Vulnerabilites related to ibm - java
Vulnerability from fkie_nvd
Published
2013-11-24 18:55
Modified
2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6, 6.0.1 before SR7, and 6.0.0 before SR15 allows remote attackers to execute arbitrary code via unspecified vectors.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:java:6.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "14AD4A87-382A-41F0-96D8-0F0A9B738773",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33701DDF-6882-41D3-A11B-A1F4585A77A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9A8BF650-B8F5-467E-8DBF-81788B55F345",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6, 6.0.1 before SR7, and 6.0.0 before SR15 allows remote attackers to execute arbitrary code via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en Java SDK de IBM, versiones 7.0.0 anteriores a SR6, 6.0.1 anteriores a SR7, y 6.0.0 anteriores a SR15 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2013-5457",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-11-24T18:55:04.303",
"references": [
{
"source": "psirt@us.ibm.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://secunia.com/advisories/56338"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV51334"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655202"
},
{
"source": "psirt@us.ibm.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88256"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_November_2013"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/56338"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV51334"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655202"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88256"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_November_2013"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-11-24 18:55
Modified
2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6, 6.0.1 before SR7, 6.0.0 before SR15, and 5.0.0 before SR16 FP4 allows remote attackers to access restricted classes via unspecified vectors related to XML and XSL.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:java:5.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "03D3F84F-3F6E-4DF1-B162-152293D951EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "14AD4A87-382A-41F0-96D8-0F0A9B738773",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33701DDF-6882-41D3-A11B-A1F4585A77A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9A8BF650-B8F5-467E-8DBF-81788B55F345",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6, 6.0.1 before SR7, 6.0.0 before SR15, and 5.0.0 before SR16 FP4 allows remote attackers to access restricted classes via unspecified vectors related to XML and XSL."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en IBM Java SDK 7.0.0 anteriores a SR6, 6.0.1 anteriores a SR7, 6.0.0 anteriores a SR15, y 5.0.0 anteriores a SR16 FP4 permite a atacantes remotos acceder a clases restringidas a trav\u00e9s de vectores no especificados relacionados con XML y XSL."
}
],
"id": "CVE-2013-5375",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-11-24T18:55:04.273",
"references": [
{
"source": "psirt@us.ibm.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1509.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://secunia.com/advisories/56338"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV51089"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV51090"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655202"
},
{
"source": "psirt@us.ibm.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86901"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_November_2013"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1509.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/56338"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV51089"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV51090"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655202"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86901"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_November_2013"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-09-02 23:55
Modified
2025-04-11 00:51
Severity ?
Summary
The class file parser in IBM Java 1.4.2 SR13 FP9 allows remote authenticated users to cause a denial of service (memory consumption or an infinite loop) via a crafted attribute length field in a class file, related to validation of a length field at the wrong time, a different vulnerability than CVE-2011-0311.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F6EA48C2-7EF8-4E2E-A366-DE53B73029F6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The class file parser in IBM Java 1.4.2 SR13 FP9 allows remote authenticated users to cause a denial of service (memory consumption or an infinite loop) via a crafted attribute length field in a class file, related to validation of a length field at the wrong time, a different vulnerability than CVE-2011-0311."
},
{
"lang": "es",
"value": "El analizador de archivos de clase en IBM Java v1.4.2 SR13 FP9 permite a usuarios remotos autenticados provocar una denegaci\u00f3n de servicio (consumo de memoria o un bucle infinito) a trav\u00e9s de un campo de atributo de longitud modificada en un archivo de clase, relacionado con la validaci\u00f3n de un campo de longitud en el momento equivocado, una vulnerabilidad diferente a CVE-2011-0311."
}
],
"id": "CVE-2011-3387",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-09-02T23:55:05.460",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1265.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69641"
},
{
"source": "cve@mitre.org",
"url": "https://www-304.ibm.com/support/docview.wss?uid=isg1PM42551"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1265.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69641"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www-304.ibm.com/support/docview.wss?uid=isg1PM42551"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-07-23 11:03
Modified
2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3006.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:java:7.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9A8BF650-B8F5-467E-8DBF-81788B55F345",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1752A831-916F-4A7D-8AAE-1CEFACC51F91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0C9744C4-76BE-428B-AFF2-5BCE00A58322",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "48B1DE45-90F9-416B-9087-8AEF5B0A3C46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9EF6A045-0DF6-463B-A0DB-6C31D8C2984C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A731493C-9B46-4105-9902-B15BA0E0FB11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "49454369-A494-4EAA-88D5-181570DEBB4A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3006."
},
{
"lang": "es",
"value": "Vulnerabilidad sin especificar en Java Runtime Environment (JRE) en IBM Java 7 anterior a 7 SR5, permite a atacantes remotos comprometer la disponibilidad, confidencialidad e integridad a trav\u00e9s de vectores no especificados. Vulnerabilidad distinta de CVE-2013-3006."
}
],
"id": "CVE-2013-3008",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-07-23T11:03:19.663",
"references": [
{
"source": "psirt@us.ibm.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/54154"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV44791"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21642336"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013"
},
{
"source": "psirt@us.ibm.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84149"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/54154"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV44791"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21642336"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84149"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-11-24 18:55
Modified
2025-04-11 00:51
Severity ?
Summary
The com.ibm.rmi.io.SunSerializableFactory class in IBM Java SDK 7.0.0 before SR6 allows remote attackers to bypass a sandbox protection mechanism and execute arbitrary code via vectors related to deserialization inside the AccessController doPrivileged block.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:java:7.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9A8BF650-B8F5-467E-8DBF-81788B55F345",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The com.ibm.rmi.io.SunSerializableFactory class in IBM Java SDK 7.0.0 before SR6 allows remote attackers to bypass a sandbox protection mechanism and execute arbitrary code via vectors related to deserialization inside the AccessController doPrivileged block."
},
{
"lang": "es",
"value": "La clase com.ibm.rmi.io.SunSerializableFactory en IBM Java SDK 7.0.0 en versiones anteriores a SR6 permite a atacantes remotos eludir un mecanismo de protecci\u00f3n de sandbox y ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores relacionados con deserializaci\u00f3n dentro del bloque AccessController doPrivileged."
