Vulnerability in Oracle Jdk
CVE-2013-5809
Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality, integrity, and availability via un…
EPSS: 0.107 (93.5th percentile) — read the EPSS interpretation.
Affected products
- Oracle Jdk — versions 1.6.0, 1.5.0, 1.7.0
- Oracle Jre — versions 1.5.0, 1.6.0, 1.7.0
- Sun Jdk — versions 1.6.0, 1.5.0
- Sun Jre — versions 1.5.0, 1.6.0
- N/a — versions n/a
Public proof-of-concept exploits
References
- RHSA-2014:0414 (x_refsource_REDHAT, vendor-advisory)
- GLSA-201406-32 (vendor-advisory, x_refsource_GENTOO)
- RHSA-2013:1447 (x_refsource_REDHAT, vendor-advisory)
- RHSA-2013:1440 (x_refsource_REDHAT, vendor-advisory)
- USN-2033-1 (x_refsource_UBUNTU, vendor-advisory)
- USN-2089-1 (x_refsource_UBUNTU, vendor-advisory)
- oval:org.mitre.oval:def:18504 (x_refsource_OVAL, signature, vdb-entry)
- RHSA-2013:1508 (x_refsource_REDHAT, vendor-advisory)
- SUSE-SU-2013:1677 (vendor-advisory, x_refsource_SUSE)
- secalert_us@oracle.com (x_refsource_CONFIRM)
Frequently asked questions
- What is CVE-2013-5809?
- CVE-2013-5809 is a vulnerability in Oracle Jdk. Published 2013-10-16.
- Is CVE-2013-5809 known to be exploited?
- 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.