CVE-2013-2449

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Libraries. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to GnomeFileTypeDetector and a missing check for read permissions for a path.

Published: Jun 19, 2013
Updated: Apr 13, 2023
CVE: CVE-2013-2449
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:P/I:N/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
oracle / jre	1.7.0-update9	1.7.0-update9.x
oracle / jre	1.7.0-update15	1.7.0-update15.x
oracle / jre	1.7.0-update6	1.7.0-update6.x
oracle / jre	1.7.0-update3	1.7.0-update3.x
oracle / jre	1.7.0-update13	1.7.0-update13.x
oracle / jre	1.7.0-update10	1.7.0-update10.x
oracle / jre	-	1.7.0.x
oracle / jre	1.7.0-update11	1.7.0-update11.x
oracle / jre	1.7.0-update2	1.7.0-update2.x
oracle / jre	1.7.0-update5	1.7.0-update5.x
oracle / jre	1.7.0-update4	1.7.0-update4.x
oracle / jre	1.7.0	1.7.0.x
oracle / jre	1.7.0-update17	1.7.0-update17.x
oracle / jre	1.7.0-update7	1.7.0-update7.x
oracle / jre	1.7.0-update1	1.7.0-update1.x
oracle / jdk	1.7.0-update6	1.7.0-update6.x
oracle / jdk	1.7.0-update5	1.7.0-update5.x
oracle / jdk	1.7.0-update7	1.7.0-update7.x
oracle / jdk	1.7.0-update2	1.7.0-update2.x
oracle / jdk	1.7.0-update13	1.7.0-update13.x
oracle / jdk	1.7.0-update11	1.7.0-update11.x
oracle / jdk	1.7.0	1.7.0.x
oracle / jdk	1.7.0-update9	1.7.0-update9.x
oracle / jdk	-	1.7.0.x
oracle / jdk	1.7.0-update15	1.7.0-update15.x
oracle / jdk	1.7.0-update3	1.7.0-update3.x
oracle / jdk	1.7.0-update17	1.7.0-update17.x
oracle / jdk	1.7.0-update1	1.7.0-update1.x
oracle / jdk	1.7.0-update10	1.7.0-update10.x
oracle / jdk	1.7.0-update4	1.7.0-update4.x

Vulnerability Database

289,697

CVE-2013-2449