}
],
"id": "CVE-2013-5456",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-11-24T18:55:04.287",
"references": [
{
"source": "psirt@us.ibm.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://secunia.com/advisories/56338"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV51329"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655202"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.security-explorations.com/materials/SE-2012-01-IBM-3.pdf"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.security-explorations.com/materials/SE-2012-01-IBM-5.pdf"
},
{
"source": "psirt@us.ibm.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88255"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_November_2013"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/56338"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV51329"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655202"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.security-explorations.com/materials/SE-2012-01-IBM-3.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.security-explorations.com/materials/SE-2012-01-IBM-5.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88255"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_November_2013"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-12-02 01:59
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in IBM Java Runtime Environment (JRE) 7 R1 before SR2 (7.1.2.0), 7 before SR8 (7.0.8.0), 6 R1 before SR8 FP2 (6.1.8.2), 6 before SR16 FP2 (6.0.16.2), and before SR16 FP8 (5.0.16.8) allows local users to execute arbitrary code via vectors related to the shared classes cache.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | java | 5.0.0.0 | |
| ibm | java | 5.0.11.0 | |
| ibm | java | 5.0.11.1 | |
| ibm | java | 5.0.11.2 | |
| ibm | java | 5.0.12.0 | |
| ibm | java | 5.0.12.1 | |
| ibm | java | 5.0.12.2 | |
| ibm | java | 5.0.12.3 | |
| ibm | java | 5.0.12.4 | |
| ibm | java | 5.0.12.5 | |
| ibm | java | 5.0.13.0 | |
| ibm | java | 5.0.14.0 | |
| ibm | java | 5.0.15.0 | |
| ibm | java | 5.0.16.0 | |
| ibm | java | 5.0.16.1 | |
| ibm | java | 5.0.16.2 | |
| ibm | java | 5.0.16.3 | |
| ibm | java | 6.0.0.0 | |
| ibm | java | 6.0.1.0 | |
| ibm | java | 6.0.2.0 | |
| ibm | java | 6.0.3.0 | |
| ibm | java | 6.0.4.0 | |
| ibm | java | 6.0.5.0 | |
| ibm | java | 6.0.6.0 | |
| ibm | java | 6.0.7.0 | |
| ibm | java | 6.0.8.0 | |
| ibm | java | 6.0.8.1 | |
| ibm | java | 6.0.9.0 | |
| ibm | java | 6.0.9.1 | |
| ibm | java | 6.0.9.2 | |
| ibm | java | 6.0.10.0 | |
| ibm | java | 6.0.10.1 | |
| ibm | java | 6.0.11.0 | |
| ibm | java | 6.0.12.0 | |
| ibm | java | 6.0.13.0 | |
| ibm | java | 6.0.13.1 | |
| ibm | java | 6.0.13.2 | |
| ibm | java | 6.0.14.0 | |
| ibm | java | 7.0.0.0 | |
| ibm | java | 7.0.1.0 | |
| ibm | java | 7.0.2.0 | |
| ibm | java | 7.0.3.0 | |
| ibm | java | 7.0.4.0 | |
| ibm | java | 7.0.4.1 | |
| ibm | java | 7.0.4.2 | |
| ibm | java | 7.0.5.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:java:5.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "03D3F84F-3F6E-4DF1-B162-152293D951EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A18121C3-F3F1-4EC7-A64E-3F6A0C9788C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BAD59912-7325-4AE1-ACCF-D4F804AF3947",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "62783157-E3B6-4A23-8D2F-1FBD0762E9A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "14CC0D53-8AB8-4D44-82BB-0E6A974C36AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "91A3129F-17A6-4F32-BD5D-34E4A1D1A840",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E2845FF4-2620-4B8D-96CF-CC26B3DEA3C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CC7CD279-54B6-4F6B-AE14-299FB319C690",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.12.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0EA269CA-4676-4008-89EF-20FAB89886A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.12.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D22105B6-1378-4E1C-B28A-FCAE00A2D5CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "601762D3-1188-4945-931D-EB8DAC2847A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA4A30A6-498C-46B8-8EFC-45EB13354EAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "414CC00A-C797-4C34-8709-75DC061DCDE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.16.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4401B967-0550-44F1-8753-9632120D2A44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.16.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4961693D-F56C-46CD-B721-6A15E2837C17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.16.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AA4FBB66-CF6A-42D2-B122-1861F4139E75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.16.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0E4B1DD6-3056-4FA8-8203-CCD8036FBD4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "14AD4A87-382A-41F0-96D8-0F0A9B738773",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33701DDF-6882-41D3-A11B-A1F4585A77A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "25C58BBA-06AC-40CD-A906-FD1B3B0AAB69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "76C5B430-EE11-4674-B4B0-895D66E3B32F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B1837D84-6B4F-40D8-9A3F-71C328F659BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D20A369B-2168-4883-A84C-BB48A71AFB33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3628AAB4-E524-46E5-AAF4-1980256F13CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "30DC9FE3-CDE9-4F83-989B-4E431BA18B56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C17B1C6B-04CE-49FB-B9BD-98ECD626B26F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "81F529EB-2BCA-4E3E-93E4-2A9880CDA367",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8DEAC3D6-F9F8-4F82-9BF1-FF0EC07A3274",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7694638C-CDAC-44DF-B9F9-F7237CD98017",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "23903A3C-1760-4836-BAE6-BDD32CBB4CBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2477E033-D26B-4D71-839B-5FE4B0927559",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CAB7BF-265E-411D-A584-E78DE171F065",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4E45F670-232F-4CE5-8926-6463E5619506",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5B70E6E3-15B3-4D48-AE49-B9184A58EECE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D5BCE3FD-B89B-4141-8103-9DB941AD60D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8EADFB3B-738F-4919-B165-9ECEED46EA6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B23A5431-E599-4848-AB83-B299898F5EF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5FAE5E9B-3CF5-40E5-A551-1AFD6BD07A2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9A8BF650-B8F5-467E-8DBF-81788B55F345",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1752A831-916F-4A7D-8AAE-1CEFACC51F91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0C9744C4-76BE-428B-AFF2-5BCE00A58322",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "48B1DE45-90F9-416B-9087-8AEF5B0A3C46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9EF6A045-0DF6-463B-A0DB-6C31D8C2984C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A731493C-9B46-4105-9902-B15BA0E0FB11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "49454369-A494-4EAA-88D5-181570DEBB4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C76B9DFD-7259-423A-8CFC-A898E74897AE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in IBM Java Runtime Environment (JRE) 7 R1 before SR2 (7.1.2.0), 7 before SR8 (7.0.8.0), 6 R1 before SR8 FP2 (6.1.8.2), 6 before SR16 FP2 (6.0.16.2), and before SR16 FP8 (5.0.16.8) allows local users to execute arbitrary code via vectors related to the shared classes cache."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en IBM Java Runtime Environment (JRE) 7 R1 anterior a SR2 (7.1.2.0), 7 anterior a SR8 (7.0.8.0), 6 R1 anterior a SR8 FP2 (6.1.8.2), 6 anterior a SR16 FP2 (6.0.16.2), y anterior a SR16 FP8 (5.0.16.8) permite a usuarios locales ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores relacionados con el cach\u00e9 de clases compartidas."
}
],
"id": "CVE-2014-3065",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-12-02T01:59:01.467",
"references": [
{
"source": "psirt@us.ibm.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1876.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1877.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1880.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1881.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1882.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV66044"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV66045"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.securityfocus.com/bid/71147"
},
{
"source": "psirt@us.ibm.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1162554"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1876.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1877.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1880.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1881.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1882.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV66044"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV66045"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/71147"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1162554"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-01-11 00:55
Modified
2025-04-11 00:51
Severity ?
Summary
Multiple unspecified vulnerabilities in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes & Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allow remote attackers to execute arbitrary code via "insecure use" of the (1) java.lang.Class getDeclaredMethods or nd (2) java.lang.reflect.AccessibleObject setAccessible() methods.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
"matchCriteriaId": "18BA3404-DE06-43A3-8319-31ECA80A8B8B",
"versionEndIncluding": "1.4.2.13.13",
"versionStartIncluding": "1.4.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5BEA3D56-2995-42F6-9306-84B9E24AD317",
"versionEndIncluding": "5.0.14.0",
"versionStartIncluding": "5.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A59F289-2472-46F7-AD4B-24D9CE59807F",
"versionEndIncluding": "6.0.11.0",
"versionStartIncluding": "6.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9ABE8021-3E50-4DBF-991F-59BDD301389E",
"versionEndIncluding": "7.0.2.0",
