製品・ソフトウェアに関する情報

JVN脆弱性詳細

Oracle Java SE の Java Runtime Environment における JAX-WS の処理に関する脆弱性

Title	Oracle Java SE の Java Runtime Environment における JAX-WS の処理に関する脆弱性
Summary	Oracle Java SE の Java Runtime Environment (JRE) には、JAX-WS に関する処理に不備があるため、機密性に影響のある脆弱性が存在します。
Possible impacts	第三者により、情報を取得される可能性があります。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	Feb. 1, 2013, midnight
Registration Date	Feb. 5, 2013, 4:23 p.m.
Last Update	March 18, 2015, 4:25 p.m.

CVSS2.0 : 警告
Score	5
Vector	AV:N/AC:L/Au:N/C:P/I:N/A:N

Affected System

サン・マイクロシステムズ

JDK 6 Update 21 およびそれ以前

JRE 6 Update 21 およびそれ以前

オラクル

JDK 6 Update 38 およびそれ以前

JDK 7 Update 11 およびそれ以前

JRE 6 Update 38 およびそれ以前

JRE 7 Update 11 およびそれ以前

アップル

Apple Mac OS X v10.6.8

Apple Mac OS X v10.7 およびそれ以降

Apple Mac OS X v10.8 およびそれ以降

Apple Mac OS X Server v10.6.8

Apple Mac OS X Server v10.7 およびそれ以降

日立

Cosminexus Application Server Enterprise Version 6

Cosminexus Application Server Standard Version 6

Cosminexus Application Server Version 5

Cosminexus Client Version 6

Cosminexus Developer Light Version 6

Cosminexus Developer Professional Version 6

Cosminexus Developer Standard Version 6

Cosminexus Developer Version 5

Cosminexus Developer's Kit for Java(TM)

Cosminexus Primary Server Base

Cosminexus Server - Standard Edition Version 4

Cosminexus Server - Web Edition Version 4

Cosminexus Studio - Standard Edition Version 4

Cosminexus Studio - Web Edition Version 4

Cosminexus Studio Version 5

uCosminexus Application Server -R

uCosminexus Application Server Express

uCosminexus Application Server Light

uCosminexus Application Server Standard-R

uCosminexus Application Server Enterprise

uCosminexus Application Server Smart Edition

uCosminexus Application Server Standard

uCosminexus Client

uCosminexus Client for Plug-in

uCosminexus Developer 01

uCosminexus Developer Professional

uCosminexus Developer Professional for Plug-in

uCosminexus Developer Light

uCosminexus Developer Standard

uCosminexus Operator

uCosminexus Primary Server Base

uCosminexus Server Standard-R

uCosminexus Service Architect

uCosminexus Service Platform

uCosminexus Service Platform - Messaging

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2013-0435	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0435
National Vulnerability Database (NVD)
2	CVE-2013-0435	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0435

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-noinfo	https://www.ipa.go.jp/security/vuln/CWE.html#CWEnoinfo

ベンダー情報

No	Name	URL
Apple Security Updates
1	HT5647	http://support.apple.com/kb/HT5647
2	HT5666	http://support.apple.com/kb/HT5666
Apple セキュリティアップデート
3	HT5647	http://support.apple.com/kb/HT5647?viewlocale=ja_JP
4	HT5666	http://support.apple.com/kb/HT5666?viewlocale=ja_JP
Hitachi Software Vulnerability Information
5	HS13-004	http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-004/index.html
HP Security Bulletin
6	HPSBMU02874 SSRT101184	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c03748879
7	HPSBUX02857 SSRT101103	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c03714148
8	HPSBUX02864 SSRT101156	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c03725347
IcedTea
9	release/icedtea6-1.11	http://icedtea.classpath.org/hg/release/icedtea6-1.11/file/icedtea6-1.11.6/NEWS
10	release/icedtea7-forest-2.3/jdk	http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk/rev/ce105dd2e4de
opensuse-security-announce
11	openSUSE-SU-2013:0312	http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00014.html
12	openSUSE-SU-2013:0377	http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00001.html
Oracle Critical Patch Update
13	Oracle Java SE Critical Patch Update Advisory - February 2013	http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html
14	Text Form of Oracle Java SE Critical Patch Update - February 2013 Risk Matrices	http://www.oracle.com/technetwork/topics/security/javacpufeb2013verbose-1841196.html
Red Hat Bugzilla
15	Bug 906892	http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=906892
Red Hat Security Advisory
16	RHSA-2013:0236	http://rhn.redhat.com/errata/RHSA-2013-0236.html
17	RHSA-2013:0237	http://rhn.redhat.com/errata/RHSA-2013-0237.html
18	RHSA-2013:0245	http://rhn.redhat.com/errata/RHSA-2013-0245.html
19	RHSA-2013:0246	http://rhn.redhat.com/errata/RHSA-2013-0246.html
20	RHSA-2013:0247	http://rhn.redhat.com/errata/RHSA-2013-0247.html
21	RHSA-2013:1455	http://rhn.redhat.com/errata/RHSA-2013-1455.html
22	RHSA-2013:1456	http://rhn.redhat.com/errata/RHSA-2013-1456.html
SECURITY BLOG
23	February 2013 Critical Patch Update for Java SE Released	https://blogs.oracle.com/security/entry/february_2013_critical_patch_update
ソフトウェア製品セキュリティ情報
24	HS13-004	http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS13-004/index.html
富士通セキュリティ情報
25	Oracle Corporation Javaプラグインの脆弱性に関するお知らせ	http://www.fmworld.net/biz/common/oracle/20130204.html

