JVN/CVE Demo: Cveinfos

CVE

Id: 62376
CVE No.: CVE-2013-2429
Status: Candidate
Description: Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to ImageIO. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to "JPEGImageWriter state corruption" when using native code, which triggers memory corruption.
Phase: Assigned (20130305)
Votes: None (candidate not yet proposed)
Comments

Actions

Related CVE References

Id	CVE Id	CVE No.	Reference	Actions
623427	62376	CVE-2013-2429	MLIST:[distro-pkg-dev] 20130417 [SECURITY] IcedTea 1.11.10 for OpenJDK 6 Released!	View
623428	62376	CVE-2013-2429	URL:http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2013-April/022796.html	View
623429	62376	CVE-2013-2429	MISC:http://hg.openjdk.java.net/jdk7u/jdk7u-dev/jdk/rev/90c9f1577a0b	View
623430	62376	CVE-2013-2429	MISC:https://bugzilla.redhat.com/show_bug.cgi?id=952521	View
623431	62376	CVE-2013-2429	CONFIRM:http://www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html	View
623432	62376	CVE-2013-2429	CONFIRM:http://blog.fuseyism.com/index.php/2013/04/22/security-icedtea-2-3-9-for-openjdk-7-released/	View
623433	62376	CVE-2013-2429	CONFIRM:http://blog.fuseyism.com/index.php/2013/04/25/security-icedtea-1-11-11-1-12-5-for-openjdk-6-released/	View
623434	62376	CVE-2013-2429	CONFIRM:https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0124	View
623435	62376	CVE-2013-2429	CONFIRM:https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0130	View
623436	62376	CVE-2013-2429	APPLE:APPLE-SA-2013-04-16-2	View
623437	62376	CVE-2013-2429	URL:http://lists.apple.com/archives/security-announce/2013/Apr/msg00001.html	View
623438	62376	CVE-2013-2429	GENTOO:GLSA-201406-32	View
623439	62376	CVE-2013-2429	URL:http://security.gentoo.org/glsa/glsa-201406-32.xml	View
623440	62376	CVE-2013-2429	HP:HPSBUX02889	View
623441	62376	CVE-2013-2429	URL:http://marc.info/?l=bugtraq&m=137283787217316&w=2	View
623442	62376	CVE-2013-2429	HP:SSRT101252	View
623443	62376	CVE-2013-2429	URL:http://marc.info/?l=bugtraq&m=137283787217316&w=2	View
623444	62376	CVE-2013-2429	HP:HPSBUX02922	View
623445	62376	CVE-2013-2429	URL:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880	View
623446	62376	CVE-2013-2429	HP:SSRT101305	View
623447	62376	CVE-2013-2429	URL:http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03898880	View
623448	62376	CVE-2013-2429	MANDRIVA:MDVSA-2013:145	View
623449	62376	CVE-2013-2429	URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:145	View
623450	62376	CVE-2013-2429	MANDRIVA:MDVSA-2013:161	View
623451	62376	CVE-2013-2429	URL:http://www.mandriva.com/security/advisories?name=MDVSA-2013:161	View
623452	62376	CVE-2013-2429	REDHAT:RHSA-2013:0752	View
623453	62376	CVE-2013-2429	URL:http://rhn.redhat.com/errata/RHSA-2013-0752.html	View
623454	62376	CVE-2013-2429	REDHAT:RHSA-2013:0757	View
623455	62376	CVE-2013-2429	URL:http://rhn.redhat.com/errata/RHSA-2013-0757.html	View
623456	62376	CVE-2013-2429	REDHAT:RHSA-2013:0758	View
623457	62376	CVE-2013-2429	URL:http://rhn.redhat.com/errata/RHSA-2013-0758.html	View
623458	62376	CVE-2013-2429	REDHAT:RHSA-2013:1455	View
623459	62376	CVE-2013-2429	URL:http://rhn.redhat.com/errata/RHSA-2013-1455.html	View
623460	62376	CVE-2013-2429	REDHAT:RHSA-2013:1456	View
623461	62376	CVE-2013-2429	URL:http://rhn.redhat.com/errata/RHSA-2013-1456.html	View
623462	62376	CVE-2013-2429	SUSE:SUSE-SU-2013:0814	View
623463	62376	CVE-2013-2429	URL:http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00007.html	View
623464	62376	CVE-2013-2429	SUSE:openSUSE-SU-2013:0777	View
623465	62376	CVE-2013-2429	URL:http://lists.opensuse.org/opensuse-updates/2013-05/msg00017.html	View
623466	62376	CVE-2013-2429	SUSE:SUSE-SU-2013:0835	View
623467	62376	CVE-2013-2429	URL:http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00013.html	View
623468	62376	CVE-2013-2429	SUSE:SUSE-SU-2013:0871	View
623469	62376	CVE-2013-2429	URL:http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00001.html	View
623470	62376	CVE-2013-2429	SUSE:SUSE-SU-2013:0934	View
623471	62376	CVE-2013-2429	URL:http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00007.html	View
623472	62376	CVE-2013-2429	SUSE:openSUSE-SU-2013:0964	View
623473	62376	CVE-2013-2429	URL:http://lists.opensuse.org/opensuse-updates/2013-06/msg00099.html	View
623474	62376	CVE-2013-2429	UBUNTU:USN-1806-1	View
623475	62376	CVE-2013-2429	URL:http://www.ubuntu.com/usn/USN-1806-1	View
623476	62376	CVE-2013-2429	CERT:TA13-107A	View
623477	62376	CVE-2013-2429	URL:http://www.us-cert.gov/ncas/alerts/TA13-107A	View
623478	62376	CVE-2013-2429	OVAL:oval:org.mitre.oval:def:19107	View
623479	62376	CVE-2013-2429	URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:19107	View
623480	62376	CVE-2013-2429	OVAL:oval:org.mitre.oval:def:19203	View