"versionStartIncluding": "7.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6C3DB9C3-4DAC-4663-9097-95600E13FCDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CE8510F6-D054-488E-99E9-A58272C47AA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "15DB2AF7-B494-4494-8686-33CB6A4C2CDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6FD6A3A3-6D6C-4EE0-B092-862DB03AC320",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1D2A467B-72FA-4280-A397-BC9D86D5B012",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D419EFAE-E03F-4F4A-8C18-06BE61EBBF5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F936FD55-AD59-47B3-8591-3F79B2ABB4E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A1588F54-4E8B-43C3-85E5-A12C04B694CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B6DDD0E9-9084-4F0A-B3F1-8357CAD88A3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E0059358-69C1-4F89-B4E6-B6BE22845D33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ECF00AEE-9A3A-46E3-8B0F-2131E3235431",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9861BE52-4945-4F36-B6EF-701DB789CA28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0D6BFA82-5CA0-403F-98E6-342EF87AE366",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "79CBA8AF-9C3D-4510-8D91-7C42931CD3FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB694E3-96E1-4283-8DE3-91E930F76A65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EDB2B497-83A2-41A4-9F0D-CD17080CC1DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "91D7FA80-1FD9-48F3-934A-FC7B3BAD4FD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E30C8593-884E-4F6B-B107-0B3276EB1102",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A5B5CCB4-BB4F-4677-A7AA-B7C20682A00D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2408220F-FBDB-419E-8F04-35BED47CE213",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "350ACC22-669F-4429-A525-36F56EF9678C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3C068055-FB7A-4AFB-AF29-28238ECF126F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1ACB4B2C-CCE1-4A0A-B962-B8C208869589",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "692E295E-E650-42D5-AF7A-D6276C3D76E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A1E25625-8570-4744-A2A2-4A4FB4D8AC6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "50660BA1-A24A-4DBF-AB59-1CF04FA54120",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5759CBCB-7B3F-462A-B51A-FD2C6B13CCE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "69A79FA5-83FB-4067-B2A6-17EAF3947998",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "17815F4E-BB34-40D2-A3EE-3C7741940D1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7DE79982-9E92-498A-B961-55CB1D2D104F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F6814E3F-479C-4F56-BF66-C685E60CCA34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "BB9EF5DE-4432-4099-AD59-CDD52E387BB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A1013797-0442-46A7-A94F-354388BA6B69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0CC228A3-1878-4A9F-8664-F4DFF77BF74B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0119A252-73B1-490F-9371-06E8FDB8B979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "57D24791-E798-4B08-A051-E880DEFB8268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2758590C-67FD-4DD6-84C1-0D32264BBE5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FC083C-B25E-427F-B722-B5ABD4F072F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B0CF8A5-BC24-4204-BC06-2E1E2FB60E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CDA723DB-62C5-4C84-B0BA-5313FDA49D73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "92F08B96-D43E-407E-839C-4C3C5BB58B2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5E50C779-C780-45FB-BC77-B9717389D2EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "867779A4-A7A5-48AD-9AC0-C6476719A5EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6B7B7544-D60C-4B9A-BC29-B30AD86EC9B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9D475EF5-DBB3-4B98-BB07-83A2632B5E0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F797A209-65C0-4A20-9DA2-C5576C091DE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9B01BCFA-13B4-4AB3-9558-4B704F6DCFA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D027E003-84C9-4290-A032-649C5E66B23B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1D9A13AC-B552-4E86-9E5D-62354D78E49C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4E5CDBCB-F314-453B-B837-B03B53215748",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7A92849F-05E0-47DB-AB43-8AC559568D0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2BAE23EA-8576-4B4E-A6ED-91EB30E3FB6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_sametime:8.0.80407:*:*:*:*:*:*:*",
"matchCriteriaId": "EB384FC6-D343-40F1-B9D3-480217EB97D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_sametime:8.0.80822:*:*:*:*:*:*:*",
"matchCriteriaId": "9D4D8B5E-8172-4FC2-9F4F-6FB5D989DE1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_sametime:8.5.1.20100709-1631:*:*:*:advanced_embedded:*:*:*",
"matchCriteriaId": "62A619D0-A250-41F7-8BC3-37B1507AF37C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6F9782A-17B1-4258-8B03-483328EFB01D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "27E40AA1-CF34-4757-8EE1-873A5B199496",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3997E3C6-1822-4DBB-A6E1-B46F4E0CF3B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "35746885-CB26-4527-AB17-BBEF37A33F70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6AE0191C-D6EF-486A-B497-9692D2892DA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BE3021AA-7337-46B2-AECE-D4C93C032578",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "29746507-F154-4216-B560-1D9243D5FF7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "80E42A69-B549-4904-AC5C-E2053CB38450",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2B2285A0-B3E7-4D41-9D06-796485D39B0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E0D4D6C6-656D-433F-973B-7C0F7FD09428",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9DC57196-D703-407C-9883-58C31C6C4C62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D25E5860-083C-4D43-945C-AB068BFF624B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E41ECC63-45B0-4011-8906-FF4DC825DA50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB76CF67-767D-4A30-BB3F-2F44D80BC609",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "521A5B6F-D214-4181-915B-CE1AF1F90397",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.3:interim_fix_1:*:*:*:*:*:*",
"matchCriteriaId": "87F9AF9E-E7EA-44DF-AD03-0D28CC105EC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_change:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AD723C24-48AA-480F-93A5-064F9D4D75F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_change:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AFCFCA2C-1594-4FE3-BE4D-B9407A1BC1C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_change:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "323418E3-6CDF-4E84-8D3C-324BFE95DD4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_change:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F08AFD22-F720-4683-9444-012722E5E979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_host_on-demand:1.6.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "B9114377-B995-419A-A566-4CFD06715298",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_host_on-demand:8.0.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EAFD73FB-2F37-4B0D-A967-B6DD8500A273",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_host_on-demand:9.0.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5E0D1AE7-63C6-4E66-90EB-9FB1ED71FC22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_host_on-demand:10.0.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16CAC644-C915-46BF-88C3-6792304B7CE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_host_on-demand:10.0.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C9B4EA6D-BA41-4170-B4EC-6850ACA98344",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "39AD3F53-55F2-451D-8A56-9B7B96F19AD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5D8ABC05-561E-43D7-B408-BED36676C6B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF30EFD9-12DD-4D2E-A087-66C008CF4338",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C3F20944-2611-41DC-8470-F267EA09A66F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16A57406-18F3-4F9E-A6C1-72DB1B0D0F47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8CDC30B5-78D0-4F0F-9F85-96B85026F33F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:service_delivery_manager:7.2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AB5888AC-B251-4DE4-95E8-56385429343E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:service_delivery_manager:7.2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CCA27B37-E411-496D-B23B-C8F8B9F95239",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:smart_analytics_system_5600_software:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A24824E-7091-41EA-A994-67DB0BAFF592",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:smart_analytics_system_5600_software:9.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0C04EBD9-A8CD-498E-9724-848BBF4C13FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BE417DBB-F699-4B0C-93E4-F2A96E60A42C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "503B5597-B95E-4F8F-BCB6-B303D378F5CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2289E7D5-2915-42D3-BE86-FF63BF507251",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "45864079-DC1E-42F6-B9D4-36E1A46DE093",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "39A65FE7-7745-4D94-A22C-D0C7CF1C339A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5DB4F6B1-F1A1-40A3-9EB6-36CBDCF5FD55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "13DB3D7D-0D80-4B7E-B516-D4AE2AE3FC48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11F1528F-BE73-4B03-BFA5-B1F96099F3F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AD8B5726-CDA8-4BDE-B2A6-AE308959A862",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6233ED9B-760D-4218-A25B-DF67D703D9EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "350B304F-4ED0-4A91-A901-77A149DE2481",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "50A2D35D-4170-4DD7-9AD3-39F23D432289",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "15E20435-C3A0-4A57-B82A-595A48BB0991",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33A34B3F-710C-42A8-B791-DA624B23E36D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E5010AB5-0932-4F05-9D6A-9D4C49151E83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7299B1C8-7BC2-4F42-B19E-4D0D2E599D02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1FC98EF0-EDCA-47D8-A4CE-083E3AA0376C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6522CFEE-4368-4596-8DB9-18247AB19C67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8E386E16-9F8F-4444-A190-EF964CA339F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "AC24B012-A887-4A3F-A32C-80435C64BC10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F0B310DC-21E5-4A0D-A3D6-B0FD21C6C4F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "499FAEEF-0533-44FE-8249-AE40C6233E06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "1E8B4310-F5D2-4448-89C1-E6D656351E7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "88380637-715A-49CB-A9B6-0F8411225E9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D3AF6714-0D55-4C81-B354-F3875ACE4388",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "94A90709-74AD-4C1B-806C-E7E335A3A773",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E17308E6-B755-434F-8D2B-E5BBA37BA1F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_remote_control:5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C3BFA6A7-DA21-4DB1-829E-6CBF15AE19B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_real_time:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2487821D-BB7A-4574-A98B-B37604CD4654",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_real_time:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "88CB9D0F-DCAB-484D-ACA8-64772659EE6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tivoli_storage_productivity_center:5.0:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E541FE5B-2147-4340-85BE-C6A23E64F343",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tivoli_storage_productivity_center:5.1:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1EFAA15-C456-45A5-8B60-5CCF0CF0029B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tivoli_storage_productivity_center:5.1.1:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8B783E88-2CDB-47B9-8F2F-126E60EA42CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:smart_analytics_system_5600:7200:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9B9B97-8A48-4202-A48B-092585DDE4F2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes \u0026 Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allow remote attackers to execute arbitrary code via \"insecure use\" of the (1) java.lang.Class getDeclaredMethods or nd (2) java.lang.reflect.AccessibleObject setAccessible() methods."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades no especificadas en el componente JRE en IBM Java 7 SR2 y anteriores, Java v6.0.1 SR3 y anteriores, Java 6 SR11 y anteriores, Java 5 SR14 y anteriores, y Java 142 SR13 FP13 y anteriores; como las usadas en IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control v5.1.2, WebSphere Real Time, Lotus Notes \u0026 Domino, Tivoli Storage Productivity Center, y Service Deliver Manager; y otros productos de otros vendedores como Red Hat, permite a atacantes remotos a ejecutar c\u00f3digo trav\u00e9s de vectores relacionados con \"uso inseguro\" de m\u00e9todos (1) java.lang.Class getDeclaredMethods o (2) java.lang.reflect.AccessibleObject setAccessible()."
