CVE-2013-5804
First published: Tue Oct 15 2013(Updated: )
It was discovered that javac did not properly ignore certain ignorable characters. An attacker could influence the integrity and confidentiality of a system by providing specially crafted input, which is then used by javadoc to generate API documentation. Upstream reports that this issue is relevant to uses where javadoc is used to generate documentation for an untrusted source code and have it hosted on a domain not controlled by the author of the source code (the attacker).
Credit: secalert_us@oracle.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Oracle JRE | <=1.7.0 | |
| Oracle JRE | =1.7.0 | |
| Oracle JRE | =1.7.0-update1 | |
| Oracle JRE | =1.7.0-update10 | |
| Oracle JRE | =1.7.0-update11 | |
| Oracle JRE | =1.7.0-update13 | |
| Oracle JRE | =1.7.0-update15 | |
| Oracle JRE | =1.7.0-update17 | |
| Oracle JRE | =1.7.0-update2 | |
| Oracle JRE | =1.7.0-update21 | |
| Oracle JRE | =1.7.0-update25 | |
| Oracle JRE | =1.7.0-update3 | |
| Oracle JRE | =1.7.0-update4 | |
| Oracle JRE | =1.7.0-update5 | |
| Oracle JRE | =1.7.0-update6 | |
| Oracle JRE | =1.7.0-update7 | |
| Oracle JRE | =1.7.0-update9 | |
| Oracle JRE | <=1.6.0 | |
| Oracle JRE | =1.6.0-update22 | |
| Oracle JRE | =1.6.0-update23 | |
| Oracle JRE | =1.6.0-update24 | |
| Oracle JRE | =1.6.0-update25 | |
| Oracle JRE | =1.6.0-update26 | |
| Oracle JRE | =1.6.0-update27 | |
| Oracle JRE | =1.6.0-update29 | |
| Oracle JRE | =1.6.0-update30 | |
| Oracle JRE | =1.6.0-update31 | |
| Oracle JRE | =1.6.0-update32 | |
| Oracle JRE | =1.6.0-update33 | |
| Oracle JRE | =1.6.0-update34 | |
| Oracle JRE | =1.6.0-update35 | |
| Oracle JRE | =1.6.0-update37 | |
| Oracle JRE | =1.6.0-update38 | |
| Oracle JRE | =1.6.0-update39 | |
| Oracle JRE | =1.6.0-update41 | |
| Oracle JRE | =1.6.0-update43 | |
| Oracle JRE | =1.6.0-update45 | |
| Oracle JRE | =1.6.0-update51 | |
| Sun JRE | =1.6.0 | |
| Sun JRE | =1.6.0-update_1 | |
| Sun JRE | =1.6.0-update_10 | |
| Sun JRE | =1.6.0-update_11 | |
| Sun JRE | =1.6.0-update_12 | |
| Sun JRE | =1.6.0-update_13 | |
| Sun JRE | =1.6.0-update_14 | |
| Sun JRE | =1.6.0-update_15 | |
| Sun JRE | =1.6.0-update_16 | |
| Sun JRE | =1.6.0-update_17 | |
| Sun JRE | =1.6.0-update_18 | |
| Sun JRE | =1.6.0-update_19 | |
| Sun JRE | =1.6.0-update_2 | |
| Sun JRE | =1.6.0-update_20 | |
| Sun JRE | =1.6.0-update_21 | |
| Sun JRE | =1.6.0-update_3 | |
| Sun JRE | =1.6.0-update_4 | |
| Sun JRE | =1.6.0-update_5 | |
| Sun JRE | =1.6.0-update_6 | |
| Sun JRE | =1.6.0-update_7 | |
| Sun JRE | =1.6.0-update_9 | |
| Oracle JRockit | <=r28.2.8 | |
| Oracle JRockit | =r28.0.0 | |
| Oracle JRockit | =r28.0.1 | |
| Oracle JRockit | =r28.0.2 | |
| Oracle JRockit | =r28.1.0 | |
| Oracle JRockit | =r28.1.1 | |
| Oracle JRockit | =r28.1.3 | |
| Oracle JRockit | =r28.1.4 | |
| Oracle JRockit | =r28.1.5 | |
| Oracle JRockit | =r28.2.2 | |
| Oracle JRockit | =r28.2.3 | |
| Oracle JRockit | =r28.2.4 | |
| Oracle JRockit | =r28.2.5 | |
| Oracle JRockit | =r28.2.6 | |
| Oracle JDK | <=1.5.0 | |
| Oracle JDK | =1.5.0-update36 | |
| Oracle JDK | =1.5.0-update38 | |
| Oracle JDK | =1.5.0-update40 | |
| Oracle JDK | =1.5.0-update41 | |
| Oracle JDK | =1.5.0-update45 | |
| Sun JDK | =1.5.0 | |
| Sun JDK | =1.5.0-update1 | |