その他

No	Name	URL
IPA 緊急対策情報
1	Oracle Java の脆弱性対策について(CVE-2013-0437等)	http://www.ipa.go.jp/security/ciadr/vul/20130204-jre.html
JPCERT 注意喚起
2	JPCERT-AT-2013-0007	https://www.jpcert.or.jp/at/2013/at130007.txt
JVN
3	JVNTA13-032A	http://jvn.jp/cert/JVNTA13-032A
US-CERT Technical Cyber Security Alert
4	TA13-032A	http://www.us-cert.gov/cas/techalerts/TA13-032A.html
US-CERT Vulnerability Note
5	VU#858729	http://www.kb.cert.org/vuls/id/858729
関連文書
6	MGASA-2013-0056	https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0056

Change Log

No	Changed Details	Date of change
0	[2013年02月05日] 掲載 [2013年02月22日] ベンダ情報：レッドハット (RHSA-2013:0236) を追加ベンダ情報：レッドハット (RHSA-2013:0237) を追加 [2013年02月28日] 影響を受けるシステム：日立 (HS13-004) の情報を追加ベンダ情報：日立 (HS13-004) を追加 [2013年03月07日] 影響を受けるシステム：アップル (HT5666) の情報を追加ベンダ情報：アップル (HT5666) を追加 [2013年04月09日] ベンダ情報：Novell (openSUSE-SU-2013:0377) を追加ベンダ情報：Novell (openSUSE-SU-2013:0312) を追加ベンダ情報：レッドハット (RHSA-2013:0245) を追加ベンダ情報：レッドハット (RHSA-2013:0246) を追加ベンダ情報：レッドハット (RHSA-2013:0247) を追加ベンダ情報：レッドハット (Bug 906892) を追加ベンダ情報：レッドハット (release/icedtea7-forest-2.3/jdk) を追加ベンダ情報：レッドハット (release/icedtea6-1.11) を追加 [2013年06月14日] ベンダ情報：ヒューレット・パッカード (HPSBMU02874 SSRT101184) を追加ベンダ情報：ヒューレット・パッカード (HPSBUX02864 SSRT101156) を追加ベンダ情報：ヒューレット・パッカード (HPSBUX02857 SSRT101103) を追加 [2013年11月12日] ベンダ情報：レッドハット (RHSA-2013:1455) を追加ベンダ情報：レッドハット (RHSA-2013:1456) を追加 [2014年03月31日] 参考情報：関連文書 (MGASA-2013-0056) を追加 [2015年03月18日] 影響を受けるシステム：内容を更新	Feb. 17, 2018, 10:37 a.m.

NVD Vulnerability Information

CVE-2013-0435

Summary	Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 through Update 11 and 6 through Update 38, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality via vectors related to JAX-WS. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to improper restriction of com.sun.xml.internal packages and "Better handling of UI elements."
Publication Date	Feb. 2, 2013, 9:55 a.m.
Registration Date	Jan. 26, 2021, 3:33 p.m.
Last Update	Nov. 21, 2024, 10:47 a.m.