}
],
"id": "CVE-2012-4821",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2013-01-11T00:55:01.027",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/bugtraq/2012/Sep/38"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/51326"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/51634"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV29659"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/55495"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78765"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/bugtraq/2012/Sep/38"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/51326"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/51634"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV29659"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/55495"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78765"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-01-11 00:55
Modified
2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes & Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allows remote attackers to execute arbitrary code via vectors related to "insecure use of the java.lang.ClassLoder defineClass() method."
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
"matchCriteriaId": "18BA3404-DE06-43A3-8319-31ECA80A8B8B",
"versionEndIncluding": "1.4.2.13.13",
"versionStartIncluding": "1.4.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5BEA3D56-2995-42F6-9306-84B9E24AD317",
"versionEndIncluding": "5.0.14.0",
"versionStartIncluding": "5.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A59F289-2472-46F7-AD4B-24D9CE59807F",
"versionEndIncluding": "6.0.11.0",
"versionStartIncluding": "6.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9ABE8021-3E50-4DBF-991F-59BDD301389E",
"versionEndIncluding": "7.0.2.0",
"versionStartIncluding": "7.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6C3DB9C3-4DAC-4663-9097-95600E13FCDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CE8510F6-D054-488E-99E9-A58272C47AA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "15DB2AF7-B494-4494-8686-33CB6A4C2CDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6FD6A3A3-6D6C-4EE0-B092-862DB03AC320",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1D2A467B-72FA-4280-A397-BC9D86D5B012",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D419EFAE-E03F-4F4A-8C18-06BE61EBBF5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F936FD55-AD59-47B3-8591-3F79B2ABB4E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A1588F54-4E8B-43C3-85E5-A12C04B694CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B6DDD0E9-9084-4F0A-B3F1-8357CAD88A3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E0059358-69C1-4F89-B4E6-B6BE22845D33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ECF00AEE-9A3A-46E3-8B0F-2131E3235431",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9861BE52-4945-4F36-B6EF-701DB789CA28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0D6BFA82-5CA0-403F-98E6-342EF87AE366",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "79CBA8AF-9C3D-4510-8D91-7C42931CD3FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB694E3-96E1-4283-8DE3-91E930F76A65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EDB2B497-83A2-41A4-9F0D-CD17080CC1DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "91D7FA80-1FD9-48F3-934A-FC7B3BAD4FD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E30C8593-884E-4F6B-B107-0B3276EB1102",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A5B5CCB4-BB4F-4677-A7AA-B7C20682A00D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2408220F-FBDB-419E-8F04-35BED47CE213",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "350ACC22-669F-4429-A525-36F56EF9678C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3C068055-FB7A-4AFB-AF29-28238ECF126F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1ACB4B2C-CCE1-4A0A-B962-B8C208869589",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "692E295E-E650-42D5-AF7A-D6276C3D76E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A1E25625-8570-4744-A2A2-4A4FB4D8AC6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "50660BA1-A24A-4DBF-AB59-1CF04FA54120",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5759CBCB-7B3F-462A-B51A-FD2C6B13CCE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "69A79FA5-83FB-4067-B2A6-17EAF3947998",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "17815F4E-BB34-40D2-A3EE-3C7741940D1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7DE79982-9E92-498A-B961-55CB1D2D104F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F6814E3F-479C-4F56-BF66-C685E60CCA34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "BB9EF5DE-4432-4099-AD59-CDD52E387BB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A1013797-0442-46A7-A94F-354388BA6B69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0CC228A3-1878-4A9F-8664-F4DFF77BF74B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0119A252-73B1-490F-9371-06E8FDB8B979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "57D24791-E798-4B08-A051-E880DEFB8268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2758590C-67FD-4DD6-84C1-0D32264BBE5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FC083C-B25E-427F-B722-B5ABD4F072F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B0CF8A5-BC24-4204-BC06-2E1E2FB60E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CDA723DB-62C5-4C84-B0BA-5313FDA49D73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "92F08B96-D43E-407E-839C-4C3C5BB58B2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5E50C779-C780-45FB-BC77-B9717389D2EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "867779A4-A7A5-48AD-9AC0-C6476719A5EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6B7B7544-D60C-4B9A-BC29-B30AD86EC9B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9D475EF5-DBB3-4B98-BB07-83A2632B5E0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F797A209-65C0-4A20-9DA2-C5576C091DE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9B01BCFA-13B4-4AB3-9558-4B704F6DCFA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D027E003-84C9-4290-A032-649C5E66B23B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1D9A13AC-B552-4E86-9E5D-62354D78E49C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4E5CDBCB-F314-453B-B837-B03B53215748",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7A92849F-05E0-47DB-AB43-8AC559568D0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2BAE23EA-8576-4B4E-A6ED-91EB30E3FB6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_sametime:8.0.80407:*:*:*:*:*:*:*",
"matchCriteriaId": "EB384FC6-D343-40F1-B9D3-480217EB97D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_sametime:8.0.80822:*:*:*:*:*:*:*",
"matchCriteriaId": "9D4D8B5E-8172-4FC2-9F4F-6FB5D989DE1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_sametime:8.5.1.20100709-1631:*:*:*:advanced_embedded:*:*:*",
"matchCriteriaId": "62A619D0-A250-41F7-8BC3-37B1507AF37C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6F9782A-17B1-4258-8B03-483328EFB01D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "27E40AA1-CF34-4757-8EE1-873A5B199496",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3997E3C6-1822-4DBB-A6E1-B46F4E0CF3B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "35746885-CB26-4527-AB17-BBEF37A33F70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6AE0191C-D6EF-486A-B497-9692D2892DA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BE3021AA-7337-46B2-AECE-D4C93C032578",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "29746507-F154-4216-B560-1D9243D5FF7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "80E42A69-B549-4904-AC5C-E2053CB38450",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2B2285A0-B3E7-4D41-9D06-796485D39B0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E0D4D6C6-656D-433F-973B-7C0F7FD09428",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9DC57196-D703-407C-9883-58C31C6C4C62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D25E5860-083C-4D43-945C-AB068BFF624B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E41ECC63-45B0-4011-8906-FF4DC825DA50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB76CF67-767D-4A30-BB3F-2F44D80BC609",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "521A5B6F-D214-4181-915B-CE1AF1F90397",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.3:interim_fix_1:*:*:*:*:*:*",
"matchCriteriaId": "87F9AF9E-E7EA-44DF-AD03-0D28CC105EC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_change:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AD723C24-48AA-480F-93A5-064F9D4D75F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_change:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AFCFCA2C-1594-4FE3-BE4D-B9407A1BC1C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_change:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "323418E3-6CDF-4E84-8D3C-324BFE95DD4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_change:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F08AFD22-F720-4683-9444-012722E5E979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_host_on-demand:1.6.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "B9114377-B995-419A-A566-4CFD06715298",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_host_on-demand:8.0.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EAFD73FB-2F37-4B0D-A967-B6DD8500A273",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_host_on-demand:9.0.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5E0D1AE7-63C6-4E66-90EB-9FB1ED71FC22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_host_on-demand:10.0.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16CAC644-C915-46BF-88C3-6792304B7CE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_host_on-demand:10.0.