Vulnerability Details : CVE-2013-5805
Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Swing, a different vulnerability than CVE-2013-5806.
Products affected by CVE-2013-5805
- cpe:2.3:a:oracle:jdk:*:update40:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update5:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update6:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update10:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update11:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update7:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update9:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update17:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update13:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update15:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update25:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update21:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:*:update40:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update7:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update9:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update10:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update11:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update17:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update15:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update13:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update25:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update21:*:*:*:*:*:*
Threat overview for CVE-2013-5805
Top countries where our scanners detected CVE-2013-5805
Top open port discovered on systems with this issue
80
IPs affected by CVE-2013-5805 70
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2013-5805!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2013-5805
1.18%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 83 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2013-5805
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST |
References for CVE-2013-5805
-
http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html
Oracle Critical Patch Update - October 2013Vendor Advisory
-
http://www.securityfocus.com/bid/63112
Oracle Java SE CVE-2013-5805 Remote Security Vulnerability
-
http://marc.info/?l=bugtraq&m=138674073720143&w=2
'[security bulletin] HPSBUX02944 rev.1 - HP-UX Running Java7, Remote Unauthorized Access, Disclosure' - MARC
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18943
Repository / Oval Repository
-
http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html
openSUSE-SU-2013:1663-1: moderate: update for java-1_7_0-openjdk
-
http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html
[security-announce] SUSE-SU-2013:1666-1: important: Security update for
-
http://www.ubuntu.com/usn/USN-2089-1
USN-2089-1: OpenJDK 7 vulnerabilities | Ubuntu security notices
-
http://security.gentoo.org/glsa/glsa-201406-32.xml
IcedTea JDK: Multiple vulnerabilities (GLSA 201406-32) — Gentoo security
Jump to