Vulnerability Details : CVE-2013-5778
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, 6u60 and earlier, 5.0u51 and earlier, and Embedded 7u40 and earlier allows remote attackers to affect confidentiality via unknown vectors related to 2D.
Products affected by CVE-2013-5778
- cpe:2.3:a:sun:jdk:1.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update6:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update1:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update3:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update2:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update4:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update5:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update7:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update7_b03:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update8:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update9:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update10:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update1:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update11:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update12:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update2:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update13:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update14:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update_4:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update_3:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update15:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update11_b03:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update16:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update_7:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update_10:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update_5:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update_6:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update_11:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update1_b06:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update_12:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update22:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update23:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update21:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update20:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update19:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update25:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update17:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update18:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update24:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update_13:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update_16:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update_14:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update_15:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update_17:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update_18:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update_20:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update_19:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update_21:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update26:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update27:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update28:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update29:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update31:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update33:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update4:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update5:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update1:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update2:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update3:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update6:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update8:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update7:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update9:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update10:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_1:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update11:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_2:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update12:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update13:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update14:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_4:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_3:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update15:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update16:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_10:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_5:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_6:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_7:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_9:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_11:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_12:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update17:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_13:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update18:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update19:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update21:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update20:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_15:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_14:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_16:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_17:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update23:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_18:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update22:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_19:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_20:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update24:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_21:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update25:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update26:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update27:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update29:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update28:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update31:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update33:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:*:update40:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:*:update51:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:*:update60:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update5:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update6:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update10:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update11:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update7:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update9:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update17:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update13:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update15:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update25:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update21:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update32:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update31:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update23:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update22:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update29:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update33:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update25:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update24:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update27:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update43:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update45:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update51:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update30:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update34:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update39:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update41:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update38:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update37:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update35:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update26:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.5.0:update38:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.5.0:update36:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.5.0:update40:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.5.0:update41:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.5.0:update45:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:*:update60:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:*:update51:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:*:update40:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update7:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update9:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update10:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update11:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update17:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update15:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update13:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update25:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update21:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update45:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update30:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update33:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update32:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update24:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update35:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update25:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update39:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update51:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update31:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update22:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update38:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update37:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update29:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update27:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update23:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update41:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update43:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update34:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update26:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.5.0:update38:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.5.0:update36:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.5.0:update40:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.5.0:update41:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.5.0:update45:*:*:*:*:*:*
Threat overview for CVE-2013-5778
Top countries where our scanners detected CVE-2013-5778
Top open port discovered on systems with this issue
80
IPs affected by CVE-2013-5778 1,732
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2013-5778!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2013-5778
0.94%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 83 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2013-5778
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:N/A:N |
10.0
|
2.9
|
NIST |
References for CVE-2013-5778
-
http://rhn.redhat.com/errata/RHSA-2013-1793.html
RHSA-2013:1793 - Security Advisory - Red Hat Customer Portal
-
http://rhn.redhat.com/errata/RHSA-2013-1509.html
RHSA-2013:1509 - Security Advisory - Red Hat Customer Portal
-
http://marc.info/?l=bugtraq&m=138674031212883&w=2
'[security bulletin] HPSBUX02943 rev.1 - HP-UX Running Java6, Remote Unauthorized Access, Disclosure' - MARC
-
http://rhn.redhat.com/errata/RHSA-2013-1508.html
RHSA-2013:1508 - Security Advisory - Red Hat Customer Portal
-
http://rhn.redhat.com/errata/RHSA-2013-1507.html
RHSA-2013:1507 - Security Advisory - Red Hat Customer Portal
-
http://rhn.redhat.com/errata/RHSA-2013-1447.html
RHSA-2013:1447 - Security Advisory - Red Hat Customer Portal
-
http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html
Oracle Critical Patch Update - October 2013Patch;Vendor Advisory
-
https://access.redhat.com/errata/RHSA-2014:0414
RHSA-2014:0414 - Security Advisory - Red Hat Customer Portal
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19020
Repository / Oval Repository
-
https://bugzilla.redhat.com/show_bug.cgi?id=1018984
1018984 – (CVE-2013-5778) CVE-2013-5778 OpenJDK: image conversion out of bounds read (2D, 8014102)
-
http://www.securityfocus.com/bid/63134
Oracle Java SE CVE-2013-5778 Remote Security Vulnerability
-
http://support.apple.com/kb/HT5982
About the security content of Java for OS X 2013-005 and Mac OS X v10.6 Update 17 - Apple Support
-
http://rhn.redhat.com/errata/RHSA-2013-1505.html
RHSA-2013:1505 - Security Advisory - Red Hat Customer Portal
-
http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html
[security-announce] SUSE-SU-2013:1677-1: important: Security update for
-
http://marc.info/?l=bugtraq&m=138674073720143&w=2
'[security bulletin] HPSBUX02944 rev.1 - HP-UX Running Java7, Remote Unauthorized Access, Disclosure' - MARC
-
http://rhn.redhat.com/errata/RHSA-2013-1440.html
RHSA-2013:1440 - Security Advisory - Red Hat Customer Portal
-
http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html
openSUSE-SU-2013:1663-1: moderate: update for java-1_7_0-openjdk
-
http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html
[security-announce] SUSE-SU-2013:1666-1: important: Security update for
-
http://rhn.redhat.com/errata/RHSA-2013-1451.html
RHSA-2013:1451 - Security Advisory - Red Hat Customer Portal
-
http://www-01.ibm.com/support/docview.wss?uid=swg21655201
IBM Security Bulletin: Multiple vulnerabilities in current releases of the IBM® SDK, Java™ Technology Edition
-
http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html
Apple - Lists.apple.com
-
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html
Multiple Vulnerabilities in Cosminexus: Software Vulnerability Information: Software: Hitachi
-
http://www.ubuntu.com/usn/USN-2089-1
USN-2089-1: OpenJDK 7 vulnerabilities | Ubuntu security notices
-
http://www.ubuntu.com/usn/USN-2033-1
USN-2033-1: OpenJDK 6 vulnerabilities | Ubuntu security notices
-
http://security.gentoo.org/glsa/glsa-201406-32.xml
IcedTea JDK: Multiple vulnerabilities (GLSA 201406-32) — Gentoo security
Jump to