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:oracle:jre:1.7.0:update9::::::
cpe:2.3:a:oracle:jre:1.7.0:update6::::::
cpe:2.3:a:oracle:jre:1.7.0:update3::::::
cpe:2.3:a:oracle:jre:1.7.0:update10::::::
cpe:2.3:a:oracle:jre:1.7.0:update11::::::
cpe:2.3:a:oracle:jre:1.7.0:update2::::::
cpe:2.3:a:oracle:jre:1.7.0:update5::::::
cpe:2.3:a:oracle:jre:1.7.0:update4::::::
cpe:2.3:a:oracle:jre:1.7.0:::::::*
cpe:2.3:a:oracle:jre:1.7.0:update7::::::
cpe:2.3:a:oracle:jre:1.7.0:update1::::::

Configuration2	or higher	or less	more than	less than
cpe:2.3:a:oracle:jdk:1.7.0:update6::::::
cpe:2.3:a:oracle:jdk:1.7.0:update5::::::
cpe:2.3:a:oracle:jdk:1.7.0:update7::::::
cpe:2.3:a:oracle:jdk:1.7.0:update2::::::
cpe:2.3:a:oracle:jdk:1.7.0:update11::::::
cpe:2.3:a:oracle:jdk:1.7.0:::::::*
cpe:2.3:a:oracle:jdk:1.7.0:update9::::::
cpe:2.3:a:oracle:jdk:1.7.0:update3::::::
cpe:2.3:a:oracle:jdk:1.7.0:update1::::::
cpe:2.3:a:oracle:jdk:1.7.0:update10::::::
cpe:2.3:a:oracle:jdk:1.7.0:update4::::::

Configuration3	or higher	or less	more than	less than
cpe:2.3:a:sun:jre:1.6.0:update_3::::::
cpe:2.3:a:sun:jre:1.6.0:update_5::::::
cpe:2.3:a:sun:jre:1.6.0:update_13::::::
cpe:2.3:a:sun:jre:1.6.0:update_1::::::
cpe:2.3:a:sun:jre:1.6.0:update_2::::::
cpe:2.3:a:sun:jre:1.6.0:update_16::::::
cpe:2.3:a:sun:jre:1.6.0:update_20::::::
cpe:2.3:a:sun:jre:1.6.0:update_15::::::
cpe:2.3:a:sun:jre:1.6.0:update_6::::::
cpe:2.3:a:sun:jre:1.6.0:update_19::::::
cpe:2.3:a:sun:jre:1.6.0:::::::*
cpe:2.3:a:sun:jre:1.6.0:update_18::::::
cpe:2.3:a:sun:jre:1.6.0:update_10::::::
cpe:2.3:a:sun:jre:1.6.0:update_17::::::
cpe:2.3:a:sun:jre:1.6.0:update_21::::::
cpe:2.3:a:sun:jre:1.6.0:update_7::::::
cpe:2.3:a:sun:jre:1.6.0:update_14::::::
cpe:2.3:a:sun:jre:1.6.0:update_4::::::
cpe:2.3:a:sun:jre:1.6.0:update_9::::::
cpe:2.3:a:sun:jre:1.6.0:update_12::::::
cpe:2.3:a:sun:jre:1.6.0:update_11::::::
cpe:2.3:a:oracle:jre:1.6.0:update30::::::
cpe:2.3:a:oracle:jre:1.6.0:update32::::::
cpe:2.3:a:oracle:jre:1.6.0:update35::::::
cpe:2.3:a:oracle:jre:1.6.0:update25::::::
cpe:2.3:a:oracle:jre:1.6.0:update33::::::
cpe:2.3:a:oracle:jre:1.6.0:update24::::::
cpe:2.3:a:oracle:jre:1.6.0:update26::::::
cpe:2.3:a:oracle:jre:1.6.0:update27::::::
cpe:2.3:a:oracle:jre:1.6.0:update22::::::
cpe:2.3:a:oracle:jre:1.6.0:update31::::::
cpe:2.3:a:oracle:jre:1.6.0:update23::::::
cpe:2.3:a:oracle:jre:1.6.0:update38::::::
cpe:2.3:a:oracle:jre:1.6.0:update37::::::
cpe:2.3:a:oracle:jre:1.6.0:update34::::::
cpe:2.3:a:oracle:jre:1.6.0:update29::::::

