Language:
http://www.oracle.com/technetwork/java/eol-135779.html
http://www.zerodayinitiative.com/advisories/ZDI-13-132/
http://www.zerodayinitiative.com/advisories/ZDI-13-151/
http://www.zerodayinitiative.com/advisories/ZDI-13-152/
http://www.zerodayinitiative.com/advisories/ZDI-13-153/
http://www.zerodayinitiative.com/advisories/ZDI-13-154/
http://www.zerodayinitiative.com/advisories/ZDI-13-155/
http://www.zerodayinitiative.com/advisories/ZDI-13-156/
http://www.zerodayinitiative.com/advisories/ZDI-13-157/
http://www.zerodayinitiative.com/advisories/ZDI-13-158/
http://www.zerodayinitiative.com/advisories/ZDI-13-159/
http://www.zerodayinitiative.com/advisories/ZDI-13-160/
https://seclists.org/fulldisclosure/2013/Aug/211
Severity: Critical
ID: 66932
File Name: oracle_java_cpu_jun_2013.nasl
Version: 1.24
Type: local
Agent: windows
Family: Windows
Published: 6/19/2013
Updated: 4/11/2022
Configuration: Enable thorough checks
Supported Sensors: Nessus Agent, Nessus
Risk Factor: Critical
Score: 9.8
Risk Factor: Critical
Base Score: 10
Temporal Score: 8.7
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS Score Source: CVE-2013-2473
Risk Factor: Critical
Base Score: 9.8
Temporal Score: 9.4
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C
CPE: cpe:/a:oracle:jre, cpe:/a:oracle:jdk
Required KB Items: SMB/Java/JRE/Installed
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 6/18/2013
Vulnerability Publication Date: 6/18/2013
CISA Known Exploited Vulnerability Due Dates: 4/18/2022
Core Impact
Metasploit (Java storeImageArray() Invalid Array Indexing Vulnerability)
CVE: CVE-2013-1500, CVE-2013-1571, CVE-2013-2400, CVE-2013-2407, CVE-2013-2412, CVE-2013-2437, CVE-2013-2442, CVE-2013-2443, CVE-2013-2444, CVE-2013-2445, CVE-2013-2446, CVE-2013-2447, CVE-2013-2448, CVE-2013-2449, CVE-2013-2450, CVE-2013-2451, CVE-2013-2452, CVE-2013-2453, CVE-2013-2454, CVE-2013-2455, CVE-2013-2456, CVE-2013-2457, CVE-2013-2458, CVE-2013-2459, CVE-2013-2460, CVE-2013-2461, CVE-2013-2462, CVE-2013-2463, CVE-2013-2464, CVE-2013-2465, CVE-2013-2466, CVE-2013-2467, CVE-2013-2468, CVE-2013-2469, CVE-2013-2470, CVE-2013-2471, CVE-2013-2472, CVE-2013-2473, CVE-2013-3743, CVE-2013-3744
BID: 60620, 60621, 60622, 60623, 60624, 60625, 60626, 60627, 60629, 60630, 60631, 60632, 60633, 60634, 60635, 60636, 60637, 60638, 60639, 60640, 60641, 60643, 60644, 60645, 60646, 60617, 60618, 60619, 60647, 60649, 60650, 60651, 60652, 60653, 60654, 60655, 60656, 60657, 60658, 60659
CERT: 225657