製品・ソフトウェアに関する情報

JVN脆弱性詳細

IBM Java の Java Runtime Environment における脆弱性

Title	IBM Java の Java Runtime Environment における脆弱性
Summary	IBM Java の Java Runtime Environment (JRE) には、機密性、可用性、および完全性に影響のある脆弱性が存在します。本脆弱性は、CVE-2013-3009 および CVE-2013-3011 とは異なる脆弱性です。
Possible impacts	第三者により、情報を取得される、サービス運用妨害 (DoS) 攻撃が行われる、および情報を改ざんされる可能性があります。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	June 24, 2013, midnight
Registration Date	July 24, 2013, 4:04 p.m.
Last Update	June 26, 2014, 5:34 p.m.

CVSS2.0 : 危険
Score	9.3
Vector	AV:N/AC:M/Au:N/C:C/I:C/A:C

Affected System

IBM

IBM Domino (旧 IBM Lotus Domino) 8.0.x

IBM Domino (旧 IBM Lotus Domino) 8.5.x

IBM Domino (旧 IBM Lotus Domino) 9.0

IBM Lotus Expeditor 6.2.x

IBM Notes 8.0.x

IBM Notes 8.5.x

IBM Notes 9.0

Java 1.4.2 SR13-FP18 未満の 1.4.2

Java 5.0 SR16-FP3 未満の 5.0

Java 6 SR14 未満の 6

Java 6.0.1 SR6 未満の 6.0.1

Java 7 SR5 未満の 7

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2013-3012	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3012
National Vulnerability Database (NVD)
2	CVE-2013-3012	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-3012

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-noinfo	https://www.ipa.go.jp/security/vuln/CWE.html#CWEnoinfo

ベンダー情報

No	Name	URL
IBM APAR
1	IV44796	http://www-01.ibm.com/support/docview.wss?uid=swg1IV44796
2	IV44797	http://www-01.ibm.com/support/docview.wss?uid=swg1IV44797
3	IV44798	http://www-01.ibm.com/support/docview.wss?uid=swg1IV44798
4	PM91730	http://www-01.ibm.com/support/docview.wss?uid=swg1PM91730
IBM Support Document
5	1642336	http://www-01.ibm.com/support/docview.wss?uid=swg21642336
6	1644197	http://www-01.ibm.com/support/docview.wss?uid=swg21644197
7	1644918	http://www.ibm.com/support/docview.wss?uid=swg21644918
8	1657606	http://www.ibm.com/support/docview.wss?uid=swg21657606
IBM セキュリティー情報
9	1646738	http://www.ibm.com/support/docview.wss?uid=swg21646738
10	1662297	http://www-01.ibm.com/support/docview.wss?uid=swg21662297
opensuse-security-announce
11	SUSE-SU-2013:1255	http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html
12	SUSE-SU-2013:1256	http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html
13	SUSE-SU-2013:1257	http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html
14	SUSE-SU-2013:1293	http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html
15	SUSE-SU-2013:1305	http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html
Red Hat Bugzilla
16	Bug 985501	https://bugzilla.redhat.com/show_bug.cgi?id=985501
Red Hat Security Advisory
17	RHSA-2013:1059	http://rhn.redhat.com/errata/RHSA-2013-1059.html
18	RHSA-2013:1060	http://rhn.redhat.com/errata/RHSA-2013-1060.html
19	RHSA-2013:1081	http://rhn.redhat.com/errata/RHSA-2013-1081.html
Security alerts
20	IBM_Security_Update_July_2013	http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013

Change Log

No	Changed Details	Date of change
0	[2013年07月24日] 掲載 [2013年11月15日] ベンダ情報：Novell (SUSE-SU-2013:1255) を追加ベンダ情報：Novell (SUSE-SU-2013:1256) を追加ベンダ情報：Novell (SUSE-SU-2013:1257) を追加ベンダ情報：Novell (SUSE-SU-2013:1293) を追加ベンダ情報：Novell (SUSE-SU-2013:1305) を追加ベンダ情報：レッドハット (RHSA-2013:1060) を追加ベンダ情報：レッドハット (RHSA-2013:1081) を追加 [2014年03月10日] ベンダ情報：レッドハット (RHSA-2013:1059) を追加 [2014年06月26日] 影響を受けるシステム：IBM (1644918) の情報を追加影響を受けるシステム：IBM (1657606) の情報を追加ベンダ情報：IBM (1644918) を追加ベンダ情報：IBM (1657606) を追加ベンダ情報：IBM (1646738) を追加ベンダ情報：IBM (1662297) を追加	Feb. 17, 2018, 10:37 a.m.

