JVN/CVE Demo: Cveinfos

CVE

Id: 61440
CVE No.: CVE-2013-1493
Status: Candidate
Description: The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (crash) via an image with crafted raster parameters, which triggers (1) an out-of-bounds read or (2) memory corruption in the JVM, as exploited in the wild in February 2013.
Phase: Assigned (20130130)
Votes: None (candidate not yet proposed)
Comments

Actions

Related CVE References

Id	CVE Id	CVE No.	Reference	Actions
615230	61440	CVE-2013-1493	EXPLOIT-DB:24904	View
615231	61440	CVE-2013-1493	URL:http://www.exploit-db.com/exploits/24904	View
615232	61440	CVE-2013-1493	MLIST:[distro-pkg-dev] 20130304 [SECURITY] IcedTea6 1.11.9 and 1.12.4 Released!	View
615233	61440	CVE-2013-1493	URL:http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2013-March/022145.html	View
615234	61440	CVE-2013-1493	MISC:http://blog.fireeye.com/research/2013/02/yaj0-yet-another-java-zero-day-2.html	View
615235	61440	CVE-2013-1493	MISC:http://www.symantec.com/connect/blogs/latest-java-zero-day-shares-connections-bit9-security-incident	View
615236	61440	CVE-2013-1493	MISC:https://krebsonsecurity.com/2013/03/new-java-0-day-attack-echoes-bit9-breach/	View
615237	61440	CVE-2013-1493	MISC:https://twitter.com/jduck1337/status/307629902574800897	View
615238	61440	CVE-2013-1493	CONFIRM:http://www.oracle.com/ocom/groups/public/@otn/documents/webcontent/1915099.xml	View
615239	61440	CVE-2013-1493	CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=917553	View
615240	61440	CVE-2013-1493	CONFIRM:http://www.oracle.com/technetwork/topics/security/alert-cve-2013-1493-1915081.html	View
615241	61440	CVE-2013-1493	CONFIRM:https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0088	View
615242	61440	CVE-2013-1493	GENTOO:GLSA-201406-32	View
615243	61440	CVE-2013-1493	URL:http://security.gentoo.org/glsa/glsa-201406-32.xml	View
615244	61440	CVE-2013-1493	HP:HPSBUX02864	View
615245	61440	CVE-2013-1493	URL:http://marc.info/?l=bugtraq&m=136570436423916&w=2	View
615246	61440	CVE-2013-1493	HP:SSRT101156	View
615247	61440	CVE-2013-1493	URL:http://marc.info/?l=bugtraq&m=136570436423916&w=2	View
615248	61440	CVE-2013-1493	HP:HPSBUX02857	View
615249	61440	CVE-2013-1493	URL:http://marc.info/?l=bugtraq&m=136439120408139&w=2	View
615250	61440	CVE-2013-1493	HP:SSRT101103	View
615251	61440	CVE-2013-1493	URL:http://marc.info/?l=bugtraq&m=136439120408139&w=2	View
615252	61440	CVE-2013-1493	HP:HPSBMU02964	View
615253	61440	CVE-2013-1493	URL:http://h20565.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04117626-1	View
615254	61440	CVE-2013-1493	MANDRIVA:MDVSA-2013:095	View
615255	61440	CVE-2013-1493	URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:095	View
615256	61440	CVE-2013-1493	REDHAT:RHSA-2013:0601	View
615257	61440	CVE-2013-1493	URL:http://rhn.redhat.com/errata/RHSA-2013-0601.html	View
615258	61440	CVE-2013-1493	REDHAT:RHSA-2013:0603	View
615259	61440	CVE-2013-1493	URL:http://rhn.redhat.com/errata/RHSA-2013-0603.html	View
615260	61440	CVE-2013-1493	REDHAT:RHSA-2013:0604	View
615261	61440	CVE-2013-1493	URL:http://rhn.redhat.com/errata/RHSA-2013-0604.html	View
615262	61440	CVE-2013-1493	REDHAT:RHSA-2013:1455	View
615263	61440	CVE-2013-1493	URL:http://rhn.redhat.com/errata/RHSA-2013-1455.html	View
615264	61440	CVE-2013-1493	REDHAT:RHSA-2013:1456	View
615265	61440	CVE-2013-1493	URL:http://rhn.redhat.com/errata/RHSA-2013-1456.html	View
615266	61440	CVE-2013-1493	SUSE:SUSE-SU-2013:0434	View
615267	61440	CVE-2013-1493	URL:http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00011.html	View
615268	61440	CVE-2013-1493	SUSE:openSUSE-SU-2013:0430	View
615269	61440	CVE-2013-1493	URL:http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00009.html	View
615270	61440	CVE-2013-1493	SUSE:openSUSE-SU-2013:0438	View
615271	61440	CVE-2013-1493	URL:http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00012.html	View
615272	61440	CVE-2013-1493	SUSE:SUSE-SU-2013:0701	View
615273	61440	CVE-2013-1493	URL:http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00020.html	View
615274	61440	CVE-2013-1493	UBUNTU:USN-1755-2	View
615275	61440	CVE-2013-1493	URL:http://www.ubuntu.com/usn/USN-1755-2	View
615276	61440	CVE-2013-1493	CERT:TA13-064A	View
615277	61440	CVE-2013-1493	URL:http://www.us-cert.gov/ncas/alerts/TA13-064A	View
615278	61440	CVE-2013-1493	CERT-VN:VU#688246	View
615279	61440	CVE-2013-1493	URL:http://www.kb.cert.org/vuls/id/688246	View
615280	61440	CVE-2013-1493	OVAL:oval:org.mitre.oval:def:19246	View
615281	61440	CVE-2013-1493	URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:19246	View
615282	61440	CVE-2013-1493	OVAL:oval:org.mitre.oval:def:19477	View
615283	61440	CVE-2013-1493	URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:19477	View
615284	61440	CVE-2013-1493	SECTRACK:1029803	View

