U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): cpe:2.3:a:oracle:jdk:1.5.0:update39:*:*:*:*:*:*
  • CPE Name Search: true
There are 33 matching records.
Displaying matches 1 through 20.
Vuln ID Summary CVSS Severity
CVE-2013-4578

jarsigner in OpenJDK and Oracle Java SE before 7u51 allows remote attackers to bypass a code-signing protection mechanism and inject unsigned bytecode into a signed JAR file by leveraging improper file validation.

Published: December 29, 2017; 5:29:00 PM -0500
V4.0:(not available)
V3.0: 5.3 MEDIUM
V2.0: 5.0 MEDIUM
CVE-2013-5843

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JavaFX 2.2.40 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.

Published: October 16, 2013; 1:55:06 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2013-5842

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-5850.

Published: October 16, 2013; 1:55:06 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2013-5830

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.

Published: October 16, 2013; 1:55:05 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2013-5829

Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-5809.

Published: October 16, 2013; 1:55:05 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2013-5788

Unspecified vulnerability in Oracle Java SE 7u40 and earlier and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.

Published: October 16, 2013; 11:55:34 AM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2013-3743

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 6 Update 45 and earlier and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT.

Published: June 18, 2013; 6:55:02 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2013-2473

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect ByteBandedRaster size checks" in 2D.

Published: June 18, 2013; 6:55:02 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2013-2472

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect ShortBandedRaster size checks" in 2D.

Published: June 18, 2013; 6:55:02 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2013-2471

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect IntegerComponentRaster size checks."

Published: June 18, 2013; 6:55:02 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2013-2470

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "ImagingLib byte lookup processing."

Published: June 18, 2013; 6:55:02 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2013-2469

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect image layout verification" in 2D.

Published: June 18, 2013; 6:55:02 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2013-2467

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 5.0 Update 45 and earlier allows local users to affect confidentiality, integrity, and availability via unknown vectors related to the Java installer.

Published: June 18, 2013; 6:55:02 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 6.9 MEDIUM
CVE-2013-2464

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-2463, CVE-2013-2465, CVE-2013-2469, CVE-2013-2470, CVE-2013-2471, CVE-2013-2472, and CVE-2013-2473.

Published: June 18, 2013; 6:55:02 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2013-2463

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "Incorrect image attribute verification" in 2D.

Published: June 18, 2013; 6:55:02 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2013-2459

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "integer overflow checks."

Published: June 18, 2013; 6:55:02 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2013-2457

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect integrity via vectors related to JMX. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is due to an incorrect implementation of "certain class checks" that allows remote attackers to bypass intended class restrictions.

Published: June 18, 2013; 6:55:02 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2013-2456

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Serialization. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper access checks for subclasses in the ObjectOutputStream class.

Published: June 18, 2013; 6:55:02 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2013-2455

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Libraries, a different vulnerability than CVE-2013-2443 and CVE-2013-2452. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect access checks by the (1) getEnclosingClass, (2) getEnclosingMethod, and (3) getEnclosingConstructor methods.

Published: June 18, 2013; 6:55:02 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2013-2454

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality and integrity via vectors related to JDBC. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue does not properly restrict access to certain class packages in the SerialJavaObject class, which allows remote attackers to bypass the Java sandbox.

Published: June 18, 2013; 6:55:02 PM -0400
V4.0:(not available)
V3.x:(not available)
V2.0: 5.8 MEDIUM