| Sun JDK | =1.5.0-update10 | |
| Sun JDK | =1.5.0-update11 | |
| Sun JDK | =1.5.0-update11_b03 | |
| Sun JDK | =1.5.0-update12 | |
| Sun JDK | =1.5.0-update13 | |
| Sun JDK | =1.5.0-update14 | |
| Sun JDK | =1.5.0-update15 | |
| Sun JDK | =1.5.0-update16 | |
| Sun JDK | =1.5.0-update17 | |
| Sun JDK | =1.5.0-update18 | |
| Sun JDK | =1.5.0-update19 | |
| Sun JDK | =1.5.0-update2 | |
| Sun JDK | =1.5.0-update20 | |
| Sun JDK | =1.5.0-update21 | |
| Sun JDK | =1.5.0-update22 | |
| Sun JDK | =1.5.0-update23 | |
| Sun JDK | =1.5.0-update24 | |
| Sun JDK | =1.5.0-update25 | |
| Sun JDK | =1.5.0-update26 | |
| Sun JDK | =1.5.0-update27 | |
| Sun JDK | =1.5.0-update28 | |
| Sun JDK | =1.5.0-update29 | |
| Sun JDK | =1.5.0-update3 | |
| Sun JDK | =1.5.0-update31 | |
| Sun JDK | =1.5.0-update33 | |
| Sun JDK | =1.5.0-update4 | |
| Sun JDK | =1.5.0-update5 | |
| Sun JDK | =1.5.0-update6 | |
| Sun JDK | =1.5.0-update7 | |
| Sun JDK | =1.5.0-update7_b03 | |
| Sun JDK | =1.5.0-update8 | |
| Sun JDK | =1.5.0-update9 | |
| Oracle JDK | <=1.6.0 | |
| Oracle JDK | =1.6.0-update22 | |
| Oracle JDK | =1.6.0-update23 | |
| Oracle JDK | =1.6.0-update24 | |
| Oracle JDK | =1.6.0-update25 | |
| Oracle JDK | =1.6.0-update26 | |
| Oracle JDK | =1.6.0-update27 | |
| Oracle JDK | =1.6.0-update29 | |
| Oracle JDK | =1.6.0-update30 | |
| Oracle JDK | =1.6.0-update31 | |
| Oracle JDK | =1.6.0-update32 | |
| Oracle JDK | =1.6.0-update33 | |
| Oracle JDK | =1.6.0-update34 | |
| Oracle JDK | =1.6.0-update35 | |
| Oracle JDK | =1.6.0-update37 | |
| Oracle JDK | =1.6.0-update38 | |
| Oracle JDK | =1.6.0-update39 | |
| Oracle JDK | =1.6.0-update41 | |
| Oracle JDK | =1.6.0-update43 | |
| Oracle JDK | =1.6.0-update45 | |
| Oracle JDK | =1.6.0-update51 | |
| Sun JDK | =1.6.0 | |
| Sun JDK | =1.6.0-update_10 | |
| Sun JDK | =1.6.0-update_11 | |
| Sun JDK | =1.6.0-update_12 | |
| Sun JDK | =1.6.0-update_13 | |
| Sun JDK | =1.6.0-update_14 | |
| Sun JDK | =1.6.0-update_15 | |
| Sun JDK | =1.6.0-update_16 | |
| Sun JDK | =1.6.0-update_17 | |
| Sun JDK | =1.6.0-update_18 | |
| Sun JDK | =1.6.0-update_19 | |
| Sun JDK | =1.6.0-update_20 | |
| Sun JDK | =1.6.0-update_21 | |
| Sun JDK | =1.6.0-update_3 | |
| Sun JDK | =1.6.0-update_4 | |
| Sun JDK | =1.6.0-update_5 | |
| Sun JDK | =1.6.0-update_6 | |
| Sun JDK | =1.6.0-update_7 | |
| Sun JDK | =1.6.0-update1 | |
| Sun JDK | =1.6.0-update1_b06 | |
| Sun JDK | =1.6.0-update2 | |
| Oracle JRE | <=1.5.0 | |
| Oracle JRE | =1.5.0-update36 | |
| Oracle JRE | =1.5.0-update38 | |
| Oracle JRE | =1.5.0-update40 | |
| Oracle JRE | =1.5.0-update41 | |
| Oracle JRE | =1.5.0-update45 | |
| Sun JRE | =1.5.0 | |
| Sun JRE | =1.5.0-update1 | |
| Sun JRE | =1.5.0-update10 | |
| Sun JRE | =1.5.0-update11 | |
| Sun JRE | =1.5.0-update12 | |
| Sun JRE | =1.5.0-update13 | |
| Sun JRE | =1.5.0-update14 | |
| Sun JRE | =1.5.0-update15 | |
| Sun JRE | =1.5.0-update16 | |
| Sun JRE | =1.5.0-update17 | |
| Sun JRE | =1.5.0-update18 | |
| Sun JRE | =1.5.0-update19 | |
| Sun JRE | =1.5.0-update2 | |
| Sun JRE | =1.5.0-update20 | |
| Sun JRE | =1.5.0-update21 | |
| Sun JRE | =1.5.0-update22 | |
| Sun JRE | =1.5.0-update23 | |
| Sun JRE | =1.5.0-update24 | |
| Sun JRE | =1.5.0-update25 | |
| Sun JRE | =1.5.0-update26 | |
| Sun JRE | =1.5.0-update27 | |
| Sun JRE | =1.5.0-update28 | |