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C9B4EA6D-BA41-4170-B4EC-6850ACA98344",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "39AD3F53-55F2-451D-8A56-9B7B96F19AD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5D8ABC05-561E-43D7-B408-BED36676C6B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF30EFD9-12DD-4D2E-A087-66C008CF4338",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C3F20944-2611-41DC-8470-F267EA09A66F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16A57406-18F3-4F9E-A6C1-72DB1B0D0F47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8CDC30B5-78D0-4F0F-9F85-96B85026F33F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:service_delivery_manager:7.2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AB5888AC-B251-4DE4-95E8-56385429343E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:service_delivery_manager:7.2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CCA27B37-E411-496D-B23B-C8F8B9F95239",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:smart_analytics_system_5600_software:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A24824E-7091-41EA-A994-67DB0BAFF592",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:smart_analytics_system_5600_software:9.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0C04EBD9-A8CD-498E-9724-848BBF4C13FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BE417DBB-F699-4B0C-93E4-F2A96E60A42C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "503B5597-B95E-4F8F-BCB6-B303D378F5CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2289E7D5-2915-42D3-BE86-FF63BF507251",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "45864079-DC1E-42F6-B9D4-36E1A46DE093",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "39A65FE7-7745-4D94-A22C-D0C7CF1C339A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5DB4F6B1-F1A1-40A3-9EB6-36CBDCF5FD55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "13DB3D7D-0D80-4B7E-B516-D4AE2AE3FC48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11F1528F-BE73-4B03-BFA5-B1F96099F3F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AD8B5726-CDA8-4BDE-B2A6-AE308959A862",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6233ED9B-760D-4218-A25B-DF67D703D9EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "350B304F-4ED0-4A91-A901-77A149DE2481",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "50A2D35D-4170-4DD7-9AD3-39F23D432289",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "15E20435-C3A0-4A57-B82A-595A48BB0991",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33A34B3F-710C-42A8-B791-DA624B23E36D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E5010AB5-0932-4F05-9D6A-9D4C49151E83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7299B1C8-7BC2-4F42-B19E-4D0D2E599D02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1FC98EF0-EDCA-47D8-A4CE-083E3AA0376C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6522CFEE-4368-4596-8DB9-18247AB19C67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8E386E16-9F8F-4444-A190-EF964CA339F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "AC24B012-A887-4A3F-A32C-80435C64BC10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F0B310DC-21E5-4A0D-A3D6-B0FD21C6C4F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "499FAEEF-0533-44FE-8249-AE40C6233E06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "1E8B4310-F5D2-4448-89C1-E6D656351E7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "88380637-715A-49CB-A9B6-0F8411225E9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D3AF6714-0D55-4C81-B354-F3875ACE4388",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "94A90709-74AD-4C1B-806C-E7E335A3A773",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E17308E6-B755-434F-8D2B-E5BBA37BA1F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_remote_control:5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C3BFA6A7-DA21-4DB1-829E-6CBF15AE19B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_real_time:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2487821D-BB7A-4574-A98B-B37604CD4654",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_real_time:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "88CB9D0F-DCAB-484D-ACA8-64772659EE6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tivoli_storage_productivity_center:5.0:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E541FE5B-2147-4340-85BE-C6A23E64F343",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tivoli_storage_productivity_center:5.1:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1EFAA15-C456-45A5-8B60-5CCF0CF0029B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tivoli_storage_productivity_center:5.1.1:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8B783E88-2CDB-47B9-8F2F-126E60EA42CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:smart_analytics_system_5600:7200:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9B9B97-8A48-4202-A48B-092585DDE4F2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes \u0026 Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allows remote attackers to execute arbitrary code via vectors related to \"insecure use of the java.lang.ClassLoder defineClass() method.\""
},
{
"lang": "es",
"value": "Una vulnerabilidad no especificada en el componente JRE de IBM Java 7 SR2 y anteriores, SR3 Java v6.0.1 y anteriores, Java 6 SR11 y anteriores, Java 5 SR14 y anteriores, y Java 142 SR13 FP13 y anteriores, tal y como se utiliza en IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control v5.1.2, WebSphere Real Time, Lotus Notes y Domino, Tivoli Storage Productivity Center y Service Deliver Manager y otros productos de otros fabricantes tales como Red Hat, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de vectores relacionados con el \"uso inseguro del m\u00e9todo defineClass java.lang.ClassLoder().\"\r\n"
}
],
"id": "CVE-2012-4823",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2013-01-11T00:55:01.150",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1466.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/bugtraq/2012/Sep/38"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/51326"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/51327"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/51634"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV29687"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/55495"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78767"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1466.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/bugtraq/2012/Sep/38"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/51326"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/51327"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/51634"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV29687"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/55495"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78767"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-07-23 11:03
Modified
2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 6.0.1 before 6.0.1 SR6 and 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3007.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:java:6.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33701DDF-6882-41D3-A11B-A1F4585A77A7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:java:7.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9A8BF650-B8F5-467E-8DBF-81788B55F345",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1752A831-916F-4A7D-8AAE-1CEFACC51F91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0C9744C4-76BE-428B-AFF2-5BCE00A58322",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "48B1DE45-90F9-416B-9087-8AEF5B0A3C46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9EF6A045-0DF6-463B-A0DB-6C31D8C2984C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A731493C-9B46-4105-9902-B15BA0E0FB11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "49454369-A494-4EAA-88D5-181570DEBB4A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 6.0.1 before 6.0.1 SR6 and 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3007."
},
{
"lang": "es",
"value": "Vulnerabilidad sin especificar en Java Runtime Environment (JRE) en IBM Java, 6.0.1 anterior a 6.0.1 SR6, y 7 anterior a 7 SR5, permite a atacantes remotos comprometer la disponibilidad, confidencialidad e integridad a trav\u00e9s de vectores no especificados. Vulnerabilidad distinta de CVE-2013-3007."
}
],
"id": "CVE-2013-3010",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-07-23T11:03:19.730",
"references": [
{
"source": "psirt@us.ibm.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/54154"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IX90119"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21642336"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013"
},
{
"source": "psirt@us.ibm.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84151"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/54154"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IX90119"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21642336"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84151"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-01-21 18:55
Modified
2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in IBM Java SDK 7 before SR4-FP1, 6 before SR13-FP1, 5.0 before SR16-FP1, and 1.4.2 before SR13-FP16 has unknown impact and attack vectors related to Class Libraries.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "82F48415-7D29-488D-B0F0-21BBF67A8025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "03D3F84F-3F6E-4DF1-B162-152293D951EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "14AD4A87-382A-41F0-96D8-0F0A9B738773",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9A8BF650-B8F5-467E-8DBF-81788B55F345",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in IBM Java SDK 7 before SR4-FP1, 6 before SR13-FP1, 5.0 before SR16-FP1, and 1.4.2 before SR13-FP16 has unknown impact and attack vectors related to Class Libraries."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en IBM Java SDK 7 en versiones anteriores a SR4-FP1, 6 en versiones anteriores a SR13-FP1, 5.0 en versiones anteriores a SR16-FP1 y 1.4.2 en versiones anteriores a SR13-FP16 tiene impacto desconocido y vectores de ataque relacionados con Class Libraries."