NVD Vulnerability Information

CVE-2013-3012

Summary	Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 1.4.2 before 1.4.2 SR13-FP18, 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3009 and CVE-2013-3011.
Publication Date	July 23, 2013, 8:03 p.m.
Registration Date	Jan. 26, 2021, 3:40 p.m.
Last Update	Nov. 21, 2024, 10:52 a.m.

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:ibm:java:5.0.12.2:::::::*
cpe:2.3:a:ibm:java:5.0.12.3:::::::*
cpe:2.3:a:ibm:java:5.0.0.0:::::::*
cpe:2.3:a:ibm:java:5.0.14.0:::::::*
cpe:2.3:a:ibm:java:5.0.11.0:::::::*
cpe:2.3:a:ibm:java:5.0.16.0:::::::*
cpe:2.3:a:ibm:java:5.0.12.1:::::::*
cpe:2.3:a:ibm:java:5.0.13.0:::::::*
cpe:2.3:a:ibm:java:5.0.16.2:::::::*
cpe:2.3:a:ibm:java:5.0.12.4:::::::*
cpe:2.3:a:ibm:java:5.0.11.2:::::::*
cpe:2.3:a:ibm:java:5.0.11.1:::::::*
cpe:2.3:a:ibm:java:5.0.16.1:::::::*
cpe:2.3:a:ibm:java:5.0.12.0:::::::*
cpe:2.3:a:ibm:java:5.0.12.5:::::::*
cpe:2.3:a:ibm:java:5.0.15.0:::::::*

Configuration2	or higher	or less	more than	less than
cpe:2.3:a:ibm:java:6.0.3.0:::::::*
cpe:2.3:a:ibm:java:6.0.9.0:::::::*
cpe:2.3:a:ibm:java:6.0.13.0:::::::*
cpe:2.3:a:ibm:java:6.0.10.1:::::::*
cpe:2.3:a:ibm:java:6.0.10.0:::::::*
cpe:2.3:a:ibm:java:6.0.13.2:::::::*
cpe:2.3:a:ibm:java:6.0.6.0:::::::*
cpe:2.3:a:ibm:java:6.0.1.0:::::::*
cpe:2.3:a:ibm:java:6.0.9.1:::::::*
cpe:2.3:a:ibm:java:6.0.12.0:::::::*
cpe:2.3:a:ibm:java:6.0.8.1:::::::*
cpe:2.3:a:ibm:java:6.0.11.0:::::::*
cpe:2.3:a:ibm:java:6.0.5.0:::::::*
cpe:2.3:a:ibm:java:6.0.7.0:::::::*
cpe:2.3:a:ibm:java:6.0.2.0:::::::*
cpe:2.3:a:ibm:java:6.0.13.1:::::::*
cpe:2.3:a:ibm:java:6.0.4.0:::::::*
cpe:2.3:a:ibm:java:6.0.9.2:::::::*
cpe:2.3:a:ibm:java:6.0.8.0:::::::*
cpe:2.3:a:ibm:java:6.0.0.0:::::::*

Configuration3	or higher	or less	more than	less than
cpe:2.3:a:ibm:java:7.0.0.0:::::::*
cpe:2.3:a:ibm:java:7.0.2.0:::::::*
cpe:2.3:a:ibm:java:7.0.4.2:::::::*
cpe:2.3:a:ibm:java:7.0.1.0:::::::*
cpe:2.3:a:ibm:java:7.0.4.1:::::::*
cpe:2.3:a:ibm:java:7.0.3.0:::::::*
cpe:2.3:a:ibm:java:7.0.4.0:::::::*