| Sun JRE | =1.5.0-update29 | |
| Sun JRE | =1.5.0-update3 | |
| Sun JRE | =1.5.0-update31 | |
| Sun JRE | =1.5.0-update33 | |
| Sun JRE | =1.5.0-update4 | |
| Sun JRE | =1.5.0-update5 | |
| Sun JRE | =1.5.0-update6 | |
| Sun JRE | =1.5.0-update7 | |
| Sun JRE | =1.5.0-update8 | |
| Sun JRE | =1.5.0-update9 | |
| Oracle JRockit | <=r27.7.6 | |
| Oracle JRockit | =r27.7.1 | |
| Oracle JRockit | =r27.7.2 | |
| Oracle JRockit | =r27.7.3 | |
| Oracle JRockit | =r27.7.4 | |
| Oracle JRockit | =r27.7.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html
- http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html
- http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html
- http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html
- http://marc.info/?l=bugtraq&m=138674031212883&w=2
- http://marc.info/?l=bugtraq&m=138674073720143&w=2
- http://rhn.redhat.com/errata/RHSA-2013-1440.html
- http://rhn.redhat.com/errata/RHSA-2013-1447.html
- http://rhn.redhat.com/errata/RHSA-2013-1451.html
- http://rhn.redhat.com/errata/RHSA-2013-1505.html
- http://rhn.redhat.com/errata/RHSA-2013-1507.html
- http://rhn.redhat.com/errata/RHSA-2013-1508.html
- http://rhn.redhat.com/errata/RHSA-2013-1509.html
- http://rhn.redhat.com/errata/RHSA-2013-1793.html
- http://security.gentoo.org/glsa/glsa-201406-32.xml
- http://support.apple.com/kb/HT5982
- http://www-01.ibm.com/support/docview.wss?uid=swg21655201
- http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html
- http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html
- http://www.securityfocus.com/bid/63149
- http://www.ubuntu.com/usn/USN-2033-1
- http://www.ubuntu.com/usn/USN-2089-1
- https://access.redhat.com/errata/RHSA-2014:0414
- https://bugzilla.redhat.com/show_bug.cgi?id=1019131
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19188
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1019131#c0
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1018720
- http://hg.openjdk.java.net/jdk7u/jdk7u/langtools/rev/61d5b73ae0ac
- https://rhn.redhat.com/errata/RHSA-2013-1440.html
- https://rhn.redhat.com/errata/RHSA-2013-1447.html
- https://rhn.redhat.com/errata/RHSA-2013-1451.html
- https://rhn.redhat.com/errata/RHSA-2013-1505.html
- https://rhn.redhat.com/errata/RHSA-2013-1509.html
- https://rhn.redhat.com/errata/RHSA-2013-1508.html
- https://rhn.redhat.com/errata/RHSA-2013-1507.html
- https://rhn.redhat.com/errata/RHSA-2013-1793.html
- http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2013-October/025087.html
- http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2013-November/025278.html
- http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2013-November/025328.html
- https://rhn.redhat.com/errata/RHSA-2014-0414.html
- collector/nvd-index
- agent/type
- agent/first-publish-date
- agent/last-modified-date
- agent/softwarecombine
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2013-5804
- agent/software-canonical-lookup
- agent/severity
- agent/author
- agent/references
- agent/tags
- agent/description
- agent/event
- collector/mitre-cve
- source/MITRE
- vendor/oracle
- canonical/oracle jre
- version/oracle jre/1.7.0
- version/oracle jre/1.7.0-update1
- version/oracle jre/1.7.0-update10
- version/oracle jre/1.7.0-update11
- version/oracle jre/1.7.0-update13