Configuration4	or higher	or less	more than	less than
cpe:2.3:a:sun:jdk:1.6.0:update_4::::::
cpe:2.3:a:sun:jdk:1.6.0:update_7::::::
cpe:2.3:a:sun:jdk:1.6.0:update_19::::::
cpe:2.3:a:sun:jdk:1.6.0:update_13::::::
cpe:2.3:a:sun:jdk:1.6.0:update_3::::::
cpe:2.3:a:sun:jdk:1.6.0:update_11::::::
cpe:2.3:a:sun:jdk:1.6.0:update_10::::::
cpe:2.3:a:sun:jdk:1.6.0:update_14::::::
cpe:2.3:a:sun:jdk:1.6.0:::::::*
cpe:2.3:a:sun:jdk:1.6.0:update_17::::::
cpe:2.3:a:sun:jdk:1.6.0:update_5::::::
cpe:2.3:a:sun:jdk:1.6.0:update2::::::
cpe:2.3:a:sun:jdk:1.6.0:update1_b06::::::
cpe:2.3:a:sun:jdk:1.6.0:update_21::::::
cpe:2.3:a:sun:jdk:1.6.0:update_16::::::
cpe:2.3:a:sun:jdk:1.6.0:update1::::::
cpe:2.3:a:sun:jdk:1.6.0:update_15::::::
cpe:2.3:a:sun:jdk:1.6.0:update_12::::::
cpe:2.3:a:sun:jdk:1.6.0:update_18::::::
cpe:2.3:a:sun:jdk:1.6.0:update_6::::::
cpe:2.3:a:sun:jdk:1.6.0:update_20::::::
cpe:2.3:a:oracle:jdk:1.6.0:update33::::::
cpe:2.3:a:oracle:jdk:1.6.0:update25::::::
cpe:2.3:a:oracle:jdk:1.6.0:update29::::::
cpe:2.3:a:oracle:jdk:1.6.0:update31::::::
cpe:2.3:a:oracle:jdk:1.6.0:update27::::::
cpe:2.3:a:oracle:jdk:1.6.0:update24::::::
cpe:2.3:a:oracle:jdk:1.6.0:update23::::::
cpe:2.3:a:oracle:jdk:1.6.0:update22::::::
cpe:2.3:a:oracle:jdk:1.6.0:update32::::::
cpe:2.3:a:oracle:jdk:1.6.0:update26::::::
cpe:2.3:a:oracle:jdk:1.6.0:update34::::::
cpe:2.3:a:oracle:jdk:1.6.0:update30::::::
cpe:2.3:a:oracle:jdk:1.6.0:update38::::::
cpe:2.3:a:oracle:jdk:1.6.0:update37::::::
cpe:2.3:a:oracle:jdk:1.6.0:update35::::::

Related information, measures and tools

No	URL	タグ
1	http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=906892
2	http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=906892
3	http://icedtea.classpath.org/hg/release/icedtea6-1.11/file/icedtea6-1.11.6/NEWS
4	http://icedtea.classpath.org/hg/release/icedtea6-1.11/file/icedtea6-1.11.6/NEWS
5	http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk/rev/c1fa21042291
6	http://icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk/rev/c1fa21042291
7	http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00014.html
8	http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00014.html
9	http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00001.html
10	http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00001.html
11	http://marc.info/?l=bugtraq&m=136439120408139&w=2
12	http://marc.info/?l=bugtraq&m=136439120408139&w=2
13	http://marc.info/?l=bugtraq&m=136439120408139&w=2
14	http://marc.info/?l=bugtraq&m=136439120408139&w=2
15	http://marc.info/?l=bugtraq&m=136570436423916&w=2
16	http://marc.info/?l=bugtraq&m=136570436423916&w=2
17	http://marc.info/?l=bugtraq&m=136570436423916&w=2
18	http://marc.info/?l=bugtraq&m=136570436423916&w=2
19	http://marc.info/?l=bugtraq&m=136733161405818&w=2
20	http://marc.info/?l=bugtraq&m=136733161405818&w=2
21	http://marc.info/?l=bugtraq&m=136733161405818&w=2
22	http://marc.info/?l=bugtraq&m=136733161405818&w=2
23	http://rhn.redhat.com/errata/RHSA-2013-0236.html
24	http://rhn.redhat.com/errata/RHSA-2013-0236.html
25	http://rhn.redhat.com/errata/RHSA-2013-0237.html
26	http://rhn.redhat.com/errata/RHSA-2013-0237.html
27	http://rhn.redhat.com/errata/RHSA-2013-0245.html
28	http://rhn.redhat.com/errata/RHSA-2013-0245.html
29	http://rhn.redhat.com/errata/RHSA-2013-0246.html
30	http://rhn.redhat.com/errata/RHSA-2013-0246.html
31	http://rhn.redhat.com/errata/RHSA-2013-0247.html
32	http://rhn.redhat.com/errata/RHSA-2013-0247.html
33	http://rhn.redhat.com/errata/RHSA-2013-1455.html
34	http://rhn.redhat.com/errata/RHSA-2013-1455.html
35	http://rhn.redhat.com/errata/RHSA-2013-1456.html
36	http://rhn.redhat.com/errata/RHSA-2013-1456.html
37	http://security.gentoo.org/glsa/glsa-201406-32.xml
38	http://security.gentoo.org/glsa/glsa-201406-32.xml
39	http://www.kb.cert.org/vuls/id/858729	US Government Resource
40	http://www.kb.cert.org/vuls/id/858729	US Government Resource
41	http://www.mandriva.com/security/advisories?name=MDVSA-2013:095
42	http://www.mandriva.com/security/advisories?name=MDVSA-2013:095
43	http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html	Vendor Advisory
44	http://www.oracle.com/technetwork/topics/security/javacpufeb2013-1841061.html	Vendor Advisory
45	http://www.securityfocus.com/bid/57729
46	http://www.securityfocus.com/bid/57729
47	http://www.us-cert.gov/cas/techalerts/TA13-032A.html	US Government Resource
48	http://www.us-cert.gov/cas/techalerts/TA13-032A.html	US Government Resource
49	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16489
50	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16489
51	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19078
52	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19078
53	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19520
54	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19520
55	https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0056
56	https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0056

