| Added |
CPE Configuration |
|
OR
*cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
*cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*
|
| Changed |
CPE Configuration |
OR
*cpe:2.3:a:oracle:jdk:1.7.0:*:*:*:*:*:*:*
*cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*
*cpe:2.3:a:oracle:jdk:1.7.0:update10:*:*:*:*:*:*
*cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*
*cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*
*cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*
*cpe:2.3:a:oracle:jdk:1.7.0:update5:*:*:*:*:*:*
*cpe:2.3:a:oracle:jdk:1.7.0:update6:*:*:*:*:*:*
*cpe:2.3:a:oracle:jdk:1.7.0:update7:*:*:*:*:*:*
*cpe:2.3:a:oracle:jdk:1.7.0:update9:*:*:*:*:*:*
*cpe:2.3:a:oracle:jre:1.7.0:*:*:*:*:*:*:*
*cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*
*cpe:2.3:a:oracle:jre:1.7.0:update10:*:*:*:*:*:*
*cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*
*cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*
*cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*
*cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*
*cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*
*cpe:2.3:a:oracle:jre:1.7.0:update7:*:*:*:*:*:*
*cpe:2.3:a:oracle:jre:1.7.0:update9:*:*:*:*:*:*
|
OR
*cpe:2.3:a:oracle:jdk:1.7.0:-:*:*:*:*:*:*
*cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*
*cpe:2.3:a:oracle:jdk:1.7.0:update10:*:*:*:*:*:*
*cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*
*cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*
*cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*
*cpe:2.3:a:oracle:jdk:1.7.0:update5:*:*:*:*:*:*
*cpe:2.3:a:oracle:jdk:1.7.0:update6:*:*:*:*:*:*
*cpe:2.3:a:oracle:jdk:1.7.0:update7:*:*:*:*:*:*
*cpe:2.3:a:oracle:jdk:1.7.0:update9:*:*:*:*:*:*
*cpe:2.3:a:oracle:jre:1.7.0:-:*:*:*:*:*:*
*cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*
*cpe:2.3:a:oracle:jre:1.7.0:update10:*:*:*:*:*:*
*cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*
*cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*
*cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*
*cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*
*cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*
*cpe:2.3:a:oracle:jre:1.7.0:update7:*:*:*:*:*:*
*cpe:2.3:a:oracle:jre:1.7.0:update9:*:*:*:*:*:*
|
| Removed |
Evaluator Impact |
Per: http://www.oracle.com/technetwork/java/javase/downloads/jdk7-downloads-1880260.html
'Note: JDK and JRE 6, 5.0 and 1.4.2, and Java SE Embedded JRE releases are not affected.'
|
|
| Changed |
Reference Type |
http://blog.fireeye.com/research/2013/01/happy-new-year-from-new-java-zero-day.html No Types Assigned
|
http://blog.fireeye.com/research/2013/01/happy-new-year-from-new-java-zero-day.html Not Applicable
|
| Changed |
Reference Type |
http://blog.fuseyism.com/index.php/2013/01/15/security-icedtea-2-1-4-2-2-4-2-3-4-released/ No Types Assigned
|
http://blog.fuseyism.com/index.php/2013/01/15/security-icedtea-2-1-4-2-2-4-2-3-4-released/ Broken Link
|
| Changed |
Reference Type |
http://immunityproducts.blogspot.ca/2013/01/confirmed-java-only-fixed-one-of-two.html No Types Assigned
|
http://immunityproducts.blogspot.ca/2013/01/confirmed-java-only-fixed-one-of-two.html Third Party Advisory
|
| Changed |
Reference Type |
http://krebsonsecurity.com/2013/01/zero-day-java-exploit-debuts-in-crimeware/ No Types Assigned
|
http://krebsonsecurity.com/2013/01/zero-day-java-exploit-debuts-in-crimeware/ Third Party Advisory
|
| Changed |
Reference Type |
http://labs.alienvault.com/labs/index.php/2013/new-year-new-java-zeroday/ No Types Assigned
|
http://labs.alienvault.com/labs/index.php/2013/new-year-new-java-zeroday/ Broken Link, Third Party Advisory
|
| Changed |
Reference Type |
http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00025.html No Types Assigned
|
http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00025.html Mailing List, Third Party Advisory
|
| Changed |
Reference Type |
http://malware.dontneedcoffee.com/2013/01/0-day-17u10-spotted-in-while-disable.html No Types Assigned
|
http://malware.dontneedcoffee.com/2013/01/0-day-17u10-spotted-in-while-disable.html Third Party Advisory
|
| Changed |
Reference Type |
http://rhn.redhat.com/errata/RHSA-2013-0156.html No Types Assigned
|
http://rhn.redhat.com/errata/RHSA-2013-0156.html Third Party Advisory
|
| Changed |
Reference Type |
http://rhn.redhat.com/errata/RHSA-2013-0165.html No Types Assigned
|
http://rhn.redhat.com/errata/RHSA-2013-0165.html Third Party Advisory
|
| Changed |
Reference Type |
http://seclists.org/bugtraq/2013/Jan/48 No Types Assigned
|
http://seclists.org/bugtraq/2013/Jan/48 Mailing List, Third Party Advisory
|
| Changed |
Reference Type |
http://www.kb.cert.org/vuls/id/625617 US Government Resource
|
http://www.kb.cert.org/vuls/id/625617 Third Party Advisory, US Government Resource
|
| Changed |
Reference Type |
http://www.mandriva.com/security/advisories?name=MDVSA-2013:095 No Types Assigned
|
http://www.mandriva.com/security/advisories?name=MDVSA-2013:095 Not Applicable
|
| Changed |
Reference Type |
http://www.oracle.com/technetwork/topics/security/alert-cve-2013-0422-1896849.html No Types Assigned
|
http://www.oracle.com/technetwork/topics/security/alert-cve-2013-0422-1896849.html Vendor Advisory
|
| Changed |
Reference Type |
http://www.ubuntu.com/usn/USN-1693-1 No Types Assigned
|
http://www.ubuntu.com/usn/USN-1693-1 Third Party Advisory
|
| Changed |
Reference Type |
http://www.us-cert.gov/cas/techalerts/TA13-010A.html US Government Resource
|
http://www.us-cert.gov/cas/techalerts/TA13-010A.html Third Party Advisory, US Government Resource
|
| Changed |
Reference Type |
https://partners.immunityinc.com/idocs/Java%20MBeanInstantiator.findClass%200day%20Analysis.pdf No Types Assigned
|
https://partners.immunityinc.com/idocs/Java%20MBeanInstantiator.findClass%200day%20Analysis.pdf Broken Link
|
| Changed |
Reference Type |
https://threatpost.com/en_us/blogs/nasty-new-java-zero-day-found-exploit-kits-already-have-it-011013 No Types Assigned
|
https://threatpost.com/en_us/blogs/nasty-new-java-zero-day-found-exploit-kits-already-have-it-011013 Not Applicable
|
| Changed |
Reference Type |
https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0018 No Types Assigned
|
https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0018 Third Party Advisory
|
| Changed |
Reference Type |
https://www-304.ibm.com/connections/blogs/PSIRT/entry/oracle_java_7_security_manager_bypass_vulnerability_cve_2013_04224?lang=en_us No Types Assigned
|
https://www-304.ibm.com/connections/blogs/PSIRT/entry/oracle_java_7_security_manager_bypass_vulnerability_cve_2013_04224?lang=en_us Not Applicable
|
) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