Related JVN

Id	JVN No.	Title	Summary	CVE No.	CVE Id	CVSS_v2	CVSS_v3	JVN URL	Actions
20822	JVNDB-2013-002397	Oracle Java SE および JavaFX の Java Runtime Environment における 2D の処理に関する脆弱性	Oracle Java SE および JavaFX の Java Runtime Environment (JRE) には、2D に関する処理に不備があるため、機密性、完全性、可用性に影響のある脆弱性が存在します。	CVE-2013-2434	62376	10		http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-002397.html	View

Message	Memory use
Component initialization	1.39 MB
Controller action start	1.49 MB
Controller render start	2.35 MB
View render complete	2.84 MB

Message	Time in ms	Graph
Core Processing (Derived from $_SERVER["REQUEST_TIME"])	2.79
Event: Controller.initialize	0.02
Event: Controller.startup	0.06
Controller action	785.46
Event: Controller.beforeRender	5.06
» Processing toolbar data	4.97
Rendering View	16.16
» Event: View.beforeRender	0.02
» Rendering APP/View/Cveinfos/view.ctp	15.20
» Event: View.afterRender	0.02
» Event: View.beforeLayout	0.02
» Rendering APP/View/Layouts/default.ctp	0.53
» » Rendering CORE/Cake/View/Elements/sql_dump.ctp	0.09
Event: View.afterLayout	0.00

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/cveinfos/view/62376
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/cveinfos/view/62376
Remote Port	9265
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	216.73.216.147
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Connection	close
Http Cache Control	max-age=259200
Http X Forwarded For	10.3.70.135
Http Via	1.1 squid-proxy-5b5d847c96-hgfvd (squid/6.10)
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	/
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Suspectdos	1
X Dostranslated Ip	216.73.216.147
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	216.73.216.147
Unique Id	aKX7NfqIracquLDXTz-Y3QAAAfg
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Suspectdos	1
Redirect X Dostranslated Ip	216.73.216.147
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	216.73.216.147
Redirect Unique Id	aKX7NfqIracquLDXTz-Y3QAAAfg
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect Suspectdos	1
Redirect Redirect X Dostranslated Ip	216.73.216.147
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	216.73.216.147
Redirect Redirect Unique Id	aKX7NfqIracquLDXTz-Y3QAAAfg
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1755708214.9104
Request Time	1755708214

CVE

Actions

Related CVE References

Related JVN

Request History

Session

Request

Cake Params

Post data

Query string

Cookie

Current Route

Sql Logs

default

Memory

Timers

Logs

View Variables

App Constants

CakePHP Constants

PHP Environment

Included Files

Include Paths

Included Files