- version/oracle jre/1.7.0-update15
- version/oracle jre/1.7.0-update17
- version/oracle jre/1.7.0-update2
- version/oracle jre/1.7.0-update21
- version/oracle jre/1.7.0-update25
- version/oracle jre/1.7.0-update3
- version/oracle jre/1.7.0-update4
- version/oracle jre/1.7.0-update5
- version/oracle jre/1.7.0-update6
- version/oracle jre/1.7.0-update7
- version/oracle jre/1.7.0-update9
- version/oracle jre/1.6.0
- version/oracle jre/1.6.0-update22
- version/oracle jre/1.6.0-update23
- version/oracle jre/1.6.0-update24
- version/oracle jre/1.6.0-update25
- version/oracle jre/1.6.0-update26
- version/oracle jre/1.6.0-update27
- version/oracle jre/1.6.0-update29
- version/oracle jre/1.6.0-update30
- version/oracle jre/1.6.0-update31
- version/oracle jre/1.6.0-update32
- version/oracle jre/1.6.0-update33
- version/oracle jre/1.6.0-update34
- version/oracle jre/1.6.0-update35
- version/oracle jre/1.6.0-update37
- version/oracle jre/1.6.0-update38
- version/oracle jre/1.6.0-update39
- version/oracle jre/1.6.0-update41
- version/oracle jre/1.6.0-update43
- version/oracle jre/1.6.0-update45
- version/oracle jre/1.6.0-update51
- vendor/sun
- canonical/sun jre
- version/sun jre/1.6.0
- version/sun jre/1.6.0-update_1
- version/sun jre/1.6.0-update_10
- version/sun jre/1.6.0-update_11
- version/sun jre/1.6.0-update_12
- version/sun jre/1.6.0-update_13
- version/sun jre/1.6.0-update_14
- version/sun jre/1.6.0-update_15
- version/sun jre/1.6.0-update_16
- version/sun jre/1.6.0-update_17
- version/sun jre/1.6.0-update_18
- version/sun jre/1.6.0-update_19
- version/sun jre/1.6.0-update_2
- version/sun jre/1.6.0-update_20
- version/sun jre/1.6.0-update_21
- version/sun jre/1.6.0-update_3
- version/sun jre/1.6.0-update_4
- version/sun jre/1.6.0-update_5
- version/sun jre/1.6.0-update_6
- version/sun jre/1.6.0-update_7
- version/sun jre/1.6.0-update_9
- canonical/oracle jrockit
- version/oracle jrockit/r28.2.8
- version/oracle jrockit/r28.0.0
- version/oracle jrockit/r28.0.1
- version/oracle jrockit/r28.0.2
- version/oracle jrockit/r28.1.0
- version/oracle jrockit/r28.1.1
- version/oracle jrockit/r28.1.3
- version/oracle jrockit/r28.1.4
- version/oracle jrockit/r28.1.5
- version/oracle jrockit/r28.2.2
- version/oracle jrockit/r28.2.3
- version/oracle jrockit/r28.2.4
- version/oracle jrockit/r28.2.5
- version/oracle jrockit/r28.2.6
- canonical/oracle jdk
- version/oracle jdk/1.5.0
- version/oracle jdk/1.5.0-update36
- version/oracle jdk/1.5.0-update38
- version/oracle jdk/1.5.0-update40
- version/oracle jdk/1.5.0-update41
- version/oracle jdk/1.5.0-update45
- canonical/sun jdk
- version/sun jdk/1.5.0
- version/sun jdk/1.5.0-update1
- version/sun jdk/1.5.0-update10
- version/sun jdk/1.5.0-update11
- version/sun jdk/1.5.0-update11_b03
- version/sun jdk/1.5.0-update12
- version/sun jdk/1.5.0-update13
- version/sun jdk/1.5.0-update14
- version/sun jdk/1.5.0-update15
- version/sun jdk/1.5.0-update16
- version/sun jdk/1.5.0-update17
- version/sun jdk/1.5.0-update18
- version/sun jdk/1.5.0-update19
- version/sun jdk/1.5.0-update2
- version/sun jdk/1.5.0-update20
- version/sun jdk/1.5.0-update21
- version/sun jdk/1.5.0-update22
- version/sun jdk/1.5.0-update23
- version/sun jdk/1.5.0-update24
- version/sun jdk/1.5.0-update25
- version/sun jdk/1.5.0-update26
- version/sun jdk/1.5.0-update27
