Unspecified vulnerability in Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, and Java SE Embedded 7u40 and earlier allows remote attackers to affect confidentiality via vectors related to BEANS.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Jre | Oracle | * | 1.5.0 (including) |
| Jre | Oracle | 1.5.0-update36 (including) | 1.5.0-update36 (including) |
| Jre | Oracle | 1.5.0-update38 (including) | 1.5.0-update38 (including) |
| Jre | Oracle | 1.5.0-update40 (including) | 1.5.0-update40 (including) |
| Jre | Oracle | 1.5.0-update41 (including) | 1.5.0-update41 (including) |
| Jre | Oracle | 1.5.0-update45 (including) | 1.5.0-update45 (including) |
| Jre | Sun | 1.5.0 (including) | 1.5.0 (including) |
| Jre | Sun | 1.5.0-update1 (including) | 1.5.0-update1 (including) |
| Jre | Sun | 1.5.0-update10 (including) | 1.5.0-update10 (including) |
| Jre | Sun | 1.5.0-update11 (including) | 1.5.0-update11 (including) |
| Jre | Sun | 1.5.0-update12 (including) | 1.5.0-update12 (including) |
| Jre | Sun | 1.5.0-update13 (including) | 1.5.0-update13 (including) |
| Jre | Sun | 1.5.0-update14 (including) | 1.5.0-update14 (including) |
| Jre | Sun | 1.5.0-update15 (including) | 1.5.0-update15 (including) |
| Jre | Sun | 1.5.0-update16 (including) | 1.5.0-update16 (including) |
| Jre | Sun | 1.5.0-update17 (including) | 1.5.0-update17 (including) |
| Jre | Sun | 1.5.0-update18 (including) | 1.5.0-update18 (including) |
| Jre | Sun | 1.5.0-update19 (including) | 1.5.0-update19 (including) |
| Jre | Sun | 1.5.0-update2 (including) | 1.5.0-update2 (including) |
| Jre | Sun | 1.5.0-update20 (including) | 1.5.0-update20 (including) |
| Jre | Sun | 1.5.0-update21 (including) | 1.5.0-update21 (including) |
| Jre | Sun | 1.5.0-update22 (including) | 1.5.0-update22 (including) |
| Jre | Sun | 1.5.0-update23 (including) | 1.5.0-update23 (including) |
| Jre | Sun | 1.5.0-update24 (including) | 1.5.0-update24 (including) |
| Jre | Sun | 1.5.0-update25 (including) | 1.5.0-update25 (including) |
| Jre | Sun | 1.5.0-update26 (including) | 1.5.0-update26 (including) |
| Jre | Sun | 1.5.0-update27 (including) | 1.5.0-update27 (including) |
| Jre | Sun | 1.5.0-update28 (including) | 1.5.0-update28 (including) |
| Jre | Sun | 1.5.0-update29 (including) | 1.5.0-update29 (including) |
| Jre | Sun | 1.5.0-update3 (including) | 1.5.0-update3 (including) |
| Jre | Sun | 1.5.0-update31 (including) | 1.5.0-update31 (including) |
| Jre | Sun | 1.5.0-update33 (including) | 1.5.0-update33 (including) |
| Jre | Sun | 1.5.0-update4 (including) | 1.5.0-update4 (including) |
| Jre | Sun | 1.5.0-update5 (including) | 1.5.0-update5 (including) |
| Jre | Sun | 1.5.0-update6 (including) | 1.5.0-update6 (including) |
| Jre | Sun | 1.5.0-update7 (including) | 1.5.0-update7 (including) |
| Jre | Sun | 1.5.0-update8 (including) | 1.5.0-update8 (including) |
| Jre | Sun | 1.5.0-update9 (including) | 1.5.0-update9 (including) |
| Oracle Java for Red Hat Enterprise Linux 5 | RedHat | java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10 | * |
| Oracle Java for Red Hat Enterprise Linux 6 | RedHat | java-1.6.0-sun-1:1.6.0.75-1jpp.1.el6_5 | * |
| Red Hat Enterprise Linux 5 | RedHat | java-1.7.0-openjdk-1:1.7.0.45-2.4.3.1.el5_10 | * |
| Red Hat Enterprise Linux 5 | RedHat | java-1.6.0-openjdk-1:1.6.0.0-1.42.1.11.14.el5_10 | * |
| Red Hat Enterprise Linux 6 | RedHat | java-1.7.0-openjdk-1:1.7.0.45-2.4.3.2.el6_4 | * |
| Red Hat Enterprise Linux 6 | RedHat | java-1.6.0-openjdk-1:1.6.0.0-1.65.1.11.14.el6_4 | * |
