NVD

Id
37681  
Name
CVE-2013-1489  
Description
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 10 and Update 11, when running on Windows using Internet Explorer, Firefox, Opera, and Google Chrome, allows remote attackers to bypass the "Very High" security level of the Java Control Panel and execute unsigned Java code without prompting the user via unknown vectors, aka "Issue 53" and the "Java Security Slider" vulnerability.  
Reject
 
CVSS Version
2  
CVSS Score
10  
Severity
High  
CVSS Base Score
10  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-18  
Published
2013-01-31  
Modified Date
2013-12-05  
Seq
2013-1489  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
191797 37681 CVE-2013-1489 http://blogs.computerworld.com/malware-and-vulnerabilities/21693/yet-another-java-security-flaw-discovered-number-53  View
191798 37681 CVE-2013-1489 HPSBUX02857  View
191799 37681 CVE-2013-1489 HPSBMU02874  View
191800 37681 CVE-2013-1489 oval:org.mitre.oval:def:15906  View
191801 37681 CVE-2013-1489 oval:org.mitre.oval:def:19171  View
191802 37681 CVE-2013-1489 RHSA-2013:0237  View
191803 37681 CVE-2013-1489 20130127 [SE-2012-01] An issue with new Java SE 7 security features  View
191804 37681 CVE-2013-1489 http://thenextweb.com/insider/2013/01/28/new-vulnerability-bypasses-oracles-attempt-to-stop-malware-drive-by-downloads-via-java-applets/  View
191805 37681 CVE-2013-1489 http://www.informationweek.com/security/application-security/java-security-work-remains-bug-hunter-sa/240147150  View
191806 37681 CVE-2013-1489 VU#858729  View
191807 37681 CVE-2013-1489 http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html  View
191808 37681 CVE-2013-1489 http://www.scmagazine.com.au/News/330453,java-still-unsafe-new-flaws-discovered.aspx  View
191809 37681 CVE-2013-1489 TA13-032A  View
191810 37681 CVE-2013-1489 http://www.zdnet.com/java-update-doesnt-prevent-silent-exploits-at-all-7000010422/  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
19771 JVNDB-2013-001346 Oracle Java SE の Java Runtime Environment におけるセキュリティ・レベルを回避される脆弱性 Oracle Java SE の Java Runtime Environment (JRE) は、Windows 上で稼働する Internet Explorer、Firefox、Opera、および Google Chrome で使用される場合、Java コントロール・パネルのセキュリティ・レベル「非常に高」を回避され、警告メッセージが表示されることなく、無署名の Java コードを実行される脆弱性が存在します。 CVE-2013-1489 61431 CVE-2013-1489 37681 10 http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001346.html 2013-02-01 2013-06-17 View