/browser/java_storeimagearrayThis module abuses an Invalid Array Indexing Vulnerability on the static function storeImageArray() function in order to cause a memory corruption and escape the Java Sandbox. The vulnerability affects Java version 7u21 and earlier. The module, which doesn't bypass
CVSS scores for CVE-2013-2465
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
References for CVE-2013-2465
-
http://marc.info/?l=bugtraq&m=137545592101387&w=2
'[security bulletin] HPSBUX02908 rev.1 - HP-UX Running Java6, Remote Unauthorized Access, Disclosure' - MARCMailing List;Third Party Advisory
-
http://www.securityfocus.com/bid/60657
Oracle Java SE CVE-2013-2465 Memory Corruption VulnerabilityBroken Link;Third Party Advisory;VDB Entry
-
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html
[security-announce] SUSE-SU-2013:1255-1: important: Security update forMailing List;Third Party Advisory
-
http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/2a9c79db0040
jdk7u/jdk7u-dev/jdk: 2a9c79db0040Patch
-
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00031.html
[security-announce] SUSE-SU-2013:1264-1: important: Security update forMailing List;Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2014:0414
RHSA-2014:0414 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880
Broken Link
-
http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html
[security-announce] SUSE-SU-2013:1293-1: important: Security update forMailing List;Third Party Advisory
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19455
Repository / Oval RepositoryBroken Link
-
http://www.mandriva.com/security/advisories?name=MDVSA-2013:183
mandriva.comNot Applicable
-
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html
[security-announce] SUSE-SU-2013:1257-1: important: Security update forMailing List;Third Party Advisory
-
http://rhn.redhat.com/errata/RHSA-2013-1060.html
RHSA-2013:1060 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://bugzilla.redhat.com/show_bug.cgi?id=975118
975118 – (CVE-2013-2465) CVE-2013-2465 OpenJDK: Incorrect image channel verification (2D, 8012597)Issue Tracking
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19703
Repository / Oval RepositoryBroken Link
-
http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html
[security-announce] SUSE-SU-2013:1305-1: important: Security update forMailing List;Third Party Advisory
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17106
Repository / Oval RepositoryBroken Link
-
http://secunia.com/advisories/54154
Sign inNot Applicable
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19074
Repository / Oval RepositoryBroken Link
-
http://www-01.ibm.com/support/docview.wss?uid=swg21642336
IBM Security Bulletin: Multiple vulnerabilities in IBM WebSphere Real TimeThird Party Advisory
-
http://rhn.redhat.com/errata/RHSA-2013-1455.html
RHSA-2013:1455 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://rhn.redhat.com/errata/RHSA-2013-1456.html
RHSA-2013:1456 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://rhn.redhat.com/errata/RHSA-2013-1059.html
RHSA-2013:1059 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://rhn.redhat.com/errata/RHSA-2013-0963.html
RHSA-2013:0963 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html
Oracle Java Critical Patch Update - June 2013Vendor Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html
[security-announce] SUSE-SU-2013:1263-1: important: Security update forMailing List;Third Party Advisory
-
http://rhn.redhat.com/errata/RHSA-2013-1081.html
RHSA-2013:1081 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://advisories.mageia.org/MGASA-2013-0185.html
Mageia Advisory: MGASA-2013-0185 - Updated java-1.7.0-openjdk packages fix multiple security vulnerabilitiesBroken Link
-
http://www.us-cert.gov/ncas/alerts/TA13-169A
Oracle Releases Updates for Javadoc and Other Java SE Vulnerabilities | CISAThird Party Advisory;US Government Resource
-
http://marc.info/?l=bugtraq&m=137545505800971&w=2
'[security bulletin] HPSBUX02907 rev.1 - HP-UX Running Java7, Remote Unauthorized Access, Disclosure' - MARCMailing List;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html
[security-announce] SUSE-SU-2013:1256-1: important: Security update forMailing List;Third Party Advisory
-
http://security.gentoo.org/glsa/glsa-201406-32.xml
IcedTea JDK: Multiple vulnerabilities (GLSA 201406-32) — Gentoo securityThird Party Advisory
Jump to