- version/sun jdk/1.5.0-update28
- version/sun jdk/1.5.0-update29
- version/sun jdk/1.5.0-update3
- version/sun jdk/1.5.0-update31
- version/sun jdk/1.5.0-update33
- version/sun jdk/1.5.0-update4
- version/sun jdk/1.5.0-update5
- version/sun jdk/1.5.0-update6
- version/sun jdk/1.5.0-update7
- version/sun jdk/1.5.0-update7_b03
- version/sun jdk/1.5.0-update8
- version/sun jdk/1.5.0-update9
- version/oracle jdk/1.6.0
- version/oracle jdk/1.6.0-update22
- version/oracle jdk/1.6.0-update23
- version/oracle jdk/1.6.0-update24
- version/oracle jdk/1.6.0-update25
- version/oracle jdk/1.6.0-update26
- version/oracle jdk/1.6.0-update27
- version/oracle jdk/1.6.0-update29
- version/oracle jdk/1.6.0-update30
- version/oracle jdk/1.6.0-update31
- version/oracle jdk/1.6.0-update32
- version/oracle jdk/1.6.0-update33
- version/oracle jdk/1.6.0-update34
- version/oracle jdk/1.6.0-update35
- version/oracle jdk/1.6.0-update37
- version/oracle jdk/1.6.0-update38
- version/oracle jdk/1.6.0-update39
- version/oracle jdk/1.6.0-update41
- version/oracle jdk/1.6.0-update43
- version/oracle jdk/1.6.0-update45
- version/oracle jdk/1.6.0-update51
- version/sun jdk/1.6.0
- version/sun jdk/1.6.0-update_10
- version/sun jdk/1.6.0-update_11
- version/sun jdk/1.6.0-update_12
- version/sun jdk/1.6.0-update_13
- version/sun jdk/1.6.0-update_14
- version/sun jdk/1.6.0-update_15
- version/sun jdk/1.6.0-update_16
- version/sun jdk/1.6.0-update_17
- version/sun jdk/1.6.0-update_18
- version/sun jdk/1.6.0-update_19
- version/sun jdk/1.6.0-update_20
- version/sun jdk/1.6.0-update_21
- version/sun jdk/1.6.0-update_3
- version/sun jdk/1.6.0-update_4
- version/sun jdk/1.6.0-update_5
- version/sun jdk/1.6.0-update_6
- version/sun jdk/1.6.0-update_7
- version/sun jdk/1.6.0-update1
- version/sun jdk/1.6.0-update1_b06
- version/sun jdk/1.6.0-update2
- version/oracle jre/1.5.0
- version/oracle jre/1.5.0-update36
- version/oracle jre/1.5.0-update38
- version/oracle jre/1.5.0-update40
- version/oracle jre/1.5.0-update41
- version/oracle jre/1.5.0-update45
- version/sun jre/1.5.0
- version/sun jre/1.5.0-update1
- version/sun jre/1.5.0-update10
- version/sun jre/1.5.0-update11
- version/sun jre/1.5.0-update12
- version/sun jre/1.5.0-update13
- version/sun jre/1.5.0-update14
- version/sun jre/1.5.0-update15
- version/sun jre/1.5.0-update16
- version/sun jre/1.5.0-update17
- version/sun jre/1.5.0-update18
- version/sun jre/1.5.0-update19
- version/sun jre/1.5.0-update2
- version/sun jre/1.5.0-update20
- version/sun jre/1.5.0-update21
- version/sun jre/1.5.0-update22
- version/sun jre/1.5.0-update23
- version/sun jre/1.5.0-update24
- version/sun jre/1.5.0-update25
- version/sun jre/1.5.0-update26
- version/sun jre/1.5.0-update27
- version/sun jre/1.5.0-update28
- version/sun jre/1.5.0-update29
- version/sun jre/1.5.0-update3
- version/sun jre/1.5.0-update31
- version/sun jre/1.5.0-update33
- version/sun jre/1.5.0-update4
- version/sun jre/1.5.0-update5
- version/sun jre/1.5.0-update6
- version/sun jre/1.5.0-update7
- version/sun jre/1.5.0-update8
- version/sun jre/1.5.0-update9
- version/oracle jrockit/r27.7.6
- version/oracle jrockit/r27.7.1
- version/oracle jrockit/r27.7.2
- version/oracle jrockit/r27.7.3
- version/oracle jrockit/r27.7.4
- version/oracle jrockit/r27.7.5
- package-manager/redhat