| Supplementary for Red Hat Enterprise Linux 5 | RedHat | java-1.7.0-oracle-1:1.7.0.45-1jpp.1.el5_10 | * |
| Supplementary for Red Hat Enterprise Linux 5 | RedHat | java-1.7.0-ibm-1:1.7.0.6.0-1jpp.1.el5_10 | * |
| Supplementary for Red Hat Enterprise Linux 5 | RedHat | java-1.5.0-ibm-1:1.5.0.16.4-1jpp.1.el5_10 | * |
| Supplementary for Red Hat Enterprise Linux 6 | RedHat | java-1.7.0-oracle-1:1.7.0.45-1jpp.2.el6_4 | * |
| Supplementary for Red Hat Enterprise Linux 6 | RedHat | java-1.7.0-ibm-1:1.7.0.6.0-1jpp.1.el6_4 | * |
| Supplementary for Red Hat Enterprise Linux 6 | RedHat | java-1.5.0-ibm-1:1.5.0.16.4-1jpp.1.el6_4 | * |
| Openjdk-6 | Ubuntu | devel | * |
| Openjdk-6 | Ubuntu | lucid | * |
| Openjdk-6 | Ubuntu | precise | * |
| Openjdk-6 | Ubuntu | quantal | * |
| Openjdk-6 | Ubuntu | raring | * |
| Openjdk-6 | Ubuntu | saucy | * |
| Openjdk-6 | Ubuntu | upstream | * |
| Openjdk-7 | Ubuntu | precise | * |
| Openjdk-7 | Ubuntu | quantal | * |
| Openjdk-7 | Ubuntu | raring | * |
| Openjdk-7 | Ubuntu | saucy | * |
| Openjdk-7 | Ubuntu | upstream | * |
References
- http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html
- http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html
- http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html
- http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html
- http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2
- http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2
- http://rhn.redhat.com/errata/RHSA-2013-1440.html
- http://rhn.redhat.com/errata/RHSA-2013-1447.html
- http://rhn.redhat.com/errata/RHSA-2013-1451.html
- http://rhn.redhat.com/errata/RHSA-2013-1505.html
- http://rhn.redhat.com/errata/RHSA-2013-1507.html
- http://rhn.redhat.com/errata/RHSA-2013-1509.html
- http://secunia.com/advisories/56338
- http://security.gentoo.org/glsa/glsa-201406-32.xml
- http://support.apple.com/kb/HT5982
- http://www-01.ibm.com/support/docview.wss?uid=swg21655201
- http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html
- http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html
- http://www.securityfocus.com/bid/63102
- http://www.ubuntu.com/usn/USN-2033-1
- http://www.ubuntu.com/usn/USN-2089-1
- https://access.redhat.com/errata/RHSA-2014:0414
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18733
- http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html
- http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html
- http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html
- http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html
- http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2
- http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2
- http://rhn.redhat.com/errata/RHSA-2013-1440.html
- http://rhn.redhat.com/errata/RHSA-2013-1447.html
- http://rhn.redhat.com/errata/RHSA-2013-1451.html
- http://rhn.redhat.com/errata/RHSA-2013-1505.html
- http://rhn.redhat.com/errata/RHSA-2013-1507.html
- http://rhn.redhat.com/errata/RHSA-2013-1509.html
- http://secunia.com/advisories/56338
- http://security.gentoo.org/glsa/glsa-201406-32.xml
- http://support.apple.com/kb/HT5982
- http://www-01.ibm.com/support/docview.wss?uid=swg21655201
- http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html
- http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html
- http://www.securityfocus.com/bid/63102
- http://www.ubuntu.com/usn/USN-2033-1
- http://www.ubuntu.com/usn/USN-2089-1
- https://access.redhat.com/errata/RHSA-2014:0414
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18733