CVE-2013-1493

Home/CVE/The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and

CVE

The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and

The color management (CMM) functionality in the 2D component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (crash) via an image with crafted raster parameters, which triggers (1) an out-of-bounds read or (2) memory corruption in the JVM, as exploited in the wild in February 2013.

HIGH · CVSS 10 EPSS 0.91612

Act now

EPSS ≥ 0.50 - high probability of exploitation in the next 30 days
EPSS percentile: top 0% of all CVEs by exploitation likelihood
Public exploit or PoC is available
CVSS base score ≥ 7.0

Sigma rules10 YARA rules0

◆

Threat Actors Linked

actorAPT1

⬡

Weakness Classification

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer

▤

Affected Products & Versions

oracle jre<= 1.7.0
oracle jreall versions
oracle jre<= 1.5.0
sun jreall versions
oracle jdk<= 1.6.0
oracle jdkall versions

⚠

Public Exploits & PoCs

remoteJava CMM - Remote Code Execution (Metasploit)verified

pocwww.exploit-db.com · 24904www.exploit-db.com

◈

Detection Rules (IDS/IPS)

snort-communityEXPLOIT-KIT DotkaChef/Rmayana/DotCache exploit kit inbound java exploit downloadtrojan-activity

snort-communityEXPLOIT-KIT DotkaChef/Rmayana/DotCache exploit kit Zeroaccess download attempttrojan-activity

snort-communityEXPLOIT-KIT Private exploit kit outbound traffictrojan-activity

Open rulesets (ET Open, Snort Community, abuse.ch) link to source. Commercial rulesets are reference-only.

◈

Sigma Hunt Rules

Exact rules name this CVE ID. Product rules name an affected product in their title. Related rules cover techniques used by actors who exploited this CVE. Showing the most relevant matches; the complete related set is on the full drill-down.

relatedcriticalAntivirus Password Dumper Detection

relatedcriticalHacktool Execution - Imphash

relatedcriticalHackTool - Rubeus Execution

relatedcriticalPotential Credential Dumping Via LSASS Process Clone

relatedcriticalWCE wceaux.dll Access

relatedcriticalHackTool - Dumpert Process Dumper Default File

Show all 10 top matches

relatedcriticalHackTool - Credential Dumping Tools Named Pipe Created

relatedcriticalHackTool - Inveigh Execution

relatedcriticalHackTool - SafetyKatz Execution

relatedcriticalHackTool - Dumpert Process Dumper Execution

▣

Scoring & Timeline

HIGH · CVSS v2 (legacy) · secalert_us@oracle.com

View on NVD

This CVE predates CVSS v3; the legacy v2 score is shown so triage still has a severity to work with.

v2 Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Published to NVD05 Mar 2013 · 10:06 PM

⚑

Vendor Advisories

suse-csafopenSUSE-SU-2024:10534-1
suse-csafSUSE-SU-2015:0344-1
suse-csafSUSE-SU-2015:1086-3
suse-csafSUSE-SU-2015:0392-1
suse-csafSUSE-SU-2015:1086-1
Show all 18 vendor advisoriesrhsaRHSA-2013:1456Moderate
rhsaRHSA-2013:1455Moderate
usnUSN-1755-2
usnUSN-1755-1
rhsaRHSA-2013:0603Critical
rhsaRHSA-2013:0625Critical
rhsaRHSA-2013:0602Critical
rhsaRHSA-2013:0624Critical
rhsaRHSA-2013:0605Critical
rhsaRHSA-2013:0604Critical
rhsaRHSA-2013:0626Critical
rhsaRHSA-2013:0601Critical
rhsaRHSA-2013:0600Critical