Medium severity5.3NVD Advisory· Published Dec 29, 2017· Updated Jun 16, 2026
CVE-2013-4578
CVE-2013-4578
Description
jarsigner in OpenJDK and Oracle Java SE before 7u51 allows remote attackers to bypass a code-signing protection mechanism and inject unsigned bytecode into a signed JAR file by leveraging improper file validation.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
102cpe:2.3:a:oracle:jdk:*:*:*:*:*:*:*:*+ 33 more
- cpe:2.3:a:oracle:jdk:*:*:*:*:*:*:*:*range: <=1.7.0
- cpe:2.3:a:oracle:jdk:1.7.0:update1:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update10:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update10_b31:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update11:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update11_b32:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update13:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update15:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update17:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update17_b31:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update17_b32:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update2:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update21:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update21_b31:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update25:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update25_b33:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update25_b34:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update25_b35:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update3:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update4:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update40:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update45:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update45_b31:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update45_b32:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update45_b33:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update45_b34:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update5:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update51:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update6:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update7:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update7_b32:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update9:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update9_b31:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update9_b32:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*+ 33 more
- cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*range: <=1.7.0
- cpe:2.3:a:oracle:jre:1.7.0:update1:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update10:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update10_b31:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update11:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update11_b32:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update13:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update15:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update17:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update17_b31:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update17_b32:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update2:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update21:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update21_b31:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update25:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update25_b33:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update25_b34:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update25_b35:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update3:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update4:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update40:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update45:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update45_b31:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update45_b32:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update45_b33:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update45_b34:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update5:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update51:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update6:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update7:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update7_b32:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update9:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update9_b31:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update9_b32:*:*:*:*:*:*
- Range: <7u51
- osv-coords32 versionspkg:apk/chainguard/openjdk-11-openj9pkg:apk/chainguard/openjdk-11-openj9-dbgpkg:apk/chainguard/openjdk-11-openj9-default-jdkpkg:apk/chainguard/openjdk-11-openj9-default-jvmpkg:apk/chainguard/openjdk-11-openj9-default-policypkg:apk/chainguard/openjdk-11-openj9-docpkg:apk/chainguard/openjdk-11-openj9-jmodspkg:apk/chainguard/openjdk-11-openj9-jrepkg:apk/chainguard/openjdk-17-openj9pkg:apk/chainguard/openjdk-17-openj9-dbgpkg:apk/chainguard/openjdk-17-openj9-default-jdkpkg:apk/chainguard/openjdk-17-openj9-default-jvmpkg:apk/chainguard/openjdk-17-openj9-default-policypkg:apk/chainguard/openjdk-17-openj9-docpkg:apk/chainguard/openjdk-17-openj9-jmodspkg:apk/chainguard/openjdk-17-openj9-jrepkg:apk/chainguard/openjdk-21-openj9pkg:apk/chainguard/openjdk-21-openj9-dbgpkg:apk/chainguard/openjdk-21-openj9-default-jdkpkg:apk/chainguard/openjdk-21-openj9-default-jvmpkg:apk/chainguard/openjdk-21-openj9-default-policypkg:apk/chainguard/openjdk-21-openj9-docpkg:apk/chainguard/openjdk-21-openj9-jmodspkg:apk/chainguard/openjdk-21-openj9-jrepkg:apk/chainguard/openjdk-25-openj9-jmodspkg:apk/chainguard/openjdk-26-openj9-jrepkg:apk/chainguard/openjdk-8-openj9pkg:apk/chainguard/openjdk-8-openj9-dbgpkg:apk/chainguard/openjdk-8-openj9-default-jdkpkg:apk/chainguard/openjdk-8-openj9-default-jvmpkg:apk/chainguard/openjdk-8-openj9-docpkg:apk/chainguard/openjdk-8-openj9-jre
< 0.53.0-r0+ 31 more
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.53.0-r0
- (no CPE)range: < 0.48.0-r2
- (no CPE)range: < 0.48.0-r2
- (no CPE)range: < 0.48.0-r2
- (no CPE)range: < 0.48.0-r2
- (no CPE)range: < 0.48.0-r2
- (no CPE)range: < 0.48.0-r2
- (no CPE)range: < 0.48.0-r2
- (no CPE)range: < 0.48.0-r2
- (no CPE)range: < 0.59.0-r1
- (no CPE)range: < 0.59.0-r1
- (no CPE)range: < 0.53.0-r1
- (no CPE)range: < 0.53.0-r1
- (no CPE)range: < 0.53.0-r1
- (no CPE)range: < 0.53.0-r1
- (no CPE)range: < 0.53.0-r1
- (no CPE)range: < 0.53.0-r1
Patches
Vulnerability mechanics
References
5- hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/d5f36e1c927envdPatchVendor Advisory
- access.redhat.com/errata/RHSA-2014:0414nvdPatchThird Party AdvisoryVDB Entry
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingPatchThird Party AdvisoryVDB Entry
- www.openwall.com/lists/oss-security/2015/02/08/6nvdMailing ListThird Party Advisory
- www.openwall.com/lists/oss-security/2015/02/09/9nvdMailing ListThird Party Advisory
News mentions
0No linked articles in our index yet.