Configuration4	or higher	or less	more than	less than
cpe:2.3:a:ibm:java:1.4.2.13.16:::::::*
cpe:2.3:a:ibm:java:1.4.2.13.14:::::::*
cpe:2.3:a:ibm:java:1.4.2:::::::*
cpe:2.3:a:ibm:java:1.4.2.13.5:::::::*
cpe:2.3:a:ibm:java:1.4.2.13.13:::::::*
cpe:2.3:a:ibm:java:1.4.2.13.4:::::::*
cpe:2.3:a:ibm:java:1.4.2.13.11:::::::*
cpe:2.3:a:ibm:java:1.4.2.13.9:::::::*
cpe:2.3:a:ibm:java:1.4.2.13.15:::::::*
cpe:2.3:a:ibm:java:1.4.2.13.2:::::::*
cpe:2.3:a:ibm:java:1.4.2.13.7:::::::*
cpe:2.3:a:ibm:java:1.4.2.13:::::::*
cpe:2.3:a:ibm:java:1.4.2.13.6:::::::*
cpe:2.3:a:ibm:java:1.4.2.13.10:::::::*
cpe:2.3:a:ibm:java:1.4.2.13.1:::::::*
cpe:2.3:a:ibm:java:1.4.2.13.12:::::::*
cpe:2.3:a:ibm:java:1.4.2.13.8:::::::*
cpe:2.3:a:ibm:java:1.4.2.13.17:::::::*
cpe:2.3:a:ibm:java:1.4.2.13.3:::::::*

Related information, measures and tools

No	URL	タグ
1	http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html
2	http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html
3	http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html
4	http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html
5	http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html
6	http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html
7	http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html
8	http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html
9	http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00031.html
10	http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00031.html
11	http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html
12	http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html
13	http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html
14	http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html
15	http://rhn.redhat.com/errata/RHSA-2013-1059.html
16	http://rhn.redhat.com/errata/RHSA-2013-1059.html
17	http://rhn.redhat.com/errata/RHSA-2013-1060.html
18	http://rhn.redhat.com/errata/RHSA-2013-1060.html
19	http://rhn.redhat.com/errata/RHSA-2013-1081.html
20	http://rhn.redhat.com/errata/RHSA-2013-1081.html
21	http://secunia.com/advisories/54154	Vendor Advisory
22	http://secunia.com/advisories/54154	Vendor Advisory
23	http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013	Vendor Advisory
24	http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013	Vendor Advisory
25	http://www-01.ibm.com/support/docview.wss?uid=swg1IV44796
26	http://www-01.ibm.com/support/docview.wss?uid=swg1IV44796
27	http://www-01.ibm.com/support/docview.wss?uid=swg1IV44797
28	http://www-01.ibm.com/support/docview.wss?uid=swg1IV44797
29	http://www-01.ibm.com/support/docview.wss?uid=swg1IV44798
30	http://www-01.ibm.com/support/docview.wss?uid=swg1IV44798
31	http://www-01.ibm.com/support/docview.wss?uid=swg1PM91730
32	http://www-01.ibm.com/support/docview.wss?uid=swg1PM91730
33	http://www-01.ibm.com/support/docview.wss?uid=swg21642336	Vendor Advisory
34	http://www-01.ibm.com/support/docview.wss?uid=swg21642336	Vendor Advisory
35	http://www-01.ibm.com/support/docview.wss?uid=swg21644197	Vendor Advisory
36	http://www-01.ibm.com/support/docview.wss?uid=swg21644197	Vendor Advisory
37	https://exchange.xforce.ibmcloud.com/vulnerabilities/84153
38	https://exchange.xforce.ibmcloud.com/vulnerabilities/84153

Common Vulnerabilities List

Configuration1	or higher	or less	more than	less than
cpe:2.3:a:ibm:java:5.0.12.2:::::::*
cpe:2.3:a:ibm:java:5.0.12.3:::::::*
cpe:2.3:a:ibm:java:5.0.0.0:::::::*
cpe:2.3:a:ibm:java:5.0.14.0:::::::*
cpe:2.3:a:ibm:java:5.0.11.0:::::::*
cpe:2.3:a:ibm:java:5.0.16.0:::::::*
cpe:2.3:a:ibm:java:5.0.12.1:::::::*
cpe:2.3:a:ibm:java:5.0.13.0:::::::*
cpe:2.3:a:ibm:java:5.0.16.2:::::::*
cpe:2.3:a:ibm:java:5.0.12.4:::::::*
cpe:2.3:a:ibm:java:5.0.11.2:::::::*
cpe:2.3:a:ibm:java:5.0.11.1:::::::*
cpe:2.3:a:ibm:java:5.0.16.1:::::::*
cpe:2.3:a:ibm:java:5.0.12.0:::::::*
cpe:2.3:a:ibm:java:5.0.12.5:::::::*
cpe:2.3:a:ibm:java:5.0.15.0:::::::*

