Description

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier and 6 Update 43 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2435.

Remediation

References

CVE-2013-2440

Related Vulnerabilities

Django Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-0220)

Magento Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-7903)

WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-16781)

Oracle JRE CVE-2013-2465 Vulnerability (CVE-2013-2465)

Jenkins Improper Authorization Vulnerability (CVE-2021-21693)

Severity

Critical

Classification

CVE-2013-2440

Tags

Missing Update Known Vulnerabilities