}
],
"id": "CVE-2013-0485",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-01-21T18:55:09.257",
"references": [
{
"source": "psirt@us.ibm.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00020.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.ibm.com/developerworks/java/jdk/aix/142_64/fixes.html#SR13FP16"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.ibm.com/developerworks/java/jdk/aix/j532/fixes.html#SR16FP1"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.ibm.com/developerworks/java/jdk/aix/j664/Java6_64.fixes.html#SR13FP1"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.ibm.com/developerworks/java/jdk/aix/j732/Java7.fixes.html#SR4FP1"
},
{
"source": "psirt@us.ibm.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=950072"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ibm.com/developerworks/java/jdk/aix/142_64/fixes.html#SR13FP16"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ibm.com/developerworks/java/jdk/aix/j532/fixes.html#SR16FP1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ibm.com/developerworks/java/jdk/aix/j664/Java6_64.fixes.html#SR13FP1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ibm.com/developerworks/java/jdk/aix/j732/Java7.fixes.html#SR4FP1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=950072"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-07-23 11:03
Modified
2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 1.4.2 before 1.4.2 SR13-FP18, 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3009 and CVE-2013-3012.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | java | 5.0.0.0 | |
| ibm | java | 5.0.11.0 | |
| ibm | java | 5.0.11.1 | |
| ibm | java | 5.0.11.2 | |
| ibm | java | 5.0.12.0 | |
| ibm | java | 5.0.12.1 | |
| ibm | java | 5.0.12.2 | |
| ibm | java | 5.0.12.3 | |
| ibm | java | 5.0.12.4 | |
| ibm | java | 5.0.12.5 | |
| ibm | java | 5.0.13.0 | |
| ibm | java | 5.0.14.0 | |
| ibm | java | 5.0.15.0 | |
| ibm | java | 5.0.16.0 | |
| ibm | java | 5.0.16.1 | |
| ibm | java | 5.0.16.2 | |
| ibm | java | 6.0.0.0 | |
| ibm | java | 6.0.1.0 | |
| ibm | java | 6.0.2.0 | |
| ibm | java | 6.0.3.0 | |
| ibm | java | 6.0.4.0 | |
| ibm | java | 6.0.5.0 | |
| ibm | java | 6.0.6.0 | |
| ibm | java | 6.0.7.0 | |
| ibm | java | 6.0.8.0 | |
| ibm | java | 6.0.8.1 | |
| ibm | java | 6.0.9.0 | |
| ibm | java | 6.0.9.1 | |
| ibm | java | 6.0.9.2 | |
| ibm | java | 6.0.10.0 | |
| ibm | java | 6.0.10.1 | |
| ibm | java | 6.0.11.0 | |
| ibm | java | 6.0.12.0 | |
| ibm | java | 6.0.13.0 | |
| ibm | java | 6.0.13.1 | |
| ibm | java | 6.0.13.2 | |
| ibm | java | 7.0.0.0 | |
| ibm | java | 7.0.1.0 | |
| ibm | java | 7.0.2.0 | |
| ibm | java | 7.0.3.0 | |
| ibm | java | 7.0.4.0 | |
| ibm | java | 7.0.4.1 | |
| ibm | java | 7.0.4.2 | |
| ibm | java | 1.4.2 | |
| ibm | java | 1.4.2.13 | |
| ibm | java | 1.4.2.13.1 | |
| ibm | java | 1.4.2.13.2 | |
| ibm | java | 1.4.2.13.3 | |
| ibm | java | 1.4.2.13.4 | |
| ibm | java | 1.4.2.13.5 | |
| ibm | java | 1.4.2.13.6 | |
| ibm | java | 1.4.2.13.7 | |
| ibm | java | 1.4.2.13.8 | |
| ibm | java | 1.4.2.13.9 | |
| ibm | java | 1.4.2.13.10 | |
| ibm | java | 1.4.2.13.11 | |
| ibm | java | 1.4.2.13.12 | |
| ibm | java | 1.4.2.13.13 | |
| ibm | java | 1.4.2.13.14 | |
| ibm | java | 1.4.2.13.15 | |
| ibm | java | 1.4.2.13.16 | |
| ibm | java | 1.4.2.13.17 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:java:5.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "03D3F84F-3F6E-4DF1-B162-152293D951EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A18121C3-F3F1-4EC7-A64E-3F6A0C9788C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BAD59912-7325-4AE1-ACCF-D4F804AF3947",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "62783157-E3B6-4A23-8D2F-1FBD0762E9A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "14CC0D53-8AB8-4D44-82BB-0E6A974C36AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "91A3129F-17A6-4F32-BD5D-34E4A1D1A840",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E2845FF4-2620-4B8D-96CF-CC26B3DEA3C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CC7CD279-54B6-4F6B-AE14-299FB319C690",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.12.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0EA269CA-4676-4008-89EF-20FAB89886A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.12.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D22105B6-1378-4E1C-B28A-FCAE00A2D5CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "601762D3-1188-4945-931D-EB8DAC2847A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA4A30A6-498C-46B8-8EFC-45EB13354EAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "414CC00A-C797-4C34-8709-75DC061DCDE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.16.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4401B967-0550-44F1-8753-9632120D2A44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.16.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4961693D-F56C-46CD-B721-6A15E2837C17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.16.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AA4FBB66-CF6A-42D2-B122-1861F4139E75",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:java:6.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "14AD4A87-382A-41F0-96D8-0F0A9B738773",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33701DDF-6882-41D3-A11B-A1F4585A77A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "25C58BBA-06AC-40CD-A906-FD1B3B0AAB69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "76C5B430-EE11-4674-B4B0-895D66E3B32F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B1837D84-6B4F-40D8-9A3F-71C328F659BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D20A369B-2168-4883-A84C-BB48A71AFB33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3628AAB4-E524-46E5-AAF4-1980256F13CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "30DC9FE3-CDE9-4F83-989B-4E431BA18B56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C17B1C6B-04CE-49FB-B9BD-98ECD626B26F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "81F529EB-2BCA-4E3E-93E4-2A9880CDA367",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8DEAC3D6-F9F8-4F82-9BF1-FF0EC07A3274",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7694638C-CDAC-44DF-B9F9-F7237CD98017",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "23903A3C-1760-4836-BAE6-BDD32CBB4CBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2477E033-D26B-4D71-839B-5FE4B0927559",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CAB7BF-265E-411D-A584-E78DE171F065",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4E45F670-232F-4CE5-8926-6463E5619506",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5B70E6E3-15B3-4D48-AE49-B9184A58EECE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D5BCE3FD-B89B-4141-8103-9DB941AD60D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8EADFB3B-738F-4919-B165-9ECEED46EA6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B23A5431-E599-4848-AB83-B299898F5EF0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:java:7.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9A8BF650-B8F5-467E-8DBF-81788B55F345",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1752A831-916F-4A7D-8AAE-1CEFACC51F91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0C9744C4-76BE-428B-AFF2-5BCE00A58322",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "48B1DE45-90F9-416B-9087-8AEF5B0A3C46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9EF6A045-0DF6-463B-A0DB-6C31D8C2984C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A731493C-9B46-4105-9902-B15BA0E0FB11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "49454369-A494-4EAA-88D5-181570DEBB4A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "82F48415-7D29-488D-B0F0-21BBF67A8025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "429E0F9B-63D2-46C1-9BB3-C0B91FC5A0B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7D454628-6074-42C5-B2F4-8ABC5597746E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BC71A3DD-E08E-41FF-8443-5A75AD9F4FB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E09B43A6-87FB-4ECA-B837-469AA63FCED7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13.4:*:*:*:*:*:*:*",
"matchCriteriaId": "55BD6A1E-8043-43AA-980D-8A277CE3CDB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8549B650-7862-4C3B-8F26-8D9EC490000E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13.6:*:*:*:*:*:*:*",
"matchCriteriaId": "89D960CA-0065-44FE-83C4-F02119FEA7CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F2F28E80-A2FE-4985-8D02-06E6E10D8186",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13.8:*:*:*:*:*:*:*",
"matchCriteriaId": "E484DE96-7DDE-4B49-B6CF-E4A4F22BDA5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F6EA48C2-7EF8-4E2E-A366-DE53B73029F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13.10:*:*:*:*:*:*:*",
"matchCriteriaId": "7EF5408C-D5CA-4404-9268-D0C26325FDD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13.11:*:*:*:*:*:*:*",
"matchCriteriaId": "6515717B-2DBF-4D91-BA6F-8BD77DE860F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13.12:*:*:*:*:*:*:*",
"matchCriteriaId": "5A5E269F-A5F5-40D9-8FF2-8FAAD73AFA32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13.13:*:*:*:*:*:*:*",
"matchCriteriaId": "95CB9215-CB52-484A-A67A-C7C2CBA8F68D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13.14:*:*:*:*:*:*:*",
"matchCriteriaId": "6944A8CC-B4E5-4F1F-BA71-384D7EE074B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13.15:*:*:*:*:*:*:*",
"matchCriteriaId": "7D8146AC-57A3-4FB3-A384-DD3B00133E69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13.16:*:*:*:*:*:*:*",
"matchCriteriaId": "5803B80C-3169-45ED-B5C9-095C032778A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13.17:*:*:*:*:*:*:*",
"matchCriteriaId": "DD37B25A-3306-4FD2-84D4-EDDAA3236C12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 1.4.2 before 1.4.2 SR13-FP18, 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3009 and CVE-2013-3012."
},
{
"lang": "es",
"value": "Vulnerabilidad sin especificar en Java Runtime Environment (JRE) en IBM Java 1.4.2 anterior a 1.4.2 SR13-FP18, 5.0 anterior a 5.0 SR16-FP3, 6 anterior a 6 SR14, 6.0.1 anterior a 6.0.1 SR6, y 7 anterior a 7 SR5, permite a atacantes remotos comprometer la disponibilidad, confidencialidad e integridad a trav\u00e9s de vectores no especificados. Vulnerabilidad distinta de CVE-2013-3009 y CVE-2013-3012."
}
],
"id": "CVE-2013-3011",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-07-23T11:03:19.747",
"references": [
{
"source": "psirt@us.ibm.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00031.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1059.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1081.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/54154"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV44793"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV44795"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM91729"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21642336"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013"
},
{
"source": "psirt@us.ibm.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84152"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00031.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1059.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1081.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/54154"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV44793"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV44795"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM91729"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21642336"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84152"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-09-02 23:55
Modified
2025-04-11 00:51
Severity ?