Configuration2	or higher	or less	more than	less than
cpe:2.3:a:ibm:java:6.0.3.0:::::::*
cpe:2.3:a:ibm:java:6.0.9.0:::::::*
cpe:2.3:a:ibm:java:6.0.13.0:::::::*
cpe:2.3:a:ibm:java:6.0.10.1:::::::*
cpe:2.3:a:ibm:java:6.0.10.0:::::::*
cpe:2.3:a:ibm:java:6.0.13.2:::::::*
cpe:2.3:a:ibm:java:6.0.6.0:::::::*
cpe:2.3:a:ibm:java:6.0.1.0:::::::*
cpe:2.3:a:ibm:java:6.0.9.1:::::::*
cpe:2.3:a:ibm:java:6.0.12.0:::::::*
cpe:2.3:a:ibm:java:6.0.8.1:::::::*
cpe:2.3:a:ibm:java:6.0.11.0:::::::*
cpe:2.3:a:ibm:java:6.0.5.0:::::::*
cpe:2.3:a:ibm:java:6.0.7.0:::::::*
cpe:2.3:a:ibm:java:6.0.2.0:::::::*
cpe:2.3:a:ibm:java:6.0.13.1:::::::*
cpe:2.3:a:ibm:java:6.0.4.0:::::::*
cpe:2.3:a:ibm:java:6.0.9.2:::::::*
cpe:2.3:a:ibm:java:6.0.8.0:::::::*
cpe:2.3:a:ibm:java:6.0.0.0:::::::*

Configuration3	or higher	or less	more than	less than
cpe:2.3:a:ibm:java:7.0.0.0:::::::*
cpe:2.3:a:ibm:java:7.0.2.0:::::::*
cpe:2.3:a:ibm:java:7.0.4.2:::::::*
cpe:2.3:a:ibm:java:7.0.1.0:::::::*
cpe:2.3:a:ibm:java:7.0.4.1:::::::*
cpe:2.3:a:ibm:java:7.0.3.0:::::::*
cpe:2.3:a:ibm:java:7.0.4.0:::::::*

Configuration4	or higher	or less	more than	less than
cpe:2.3:a:ibm:java:1.4.2.13.16:::::::*
cpe:2.3:a:ibm:java:1.4.2.13.14:::::::*
cpe:2.3:a:ibm:java:1.4.2:::::::*
cpe:2.3:a:ibm:java:1.4.2.13.5:::::::*
cpe:2.3:a:ibm:java:1.4.2.13.13:::::::*
cpe:2.3:a:ibm:java:1.4.2.13.4:::::::*
cpe:2.3:a:ibm:java:1.4.2.13.11:::::::*
cpe:2.3:a:ibm:java:1.4.2.13.9:::::::*
cpe:2.3:a:ibm:java:1.4.2.13.15:::::::*
cpe:2.3:a:ibm:java:1.4.2.13.2:::::::*
cpe:2.3:a:ibm:java:1.4.2.13.7:::::::*
cpe:2.3:a:ibm:java:1.4.2.13:::::::*
cpe:2.3:a:ibm:java:1.4.2.13.6:::::::*
cpe:2.3:a:ibm:java:1.4.2.13.10:::::::*
cpe:2.3:a:ibm:java:1.4.2.13.1:::::::*
cpe:2.3:a:ibm:java:1.4.2.13.12:::::::*
cpe:2.3:a:ibm:java:1.4.2.13.8:::::::*
cpe:2.3:a:ibm:java:1.4.2.13.17:::::::*
cpe:2.3:a:ibm:java:1.4.2.13.3:::::::*