Common Vulnerabilities List

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:oracle:jre:1.7.0:update9::::::
cpe:2.3:a:oracle:jre:1.7.0:update6::::::
cpe:2.3:a:oracle:jre:1.7.0:update3::::::
cpe:2.3:a:oracle:jre:1.7.0:update10::::::
cpe:2.3:a:oracle:jre:1.7.0:update11::::::
cpe:2.3:a:oracle:jre:1.7.0:update2::::::
cpe:2.3:a:oracle:jre:1.7.0:update5::::::
cpe:2.3:a:oracle:jre:1.7.0:update4::::::
cpe:2.3:a:oracle:jre:1.7.0:::::::*
cpe:2.3:a:oracle:jre:1.7.0:update7::::::
cpe:2.3:a:oracle:jre:1.7.0:update1::::::

Configuration2	or higher	or less	more than	less than
cpe:2.3:a:oracle:jdk:1.7.0:update6::::::
cpe:2.3:a:oracle:jdk:1.7.0:update5::::::
cpe:2.3:a:oracle:jdk:1.7.0:update7::::::
cpe:2.3:a:oracle:jdk:1.7.0:update2::::::
cpe:2.3:a:oracle:jdk:1.7.0:update11::::::
cpe:2.3:a:oracle:jdk:1.7.0:::::::*
cpe:2.3:a:oracle:jdk:1.7.0:update9::::::
cpe:2.3:a:oracle:jdk:1.7.0:update3::::::
cpe:2.3:a:oracle:jdk:1.7.0:update1::::::
cpe:2.3:a:oracle:jdk:1.7.0:update10::::::
cpe:2.3:a:oracle:jdk:1.7.0:update4::::::