Summary
The class file parser in IBM Java before 1.4.2 SR13 FP9, as used in IBM Runtimes for Java Technology 5.0.0 before SR13 and 6.0.0 before SR10, allows remote authenticated users to cause a denial of service (JVM segmentation fault, and possibly memory consumption or an infinite loop) via a crafted attribute length field in a class file, which triggers a buffer over-read.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E576D33E-6CA1-4BAD-9D69-541D0F003DD7",
"versionEndIncluding": "1.4.2.13.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "82F48415-7D29-488D-B0F0-21BBF67A8025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "429E0F9B-63D2-46C1-9BB3-C0B91FC5A0B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7D454628-6074-42C5-B2F4-8ABC5597746E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BC71A3DD-E08E-41FF-8443-5A75AD9F4FB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E09B43A6-87FB-4ECA-B837-469AA63FCED7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13.4:*:*:*:*:*:*:*",
"matchCriteriaId": "55BD6A1E-8043-43AA-980D-8A277CE3CDB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8549B650-7862-4C3B-8F26-8D9EC490000E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13.6:*:*:*:*:*:*:*",
"matchCriteriaId": "89D960CA-0065-44FE-83C4-F02119FEA7CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F2F28E80-A2FE-4985-8D02-06E6E10D8186",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:runtimes_for_java_technology:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5F8563B4-D8A1-459D-BAEB-2463EF09159C",
"versionEndIncluding": "5.0.12.4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:runtimes_for_java_technology:*:*:*:*:*:*:*:*",
"matchCriteriaId": "658DDD54-C861-4CDC-BC9C-6FE63D881114",
"versionEndIncluding": "6.0.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:runtimes_for_java_technology:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A56BF2F0-8CC0-429F-A5B6-C506FDC37093",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:runtimes_for_java_technology:5.0.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AAB2F473-FB5D-41EA-A7AC-2C4A004DDD7B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:runtimes_for_java_technology:5.0.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CB6BA998-227B-4300-9741-C8F09B8947D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:runtimes_for_java_technology:5.0.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D37B94A5-87E9-4390-943A-39FAAD6A32C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:runtimes_for_java_technology:5.0.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4D44117A-B0BD-4C50-B49D-E5F200ED1DDF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:runtimes_for_java_technology:5.0.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "EED69200-9C79-4A30-8E29-E084B1CDF62B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:runtimes_for_java_technology:5.0.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "15C93D05-FA19-48B4-815A-672658454A9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:runtimes_for_java_technology:5.0.12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FB48BEDD-B1B2-461A-934E-BDDE4AF3A233",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:runtimes_for_java_technology:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9F6AE573-2EC7-4917-9686-89A98D123685",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:runtimes_for_java_technology:6.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "58D8B506-16B1-4991-90B9-9CC9D3C07F7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:runtimes_for_java_technology:6.0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "71526367-0EF6-445E-805C-D53AB71A5885",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:runtimes_for_java_technology:6.0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2880FA53-BC93-4D39-83E3-FB19AC89485D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:runtimes_for_java_technology:6.0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "39C1392A-866A-4591-9ED4-D420383AC1D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:runtimes_for_java_technology:6.0.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "57BEF1B1-E4BC-4D8C-A4FF-5CFDBEB9B454",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:runtimes_for_java_technology:6.0.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5265E83-947E-488C-B8D8-9934EE4872E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:runtimes_for_java_technology:6.0.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C917DA62-6953-4E72-87D5-F177665F9983",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:runtimes_for_java_technology:6.0.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "80C5372D-3CED-4BA3-A155-CE2FFCCA1B62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:runtimes_for_java_technology:6.0.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F1403930-A2CA-4052-9BB8-096C218F8D7A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The class file parser in IBM Java before 1.4.2 SR13 FP9, as used in IBM Runtimes for Java Technology 5.0.0 before SR13 and 6.0.0 before SR10, allows remote authenticated users to cause a denial of service (JVM segmentation fault, and possibly memory consumption or an infinite loop) via a crafted attribute length field in a class file, which triggers a buffer over-read."
},
{
"lang": "es",
"value": "El analizador de archivos de clases en IBM Java antes de v1.4.2 SR13 FP9, tal como se utiliza en IBM Runtimes para Java Technology v5.0.0 antes de SR13 y v6.0.0 antes de SR10, permite a usuarios autenticados remotamente provocar una denegaci\u00f3n de servicio (fallo de segmentaci\u00f3n de JVM, y posiblemente, el consumo de memoria o un bucle infinito) a trav\u00e9s de un campo de atributo de longitud modificada en un archivo de clase, lo que provoca una sobrelectura de buffer."
}
],
"id": "CVE-2011-0311",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-09-02T23:55:01.943",
"references": [
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00004.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00010.html"
},
{
"source": "cve@mitre.org",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ89602"
},
{
"source": "cve@mitre.org",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ89620"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1159.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1265.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65189"
},
{
"source": "cve@mitre.org",
"url": "https://www-304.ibm.com/support/docview.wss?uid=isg1PM42551"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ89602"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ89620"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1159.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1265.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65189"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www-304.ibm.com/support/docview.wss?uid=isg1PM42551"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-07-23 11:03
Modified
2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3008.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:java:7.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9A8BF650-B8F5-467E-8DBF-81788B55F345",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1752A831-916F-4A7D-8AAE-1CEFACC51F91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0C9744C4-76BE-428B-AFF2-5BCE00A58322",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "48B1DE45-90F9-416B-9087-8AEF5B0A3C46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9EF6A045-0DF6-463B-A0DB-6C31D8C2984C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A731493C-9B46-4105-9902-B15BA0E0FB11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "49454369-A494-4EAA-88D5-181570DEBB4A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3008."
},
{
"lang": "es",
"value": "Vulnerabilidad sin especificar en Java Runtime Environment (JRE) en IBM Java 7 anterior a 7 SR5, permite a atacantes remotos comprometer la disponibilidad, confidencialidad e integridad a trav\u00e9s de vectores no especificados. Vulnerabilidad distinta de CVE-2013-3008."
}
],
"id": "CVE-2013-3006",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-07-23T11:03:19.623",
"references": [
{
"source": "psirt@us.ibm.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/54154"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV44790"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21642336"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013"
},
{
"source": "psirt@us.ibm.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84147"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/54154"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV44790"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21642336"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84147"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-01-11 00:55
Modified
2025-04-11 00:51
Severity ?
Summary
Multiple unspecified vulnerabilities in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes & Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allow remote attackers to execute arbitrary code via vectors related to "insecure use [of] multiple methods in the java.lang.class class."
