Vulnerability in Oracle Jdk
CVE-2013-5803
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to…
EPSS: 0.058 (90.6th percentile) — read the EPSS interpretation.
Affected products
- Oracle Jdk — versions 1.6.0, 1.7.0, 1.5.0
- Oracle Jre — versions 1.6.0, 1.7.0, 1.5.0
- Oracle Jrockit — versions r27.7.1, r27.7.2, r27.7.3
- Sun Jdk — versions 1.6.0, 1.5.0
- Sun Jre — versions 1.6.0, 1.5.0
- N/a — versions n/a
Public proof-of-concept exploits
References
- RHSA-2014:0414 (x_refsource_REDHAT, vendor-advisory)
- GLSA-201406-32 (vendor-advisory, x_refsource_GENTOO)
- RHSA-2013:1447 (x_refsource_REDHAT, vendor-advisory)
- RHSA-2013:1440 (x_refsource_REDHAT, vendor-advisory)
- 63082 (vdb-entry, x_refsource_BID)
- USN-2033-1 (x_refsource_UBUNTU, vendor-advisory)
- USN-2089-1 (x_refsource_UBUNTU, vendor-advisory)
- RHSA-2013:1508 (x_refsource_REDHAT, vendor-advisory)
- SUSE-SU-2013:1677 (vendor-advisory, x_refsource_SUSE)
- HPSBUX02944 (x_refsource_HP, vendor-advisory)
Frequently asked questions
- What is CVE-2013-5803?
- CVE-2013-5803 is a vulnerability in Oracle Jdk. Published 2013-10-16.
- Is CVE-2013-5803 known to be exploited?
- 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.