Oracle Java SE CVE-2013-2431 Remote Java Runtime Environment Vulnerability
BID:59165
Info
Oracle Java SE CVE-2013-2431 Remote Java Runtime Environment Vulnerability
| Bugtraq ID: | 59165 |
| Class: | Unknown |
| CVE: |
CVE-2013-2431 |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 16 2013 12:00AM |
| Updated: | Apr 13 2015 10:24PM |
| Credit: | Oracle |
| Vulnerable: |
Ubuntu Ubuntu Linux 10.04 LTS SuSE SUSE Linux Enterprise Desktop 11 SP2 Sun JRE (Windows Production Release) 1.7.0_4 Sun JRE (Windows Production Release) 1.7.0_2 Sun JRE (Windows Production Release) 1.7 Sun JRE (Solaris Production Release) 1.7.0_4 Sun JRE (Solaris Production Release) 1.7.0_2 Sun JRE (Solaris Production Release) 1.7 Sun JRE (Linux Production Release) 1.7.0_4 Sun JRE (Linux Production Release) 1.7.0_2 Sun JRE (Linux Production Release) 1.7 Sun JDK (Windows Production Release) 1.7 Sun JDK (Windows Production Release) 1.7.0_4 Sun JDK (Windows Production Release) 1.7.0_2 Sun JDK (Solaris Production Release) 1.7 Sun JDK (Solaris Production Release) 1.7.0_4 Sun JDK (Solaris Production Release) 1.7.0_2 Sun JDK (Linux Production Release) 1.7 Sun JDK (Linux Production Release) 1.7.0_4 Sun JDK (Linux Production Release) 1.7.0_2 Red Hat Enterprise Linux Workstation Supplementary 6 Red Hat Enterprise Linux Workstation Optional 6 Red Hat Enterprise Linux Workstation 6 Red Hat Enterprise Linux Supplementary 5 server Red Hat Enterprise Linux Server Supplementary 6 Red Hat Enterprise Linux Server Optional 6 Red Hat Enterprise Linux Server 6 Red Hat Enterprise Linux HPC Node Supplementary 6 Red Hat Enterprise Linux HPC Node Optional 6 Red Hat Enterprise Linux HPC Node 6 Red Hat Enterprise Linux Desktop Supplementary 6 Red Hat Enterprise Linux Desktop Supplementary 5 client Red Hat Enterprise Linux Desktop Optional 6 Red Hat Enterprise Linux Desktop 6 Red Hat Enterprise Linux Desktop 5 client Red Hat Enterprise Linux 5 Server Oracle Enterprise Linux 6.2 Oracle Enterprise Linux 6 Oracle Enterprise Linux 5 MandrakeSoft Enterprise Server 5 x86_64 MandrakeSoft Enterprise Server 5 IBM Tivoli Monitoring 6.2.3 IBM Tivoli Monitoring 6.2.2 IBM Tivoli Monitoring 6.2.1 IBM Maximo Asset Management Essentials 7.5 IBM Maximo Asset Management Essentials 7.1 IBM Maximo Asset Management Essentials 6.2 IBM Maximo Asset Management 7.5 IBM Maximo Asset Management 7.1 IBM Maximo Asset Management 6.2 IBM Lotus Notes 8.5.3 IBM Lotus Notes 8.5.2 IBM Lotus Notes 8.5.1 IBM Lotus Notes 8.0.2 IBM Lotus Notes 8.5.2.3 IBM Lotus Notes 8.5.2.2 IBM Lotus Notes 8.5.2.1 IBM Lotus Notes 8.5.1.5 IBM Lotus Notes 8.5.1.4 IBM Lotus Notes 8.5.1.3 IBM Lotus Notes 8.5.1.2 IBM Lotus Notes 8.5.0.1 IBM Lotus Notes 8.5 IBM Lotus Notes 8.0.2.6 IBM Lotus Notes 8.0.2.5 IBM Lotus Notes 8.0.2.4 IBM Lotus Notes 8.0.2.3 IBM Lotus Notes 8.0.2.2 IBM Lotus Notes 8.0.2.1 IBM Lotus Notes 8.0 IBM Lotus Domino 8.5.3 IBM Lotus Domino 8.5.2 IBM Lotus Domino 8.5.1 IBM Lotus Domino 8.5 IBM Lotus Domino 8.0.2 IBM Lotus Domino 8.0.1 IBM Lotus Domino 8.5.1.1 IBM Lotus Domino 8.5.0.1 IBM Lotus Domino 8.0.2.4 IBM Lotus Domino 8.0.2.3 IBM Lotus Domino 8.0.2.2 IBM Lotus Domino 8.0.2.1 IBM Lotus Domino 8.0 Gentoo Linux CentOS CentOS 6 CentOS CentOS 5 Avaya Voice Portal 5.1.2 Avaya Voice Portal 5.1.1 Avaya Voice Portal 5.1 Avaya Voice Portal 5.0 SP1 Avaya Voice Portal 5.0 Avaya Proactive Contact 5.0 Avaya Message Networking 5.2.1 Avaya Message Networking 5.2.4 Avaya Message Networking 5.2.3 Avaya Message Networking 5.2.2 Avaya Meeting Exchange 6.0 Avaya Meeting Exchange 5.2 Avaya IP Office Application Server 8.1 Avaya IP Office Application Server 8.0 Avaya Communication Server 1000M Signaling Server 7.5 Avaya Communication Server 1000M Signaling Server 7.0 Avaya Communication Server 1000M Signaling Server 6.0 Avaya Communication Server 1000M 7.5 Avaya Communication Server 1000M 7.0 Avaya Communication Server 1000M 6.0 Avaya Communication Server 1000E Signaling Server 7.5 Avaya Communication Server 1000E Signaling Server 7.0 Avaya Communication Server 1000E Signaling Server 6.0 Avaya Communication Server 1000E 7.5 Avaya Communication Server 1000E 7.0 Avaya Communication Server 1000E 6.0 Avaya Aura System Platform 6.0.2 Avaya Aura System Platform 6.0.1 Avaya Aura System Platform 6.0 SP3 Avaya Aura System Platform 6.0 SP2 Avaya Aura System Platform 6.0 Avaya