CVE-2013-2380

Unspecified vulnerability in the Oracle JRockit component in Oracle Fusion Middleware R27.7.4 and earlier and R28.2.6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this might be a duplicate of CVE-2013-1537 and CVE-2013-2415. If so, then CVE-2013-2380 might be REJECTed in the future.

CVSS v2.0 10.0 HIGH

10.0^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html	Vendor Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150

Advertisement

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:oracle:jrockit:r27.2:::::::*
	cpe:2.3:a:oracle:jrockit:r27.1:::::::*
	cpe:2.3:a:oracle:jrockit:r28.1.4:::::::*
	cpe:2.3:a:oracle:fusion_middleware:-:::::::*
	cpe:2.3:a:oracle:jrockit::::::::
	cpe:2.3:a:oracle:jrockit:r28.0.0:::::::*
	cpe:2.3:a:oracle:jrockit::::::::
	cpe:2.3:a:oracle:jrockit:r28.0.1:::::::*
	cpe:2.3:a:oracle:jrockit:r28.0.2:::::::*
	cpe:2.3:a:oracle:jrockit:r28.1.0:::::::*
	cpe:2.3:a:oracle:jrockit:r27.3.1:::::::*
	cpe:2.3:a:oracle:jrockit:r27.3:::::::*
	cpe:2.3:a:oracle:jrockit:r28.1.1:::::::*
	cpe:2.3:a:oracle:jrockit:r28.1.3:::::::*

Information

Published : 2013-04-17 10:55

Updated : 2013-10-10 20:51

NVD link : CVE-2013-2380

Mitre link : CVE-2013-2380

JSON object : View

CWE

NVD-CWE-noinfo

Advertisement

Products Affected

oracle

jrockit
fusion_middleware

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html", "name": "http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html", "tags": ["Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150", "name": "MDVSA-2013:150", "tags": [], "refsource": "MANDRIVA"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Unspecified vulnerability in the Oracle JRockit component in Oracle Fusion Middleware R27.7.4 and earlier and R28.2.6 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this might be a duplicate of CVE-2013-1537 and CVE-2013-2415. If so, then CVE-2013-2380 might be REJECTed in the future."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2013-2380", "ASSIGNER": "secalert_us@oracle.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "HIGH", "impactScore": 10.0, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2013-04-17T17:55Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:oracle:jrockit:r27.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:jrockit:r27.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:jrockit:r28.1.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:fusion_middleware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:jrockit:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "r28.2.6"}, {"cpe23Uri": "cpe:2.3:a:oracle:jrockit:r28.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:jrockit:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "r27.4"}, {"cpe23Uri": "cpe:2.3:a:oracle:jrockit:r28.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:jrockit:r28.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:jrockit:r28.1.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:jrockit:r27.3.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:jrockit:r27.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:jrockit:r28.1.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:jrockit:r28.1.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2013-10-11T03:51Z"}