U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:a:oracle:jdk:1.7.0:update65:*:*:*:*:*:*
  • CPE Name Search: true
There are 208 matching records.
Displaying matches 81 through 100.
Vuln ID Summary CVSS Severity
CVE-2013-2407

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and 6 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality and availability via unknown vectors related to Libraries. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "XML security and the class loader."

Published: June 18, 2013; 6:55:01 PM -0400
V3.x:(not available)
V2.0: 6.4 MEDIUM
CVE-2013-2400

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-3744.

Published: June 18, 2013; 6:55:01 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2013-1571

Unspecified vulnerability in the Javadoc component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier; JavaFX 2.2.21 and earlier; and OpenJDK 7 allows remote attackers to affect integrity via unknown vectors related to Javadoc. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to frame injection in HTML that is generated by Javadoc.

Published: June 18, 2013; 6:55:01 PM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2013-1500

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows local users to affect confidentiality and integrity via unknown vectors related to 2D. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to weak permissions for shared memory.

Published: June 18, 2013; 6:55:01 PM -0400
V3.x:(not available)
V2.0: 3.6 LOW
CVE-2013-2440

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2435.

Published: April 17, 2013; 2:55:07 PM -0400
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2013-2439

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5.0 Update 41 and earlier, and JavaFX 2.2.7 and earlier allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Install.

Published: April 17, 2013; 2:55:07 PM -0400
V3.x:(not available)
V2.0: 6.9 MEDIUM
CVE-2013-2438

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier allows remote attackers to affect integrity via unknown vectors related to JavaFX.

Published: April 17, 2013; 2:55:07 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2013-2436

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2013-1488 and CVE-2013-2426. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect "type checks" and "method handle binding" involving Wrapper.convert.

Published: April 17, 2013; 2:55:07 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2013-2435

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2440.

Published: April 17, 2013; 2:55:07 PM -0400
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2013-2434

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.

Published: April 17, 2013; 2:55:07 PM -0400
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2013-2433

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-1540.

Published: April 17, 2013; 2:55:07 PM -0400
V3.x:(not available)
V2.0: 4.3 MEDIUM
CVE-2013-2432

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, 5.0 Update 41 and earlier, and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2013-2394 and CVE-2013-1491.

Published: April 17, 2013; 2:55:07 PM -0400
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2013-2431

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to HotSpot. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to bypassing the Java sandbox using "method handle intrinsic frames."

Published: April 17, 2013; 2:55:07 PM -0400
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2013-2430

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; JavaFX 2.2.7 and earlier; and OpenJDK 6 and 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to ImageIO. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "JPEGImageReader state corruption" when using native code.

Published: April 17, 2013; 2:55:07 PM -0400
V3.x:(not available)
V2.0: 7.6 HIGH
CVE-2013-2429

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to ImageIO. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "JPEGImageWriter state corruption" when using native code, which triggers memory corruption.

Published: April 17, 2013; 2:55:07 PM -0400
V3.x:(not available)
V2.0: 7.6 HIGH
CVE-2013-2428

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX, a different vulnerability than CVE-2013-0402, CVE-2013-2414, and CVE-2013-2427.

Published: April 17, 2013; 2:55:07 PM -0400
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2013-2427

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and JavaFX 2.2.7 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX, a different vulnerability than CVE-2013-0402, CVE-2013-2414, and CVE-2013-2428.

Published: April 17, 2013; 2:55:07 PM -0400
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2013-2426

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to incorrect invocation of the defaultReadObject method in the ConcurrentHashMap class, which allows remote attackers to bypass the Java sandbox.

Published: April 17, 2013; 2:55:07 PM -0400
V3.x:(not available)
V2.0: 9.3 HIGH
CVE-2013-2425

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install.

Published: April 17, 2013; 2:55:07 PM -0400
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2013-2424

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality via vectors related to JMX. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "insufficient class access checks" when "creating new instances" using MBeanInstantiator.

Published: April 17, 2013; 2:55:07 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM