Vulnerability Details : CVE-2013-5840
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via unknown vectors related to Libraries.
Products affected by CVE-2013-5840
- cpe:2.3:a:sun:jdk:1.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update6:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update1:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update3:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update2:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update4:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update5:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update7:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update7_b03:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update8:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update9:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update10:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update1:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update11:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update12:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update2:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update13:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update14:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update_4:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update_3:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update15:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update11_b03:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update16:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update_7:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update_10:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update_5:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update_6:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update_11:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update1_b06:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update_12:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update22:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update23:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update21:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update20:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update19:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update25:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update17:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update18:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update24:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update_13:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update_16:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update_14:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update_15:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update_17:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update_18:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update_20:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update_19:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.6.0:update_21:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update26:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update27:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update28:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update29:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update31:*:*:*:*:*:*
- cpe:2.3:a:sun:jdk:1.5.0:update33:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update4:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update5:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update1:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update2:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update3:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update6:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update8:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update7:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update9:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update10:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_1:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update11:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_2:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update12:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update13:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update14:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_4:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_3:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update15:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update16:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_10:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_5:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_6:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_7:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_9:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_11:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_12:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update17:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_13:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update18:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update19:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update21:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update20:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_15:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_14:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_16:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_17:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update23:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_18:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update22:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_19:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_20:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update24:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.6.0:update_21:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update25:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update26:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update27:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update29:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update28:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update31:*:*:*:*:*:*
- cpe:2.3:a:sun:jre:1.5.0:update33:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:*:update40:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:*:update51:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:*:update60:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update5:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update6:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update10:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update11:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update7:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update9:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update17:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update13:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update15:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update25:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update21:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update32:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update31:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update23:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update22:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update29:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update33:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update25:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update24:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update27:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update43:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update45:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update51:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update30:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update34:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update39:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update41:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update38:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update37:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update35:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update26:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.5.0:update38:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.5.0:update36:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.5.0:update40:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.5.0:update41:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.5.0:update45:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:*:update60:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:*:update51:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:*:update40:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update7:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update9:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update10:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update11:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update17:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update15:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update13:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update25:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update21:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update45:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update30:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update33:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update32:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update24:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update35:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update25:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update39:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update51:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update31:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update22:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update38:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update37:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update29:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update27:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update23:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update41:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update43:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update34:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update26:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.5.0:update38:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.5.0:update36:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.5.0:update40:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.5.0:update41:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.5.0:update45:*:*:*:*:*:*
Threat overview for CVE-2013-5840
Top countries where our scanners detected CVE-2013-5840
Top open port discovered on systems with this issue
80
IPs affected by CVE-2013-5840 1,732
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2013-5840!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2013-5840
0.92%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 81 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2013-5840
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:N/A:N |
10.0
|
2.9
|
NIST |
References for CVE-2013-5840
-
http://rhn.redhat.com/errata/RHSA-2013-1793.html
RHSA-2013:1793 - Security Advisory - Red Hat Customer Portal
-
http://rhn.redhat.com/errata/RHSA-2013-1509.html
RHSA-2013:1509 - Security Advisory - Red Hat Customer Portal
-
http://marc.info/?l=bugtraq&m=138674031212883&w=2
'[security bulletin] HPSBUX02943 rev.1 - HP-UX Running Java6, Remote Unauthorized Access, Disclosure' - MARC
-
http://rhn.redhat.com/errata/RHSA-2013-1508.html
RHSA-2013:1508 - Security Advisory - Red Hat Customer Portal
-
http://rhn.redhat.com/errata/RHSA-2013-1507.html
RHSA-2013:1507 - Security Advisory - Red Hat Customer Portal
-
http://www.securityfocus.com/bid/63148
Oracle Java SE CVE-2013-5840 Remote Security Vulnerability
-
http://rhn.redhat.com/errata/RHSA-2013-1447.html
RHSA-2013:1447 - Security Advisory - Red Hat Customer Portal
-
http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html
Oracle Critical Patch Update - October 2013Vendor Advisory
-
https://access.redhat.com/errata/RHSA-2014:0414
RHSA-2014:0414 - Security Advisory - Red Hat Customer Portal
-
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=1018831
1018831 – (CVE-2013-5840) CVE-2013-5840 OpenJDK: getDeclaringClass() information leak (Libraries, 8014349)
-
http://support.apple.com/kb/HT5982
About the security content of Java for OS X 2013-005 and Mac OS X v10.6 Update 17 - Apple Support
-
http://rhn.redhat.com/errata/RHSA-2013-1505.html
RHSA-2013:1505 - Security Advisory - Red Hat Customer Portal
-
http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html
[security-announce] SUSE-SU-2013:1677-1: important: Security update for
-
http://marc.info/?l=bugtraq&m=138674073720143&w=2
'[security bulletin] HPSBUX02944 rev.1 - HP-UX Running Java7, Remote Unauthorized Access, Disclosure' - MARC
-
http://rhn.redhat.com/errata/RHSA-2013-1440.html
RHSA-2013:1440 - Security Advisory - Red Hat Customer Portal
-
http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html
openSUSE-SU-2013:1663-1: moderate: update for java-1_7_0-openjdk
-
http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html
[security-announce] SUSE-SU-2013:1666-1: important: Security update for
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18990
Repository / Oval Repository
-
http://rhn.redhat.com/errata/RHSA-2013-1451.html
RHSA-2013:1451 - Security Advisory - Red Hat Customer Portal
-
http://www-01.ibm.com/support/docview.wss?uid=swg21655201
IBM Security Bulletin: Multiple vulnerabilities in current releases of the IBM® SDK, Java™ Technology Edition
-
http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html
Apple - Lists.apple.com
-
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html
Multiple Vulnerabilities in Cosminexus: Software Vulnerability Information: Software: Hitachi
-
http://www.ubuntu.com/usn/USN-2089-1
USN-2089-1: OpenJDK 7 vulnerabilities | Ubuntu security notices
-
http://www.ubuntu.com/usn/USN-2033-1
USN-2033-1: OpenJDK 6 vulnerabilities | Ubuntu security notices
-
http://security.gentoo.org/glsa/glsa-201406-32.xml
IcedTea JDK: Multiple vulnerabilities (GLSA 201406-32) — Gentoo security
Jump to