Configuration3	or higher	or less	more than	less than
cpe:2.3:a:sun:jre:1.6.0:update_3::::::
cpe:2.3:a:sun:jre:1.6.0:update_5::::::
cpe:2.3:a:sun:jre:1.6.0:update_13::::::
cpe:2.3:a:sun:jre:1.6.0:update_1::::::
cpe:2.3:a:sun:jre:1.6.0:update_2::::::
cpe:2.3:a:sun:jre:1.6.0:update_16::::::
cpe:2.3:a:sun:jre:1.6.0:update_20::::::
cpe:2.3:a:sun:jre:1.6.0:update_15::::::
cpe:2.3:a:sun:jre:1.6.0:update_6::::::
cpe:2.3:a:sun:jre:1.6.0:update_19::::::
cpe:2.3:a:sun:jre:1.6.0:::::::*
cpe:2.3:a:sun:jre:1.6.0:update_18::::::
cpe:2.3:a:sun:jre:1.6.0:update_10::::::
cpe:2.3:a:sun:jre:1.6.0:update_17::::::
cpe:2.3:a:sun:jre:1.6.0:update_21::::::
cpe:2.3:a:sun:jre:1.6.0:update_7::::::
cpe:2.3:a:sun:jre:1.6.0:update_14::::::
cpe:2.3:a:sun:jre:1.6.0:update_4::::::
cpe:2.3:a:sun:jre:1.6.0:update_9::::::
cpe:2.3:a:sun:jre:1.6.0:update_12::::::
cpe:2.3:a:sun:jre:1.6.0:update_11::::::
cpe:2.3:a:oracle:jre:1.6.0:update30::::::
cpe:2.3:a:oracle:jre:1.6.0:update32::::::
cpe:2.3:a:oracle:jre:1.6.0:update35::::::
cpe:2.3:a:oracle:jre:1.6.0:update25::::::
cpe:2.3:a:oracle:jre:1.6.0:update33::::::
cpe:2.3:a:oracle:jre:1.6.0:update24::::::
cpe:2.3:a:oracle:jre:1.6.0:update26::::::
cpe:2.3:a:oracle:jre:1.6.0:update27::::::
cpe:2.3:a:oracle:jre:1.6.0:update22::::::
cpe:2.3:a:oracle:jre:1.6.0:update31::::::
cpe:2.3:a:oracle:jre:1.6.0:update23::::::
cpe:2.3:a:oracle:jre:1.6.0:update38::::::
cpe:2.3:a:oracle:jre:1.6.0:update37::::::
cpe:2.3:a:oracle:jre:1.6.0:update34::::::
cpe:2.3:a:oracle:jre:1.6.0:update29::::::

Configuration4	or higher	or less	more than	less than
cpe:2.3:a:sun:jdk:1.6.0:update_4::::::
cpe:2.3:a:sun:jdk:1.6.0:update_7::::::
cpe:2.3:a:sun:jdk:1.6.0:update_19::::::
cpe:2.3:a:sun:jdk:1.6.0:update_13::::::
cpe:2.3:a:sun:jdk:1.6.0:update_3::::::
cpe:2.3:a:sun:jdk:1.6.0:update_11::::::
cpe:2.3:a:sun:jdk:1.6.0:update_10::::::
cpe:2.3:a:sun:jdk:1.6.0:update_14::::::
cpe:2.3:a:sun:jdk:1.6.0:::::::*
cpe:2.3:a:sun:jdk:1.6.0:update_17::::::
cpe:2.3:a:sun:jdk:1.6.0:update_5::::::
cpe:2.3:a:sun:jdk:1.6.0:update2::::::
cpe:2.3:a:sun:jdk:1.6.0:update1_b06::::::
cpe:2.3:a:sun:jdk:1.6.0:update_21::::::
cpe:2.3:a:sun:jdk:1.6.0:update_16::::::
cpe:2.3:a:sun:jdk:1.6.0:update1::::::
cpe:2.3:a:sun:jdk:1.6.0:update_15::::::
cpe:2.3:a:sun:jdk:1.6.0:update_12::::::
cpe:2.3:a:sun:jdk:1.6.0:update_18::::::
cpe:2.3:a:sun:jdk:1.6.0:update_6::::::
cpe:2.3:a:sun:jdk:1.6.0:update_20::::::
cpe:2.3:a:oracle:jdk:1.6.0:update33::::::
cpe:2.3:a:oracle:jdk:1.6.0:update25::::::
cpe:2.3:a:oracle:jdk:1.6.0:update29::::::
cpe:2.3:a:oracle:jdk:1.6.0:update31::::::
cpe:2.3:a:oracle:jdk:1.6.0:update27::::::
cpe:2.3:a:oracle:jdk:1.6.0:update24::::::
cpe:2.3:a:oracle:jdk:1.6.0:update23::::::
cpe:2.3:a:oracle:jdk:1.6.0:update22::::::
cpe:2.3:a:oracle:jdk:1.6.0:update32::::::
cpe:2.3:a:oracle:jdk:1.6.0:update26::::::
cpe:2.3:a:oracle:jdk:1.6.0:update34::::::
cpe:2.3:a:oracle:jdk:1.6.0:update30::::::
cpe:2.3:a:oracle:jdk:1.6.0:update38::::::
cpe:2.3:a:oracle:jdk:1.6.0:update37::::::
cpe:2.3:a:oracle:jdk:1.6.0:update35::::::