CVE-2013-1489

critical Microsoft
CVSS v3 Base Score
10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS Score
17.3%
Exploitation probability in 30 days
Top 5% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Confidentiality
C
Integrity
C
Availability
C
Published: January 31, 2013 (4851 days ago)
Last Modified: April 29, 2026
Vendor: Microsoft
Source: NVD

Description

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 10 and Update 11, when running on Windows using Internet Explorer, Firefox, Opera, and Google Chrome, allows remote attackers to bypass the "Very High" security level of the Java Control Panel and execute unsigned Java code without prompting the user via unknown vectors, aka "Issue 53" and the "Java Security Slider" vulnerability.

CWE

NVD-CWE-noinfo

Affected Products

oracle jdkoracle jre

References

🔗 blogs.computerworld.com 🔗 marc.info 🔗 marc.info 🔗 rhn.redhat.com 🔗 seclists.org