Related JVN

Id	JVN No.	Title	Summary	CVE No.	CVE Id	CVSS_v2	CVSS_v3	JVN URL	Actions
20686	JVNDB-2013-002261	Oracle Sun Solaris 10 および 11 における Kernel/IO の処理に関する脆弱性	Oracle Sun Solaris 10 および 11 には、Kernel/IO に関する処理に不備があるため、可用性に影響のある脆弱性が存在します。	CVE-2013-1498	61440	4.9		http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-002261.html	View

Message	Memory use
Component initialization	1.38 MB
Controller action start	1.48 MB
Controller render start	2.33 MB
View render complete	2.83 MB

Message	Time in ms	Graph
Core Processing (Derived from $_SERVER["REQUEST_TIME"])	3.32
Event: Controller.initialize	0.02
Event: Controller.startup	0.07
Controller action	422.80
Event: Controller.beforeRender	4.82
» Processing toolbar data	4.73
Rendering View	16.73
» Event: View.beforeRender	0.02
» Rendering APP/View/Cveinfos/view.ctp	15.70
» Event: View.afterRender	0.02
» Event: View.beforeLayout	0.02
» Rendering APP/View/Layouts/default.ctp	0.59
» » Rendering CORE/Cake/View/Elements/sql_dump.ctp	0.12
Event: View.afterLayout	0.00

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Http Connection	close
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/cveinfos/view/61440
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/cveinfos/view/61440
Remote Port	28835
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	18.221.244.218
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	/
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
X Dostranslated Ip	18.221.244.218
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	18.221.244.218
Unique Id	aBNxNvF7dHEcwsFw9Q9odAAAAGk
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect X Dostranslated Ip	18.221.244.218
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	18.221.244.218
Redirect Unique Id	aBNxNvF7dHEcwsFw9Q9odAAAAGk
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect X Dostranslated Ip	18.221.244.218
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	18.221.244.218
Redirect Redirect Unique Id	aBNxNvF7dHEcwsFw9Q9odAAAAGk
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1746104630.1129
Request Time	1746104630

CVE

Actions

Related CVE References

Related JVN

Request History

Session

Request

Cake Params

Post data

Query string

Cookie

Current Route

Sql Logs

default

Memory

Timers

Logs

View Variables

App Constants

CakePHP Constants

PHP Environment

Included Files

Include Paths

Included Files