Aura System Platform 1.1 Avaya Aura System Manager 6.2 Avaya Aura System Manager 6.1.3 Avaya Aura System Manager 6.1.2 Avaya Aura System Manager 6.1.1 Avaya Aura System Manager 6.1 SP2 Avaya Aura System Manager 6.1 Sp1 Avaya Aura System Manager 6.1 Avaya Aura System Manager 6.0 SP1 Avaya Aura System Manager 6.0 Avaya Aura System Manager 5.2 Avaya Aura SIP Enablement Services 5.2.1 Avaya Aura SIP Enablement Services 5.2 Avaya Aura Session Manager 6.2.1 Avaya Aura Session Manager 6.1.3 Avaya Aura Session Manager 6.1.2 Avaya Aura Session Manager 6.1.1 Avaya Aura Session Manager 6.2 Avaya Aura Session Manager 6.1 SP2 Avaya Aura Session Manager 6.1 Sp1 Avaya Aura Session Manager 6.1 Avaya Aura Session Manager 6.0 SP1 Avaya Aura Session Manager 6.0 Avaya Aura Session Manager 5.2 SP2 Avaya Aura Session Manager 5.2 SP1 Avaya Aura Session Manager 5.2 Avaya Aura Presence Services 6.1.1 Avaya Aura Presence Services 6.1 Avaya Aura Presence Services 6.0 Avaya Aura Messaging 6.1 Avaya Aura Messaging 6.0.1 Avaya Aura Messaging 6.0 Avaya Aura Experience Portal 6.0 Avaya Aura Conferencing 6.0 Standard Avaya Aura Conferencing 6.0 SP1 Standard Avaya Aura Communication Manager Utility Services 6.2 Avaya Aura Communication Manager Utility Services 6.1 Avaya Aura Communication Manager Utility Services 6.0 Avaya Aura Application Server 5300 SIP Core 2.0 Avaya Aura Application Enablement Services 5.2.1 Avaya Aura Application Enablement Services 6.1.1 Avaya Aura Application Enablement Services 6.1 Avaya Aura Application Enablement Services 5.2.3 Avaya Aura Application Enablement Services 5.2.2 Avaya Aura Application Enablement Services 5.2 |
| Not Vulnerable: | |
Discussion
Oracle Java SE CVE-2013-2431 Remote Java Runtime Environment Vulnerability
Oracle Java SE is prone to a remote vulnerability in Java Runtime Environment.
The vulnerability can be exploited over multiple protocols. This issue affects the 'Hotspot' sub-component.
This vulnerability affects the following supported versions:
7 Update 17
Oracle Java SE is prone to a remote vulnerability in Java Runtime Environment.
The vulnerability can be exploited over multiple protocols. This issue affects the 'Hotspot' sub-component.
This vulnerability affects the following supported versions:
7 Update 17
Exploit / POC
Oracle Java SE CVE-2013-2431 Remote Java Runtime Environment Vulnerability
Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
Oracle Java SE CVE-2013-2431 Remote Java Runtime Environment Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
MandrakeSoft Enterprise Server 5
Solution:
Updates are available. Please see the references or vendor advisory for more information.
MandrakeSoft Enterprise Server 5
-
Mandriva java-1.6.0-openjdk-1.6.0.0-35.b24.5mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva java-1.6.0-openjdk-demo-1.6.0.0-35.b24.5mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva java-1.6.0-openjdk-devel-1.6.0.0-35.b24.5mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva java-1.6.0-openjdk-javadoc-1.6.0.0-35.b24.5mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/ -
Mandriva java-1.6.0-openjdk-src-1.6.0.0-35.b24.5mdvmes5.2.i586.rpm
http://www.mandriva.com/en/downloads/
References
Oracle Java SE CVE-2013-2431 Remote Java Runtime Environment Vulnerability
References:
References:
- IBM Tivoli Composite Application Manager for Transactions Response Time 7.3.0.1 (IBM)
- Oracle Java Critical Patch Update (April 2013) (Avaya)
- Security Bulletin: IBM Tivoli Composite Application Manager for Transactions aff (IBM)
- java-1.6.0-openjdk security update (RHSA-2013-0770) (Avaya)
- IBM Tivoli Monitoring clients affected by vulnerabilities in IBM JRE executed un (IBM)
- java-1.6.0-openjdk security update (RHSA-2013-0770) (Avaya)
- Oracle Java SE Critical Patch Update Advisory - April 2013 (Oracle)
- Potential security vulnerabilities with JavaTM SDKs (IBM)
- Security Bulletin: IBM Intelligent Operations Center 1.5 WebSphere Application S (IBM)
- Security Bulletin: IBM Notes & Domino fixes for multiple vulnerabilities in IBM (IBM)
- Security Bulletin: IBM Smart Analytics System 5600 is affected by vulnerabilitie (IBM)
- Security Bulletin: IBM Tivoli System Automation for Integrated Operations Manage (IBM)
- Security Bulletin: IBM Virtualization Engine TS7700 13 Multiple Java CVEs from (IBM)