What is the severity of CVE-2013-2460?

CVE-2013-2460 has a high severity due to its potential impact on confidentiality, integrity, and availability.

How do I fix CVE-2013-2460?

To fix CVE-2013-2460, update your Java Runtime Environment to the latest version or apply the relevant patches provided by Oracle.

Which software versions are affected by CVE-2013-2460?

CVE-2013-2460 affects Oracle Java SE 7 Update 21 and earlier versions, as well as OpenJDK 7.

Can CVE-2013-2460 be exploited remotely?

Yes, CVE-2013-2460 can be exploited remotely by attackers through unspecified vectors related to Serviceability.

What components are involved in CVE-2013-2460?

CVE-2013-2460 involves the Java Runtime Environment (JRE) component of Oracle Java SE and OpenJDK.

Vulnerability/
CVE-2013-2460

critical

9.3

17/6/2013

18/6/2013

4/2/2021

CVE-2013-2460

First published: Mon Jun 17 2013(Updated: )

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Serviceability. NOTE: the previous information is from the June 2013 CPU. Oracle has not commented on claims from another vendor that this issue allows remote attackers to bypass the Java sandbox via vectors related to "insufficient access checks" in the tracing component.

Credit: secalert_us@oracle.com

Affected Software	Affected Version	How to fix
Oracle Java Runtime Environment (JRE)	<=1.7.0
Oracle Java Runtime Environment (JRE)	=1.7.0
Oracle Java Runtime Environment (JRE)	=1.7.0-update1
Oracle Java Runtime Environment (JRE)	=1.7.0-update10
Oracle Java Runtime Environment (JRE)	=1.7.0-update11
Oracle Java Runtime Environment (JRE)	=1.7.0-update13
Oracle Java Runtime Environment (JRE)	=1.7.0-update15
Oracle Java Runtime Environment (JRE)	=1.7.0-update17
Oracle Java Runtime Environment (JRE)	=1.7.0-update2
Oracle Java Runtime Environment (JRE)	=1.7.0-update3
Oracle Java Runtime Environment (JRE)	=1.7.0-update4
Oracle Java Runtime Environment (JRE)	=1.7.0-update5
Oracle Java Runtime Environment (JRE)	=1.7.0-update6
Oracle Java Runtime Environment (JRE)	=1.7.0-update7
Oracle Java Runtime Environment (JRE)	=1.7.0-update9
Oracle JDK 6	<=1.7.0
Oracle JDK 6	=1.7.0
Oracle JDK 6	=1.7.0-update1
Oracle JDK 6	=1.7.0-update10
Oracle JDK 6	=1.7.0-update11
Oracle JDK 6	=1.7.0-update13
Oracle JDK 6	=1.7.0-update15
Oracle JDK 6	=1.7.0-update17
Oracle JDK 6	=1.7.0-update2
Oracle JDK 6	=1.7.0-update3
Oracle JDK 6	=1.7.0-update4
Oracle JDK 6	=1.7.0-update5
Oracle JDK 6	=1.7.0-update6
Oracle JDK 6	=1.7.0-update7
Oracle JDK 6	=1.7.0-update9

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2013-2460?
CVE-2013-2460 has a high severity due to its potential impact on confidentiality, integrity, and availability.
How do I fix CVE-2013-2460?
To fix CVE-2013-2460, update your Java Runtime Environment to the latest version or apply the relevant patches provided by Oracle.
Which software versions are affected by CVE-2013-2460?
CVE-2013-2460 affects Oracle Java SE 7 Update 21 and earlier versions, as well as OpenJDK 7.
Can CVE-2013-2460 be exploited remotely?
Yes, CVE-2013-2460 can be exploited remotely by attackers through unspecified vectors related to Serviceability.
What components are involved in CVE-2013-2460?
CVE-2013-2460 involves the Java Runtime Environment (JRE) component of Oracle Java SE and OpenJDK.

collector/redhat-bugzilla
alias/CVE-2013-2460
agent/type
agent/last-modified-date
agent/first-publish-date
agent/references
agent/severity
agent/author
agent/softwarecombine
agent/tags
agent/description
agent/event
collector/nvd-index
agent/software-canonical-lookup-request
vendor/oracle
canonical/oracle java runtime environment (jre)
version/oracle java runtime environment (jre)/1.7.0
version/oracle java runtime environment (jre)/1.7.0-update1
version/oracle java runtime environment (jre)/1.7.0-update10
version/oracle java runtime environment (jre)/1.7.0-update11
version/oracle java runtime environment (jre)/1.7.0-update13
version/oracle java runtime environment (jre)/1.7.0-update15
version/oracle java runtime environment (jre)/1.7.0-update17
version/oracle java runtime environment (jre)/1.7.0-update2
version/oracle java runtime environment (jre)/1.7.0-update3
version/oracle java runtime environment (jre)/1.7.0-update4
version/oracle java runtime environment (jre)/1.7.0-update5
version/oracle java runtime environment (jre)/1.7.0-update6
version/oracle java runtime environment (jre)/1.7.0-update7
version/oracle java runtime environment (jre)/1.7.0-update9
canonical/oracle jdk 6
version/oracle jdk 6/1.7.0
version/oracle jdk 6/1.7.0-update1
version/oracle jdk 6/1.7.0-update10
version/oracle jdk 6/1.7.0-update11
version/oracle jdk 6/1.7.0-update13
version/oracle jdk 6/1.7.0-update15
version/oracle jdk 6/1.7.0-update17
version/oracle jdk 6/1.7.0-update2
version/oracle jdk 6/1.7.0-update3
version/oracle jdk 6/1.7.0-update4
version/oracle jdk 6/1.7.0-update5
version/oracle jdk 6/1.7.0-update6
version/oracle jdk 6/1.7.0-update7
version/oracle jdk 6/1.7.0-update9