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
"matchCriteriaId": "18BA3404-DE06-43A3-8319-31ECA80A8B8B",
"versionEndIncluding": "1.4.2.13.13",
"versionStartIncluding": "1.4.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5BEA3D56-2995-42F6-9306-84B9E24AD317",
"versionEndIncluding": "5.0.14.0",
"versionStartIncluding": "5.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A59F289-2472-46F7-AD4B-24D9CE59807F",
"versionEndIncluding": "6.0.11.0",
"versionStartIncluding": "6.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9ABE8021-3E50-4DBF-991F-59BDD301389E",
"versionEndIncluding": "7.0.2.0",
"versionStartIncluding": "7.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6C3DB9C3-4DAC-4663-9097-95600E13FCDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CE8510F6-D054-488E-99E9-A58272C47AA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "15DB2AF7-B494-4494-8686-33CB6A4C2CDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6FD6A3A3-6D6C-4EE0-B092-862DB03AC320",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1D2A467B-72FA-4280-A397-BC9D86D5B012",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D419EFAE-E03F-4F4A-8C18-06BE61EBBF5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F936FD55-AD59-47B3-8591-3F79B2ABB4E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A1588F54-4E8B-43C3-85E5-A12C04B694CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B6DDD0E9-9084-4F0A-B3F1-8357CAD88A3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E0059358-69C1-4F89-B4E6-B6BE22845D33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ECF00AEE-9A3A-46E3-8B0F-2131E3235431",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9861BE52-4945-4F36-B6EF-701DB789CA28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0D6BFA82-5CA0-403F-98E6-342EF87AE366",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "79CBA8AF-9C3D-4510-8D91-7C42931CD3FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB694E3-96E1-4283-8DE3-91E930F76A65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EDB2B497-83A2-41A4-9F0D-CD17080CC1DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "91D7FA80-1FD9-48F3-934A-FC7B3BAD4FD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E30C8593-884E-4F6B-B107-0B3276EB1102",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A5B5CCB4-BB4F-4677-A7AA-B7C20682A00D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2408220F-FBDB-419E-8F04-35BED47CE213",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "350ACC22-669F-4429-A525-36F56EF9678C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3C068055-FB7A-4AFB-AF29-28238ECF126F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1ACB4B2C-CCE1-4A0A-B962-B8C208869589",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "692E295E-E650-42D5-AF7A-D6276C3D76E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A1E25625-8570-4744-A2A2-4A4FB4D8AC6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "50660BA1-A24A-4DBF-AB59-1CF04FA54120",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5759CBCB-7B3F-462A-B51A-FD2C6B13CCE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "69A79FA5-83FB-4067-B2A6-17EAF3947998",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "17815F4E-BB34-40D2-A3EE-3C7741940D1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7DE79982-9E92-498A-B961-55CB1D2D104F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F6814E3F-479C-4F56-BF66-C685E60CCA34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "BB9EF5DE-4432-4099-AD59-CDD52E387BB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A1013797-0442-46A7-A94F-354388BA6B69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0CC228A3-1878-4A9F-8664-F4DFF77BF74B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0119A252-73B1-490F-9371-06E8FDB8B979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "57D24791-E798-4B08-A051-E880DEFB8268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2758590C-67FD-4DD6-84C1-0D32264BBE5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FC083C-B25E-427F-B722-B5ABD4F072F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B0CF8A5-BC24-4204-BC06-2E1E2FB60E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CDA723DB-62C5-4C84-B0BA-5313FDA49D73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "92F08B96-D43E-407E-839C-4C3C5BB58B2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5E50C779-C780-45FB-BC77-B9717389D2EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "867779A4-A7A5-48AD-9AC0-C6476719A5EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6B7B7544-D60C-4B9A-BC29-B30AD86EC9B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9D475EF5-DBB3-4B98-BB07-83A2632B5E0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F797A209-65C0-4A20-9DA2-C5576C091DE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9B01BCFA-13B4-4AB3-9558-4B704F6DCFA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D027E003-84C9-4290-A032-649C5E66B23B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1D9A13AC-B552-4E86-9E5D-62354D78E49C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4E5CDBCB-F314-453B-B837-B03B53215748",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7A92849F-05E0-47DB-AB43-8AC559568D0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2BAE23EA-8576-4B4E-A6ED-91EB30E3FB6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_sametime:8.0.80407:*:*:*:*:*:*:*",
"matchCriteriaId": "EB384FC6-D343-40F1-B9D3-480217EB97D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_sametime:8.0.80822:*:*:*:*:*:*:*",
"matchCriteriaId": "9D4D8B5E-8172-4FC2-9F4F-6FB5D989DE1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_sametime:8.5.1.20100709-1631:*:*:*:advanced_embedded:*:*:*",
"matchCriteriaId": "62A619D0-A250-41F7-8BC3-37B1507AF37C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6F9782A-17B1-4258-8B03-483328EFB01D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "27E40AA1-CF34-4757-8EE1-873A5B199496",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3997E3C6-1822-4DBB-A6E1-B46F4E0CF3B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "35746885-CB26-4527-AB17-BBEF37A33F70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6AE0191C-D6EF-486A-B497-9692D2892DA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BE3021AA-7337-46B2-AECE-D4C93C032578",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "29746507-F154-4216-B560-1D9243D5FF7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "80E42A69-B549-4904-AC5C-E2053CB38450",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2B2285A0-B3E7-4D41-9D06-796485D39B0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E0D4D6C6-656D-433F-973B-7C0F7FD09428",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9DC57196-D703-407C-9883-58C31C6C4C62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D25E5860-083C-4D43-945C-AB068BFF624B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E41ECC63-45B0-4011-8906-FF4DC825DA50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB76CF67-767D-4A30-BB3F-2F44D80BC609",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "521A5B6F-D214-4181-915B-CE1AF1F90397",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.3:interim_fix_1:*:*:*:*:*:*",
"matchCriteriaId": "87F9AF9E-E7EA-44DF-AD03-0D28CC105EC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_change:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AD723C24-48AA-480F-93A5-064F9D4D75F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_change:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AFCFCA2C-1594-4FE3-BE4D-B9407A1BC1C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_change:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "323418E3-6CDF-4E84-8D3C-324BFE95DD4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_change:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F08AFD22-F720-4683-9444-012722E5E979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_host_on-demand:1.6.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "B9114377-B995-419A-A566-4CFD06715298",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_host_on-demand:8.0.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EAFD73FB-2F37-4B0D-A967-B6DD8500A273",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_host_on-demand:9.0.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5E0D1AE7-63C6-4E66-90EB-9FB1ED71FC22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_host_on-demand:10.0.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16CAC644-C915-46BF-88C3-6792304B7CE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_host_on-demand:10.0.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C9B4EA6D-BA41-4170-B4EC-6850ACA98344",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "39AD3F53-55F2-451D-8A56-9B7B96F19AD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5D8ABC05-561E-43D7-B408-BED36676C6B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF30EFD9-12DD-4D2E-A087-66C008CF4338",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C3F20944-2611-41DC-8470-F267EA09A66F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16A57406-18F3-4F9E-A6C1-72DB1B0D0F47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8CDC30B5-78D0-4F0F-9F85-96B85026F33F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:service_delivery_manager:7.2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AB5888AC-B251-4DE4-95E8-56385429343E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:service_delivery_manager:7.2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CCA27B37-E411-496D-B23B-C8F8B9F95239",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:smart_analytics_system_5600_software:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A24824E-7091-41EA-A994-67DB0BAFF592",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:smart_analytics_system_5600_software:9.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0C04EBD9-A8CD-498E-9724-848BBF4C13FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BE417DBB-F699-4B0C-93E4-F2A96E60A42C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "503B5597-B95E-4F8F-BCB6-B303D378F5CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2289E7D5-2915-42D3-BE86-FF63BF507251",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "45864079-DC1E-42F6-B9D4-36E1A46DE093",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "39A65FE7-7745-4D94-A22C-D0C7CF1C339A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5DB4F6B1-F1A1-40A3-9EB6-36CBDCF5FD55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "13DB3D7D-0D80-4B7E-B516-D4AE2AE3FC48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11F1528F-BE73-4B03-BFA5-B1F96099F3F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AD8B5726-CDA8-4BDE-B2A6-AE308959A862",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6233ED9B-760D-4218-A25B-DF67D703D9EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "350B304F-4ED0-4A91-A901-77A149DE2481",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "50A2D35D-4170-4DD7-9AD3-39F23D432289",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "15E20435-C3A0-4A57-B82A-595A48BB0991",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33A34B3F-710C-42A8-B791-DA624B23E36D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E5010AB5-0932-4F05-9D6A-9D4C49151E83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7299B1C8-7BC2-4F42-B19E-4D0D2E599D02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1FC98EF0-EDCA-47D8-A4CE-083E3AA0376C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6522CFEE-4368-4596-8DB9-18247AB19C67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8E386E16-9F8F-4444-A190-EF964CA339F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "AC24B012-A887-4A3F-A32C-80435C64BC10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F0B310DC-21E5-4A0D-A3D6-B0FD21C6C4F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "499FAEEF-0533-44FE-8249-AE40C6233E06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "1E8B4310-F5D2-4448-89C1-E6D656351E7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "88380637-715A-49CB-A9B6-0F8411225E9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D3AF6714-0D55-4C81-B354-F3875ACE4388",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "94A90709-74AD-4C1B-806C-E7E335A3A773",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E17308E6-B755-434F-8D2B-E5BBA37BA1F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_remote_control:5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C3BFA6A7-DA21-4DB1-829E-6CBF15AE19B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_real_time:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2487821D-BB7A-4574-A98B-B37604CD4654",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_real_time:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "88CB9D0F-DCAB-484D-ACA8-64772659EE6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tivoli_storage_productivity_center:5.0:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E541FE5B-2147-4340-85BE-C6A23E64F343",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tivoli_storage_productivity_center:5.1:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1EFAA15-C456-45A5-8B60-5CCF0CF0029B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tivoli_storage_productivity_center:5.1.1:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8B783E88-2CDB-47B9-8F2F-126E60EA42CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:smart_analytics_system_5600:7200:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9B9B97-8A48-4202-A48B-092585DDE4F2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes \u0026 Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allow remote attackers to execute arbitrary code via vectors related to \"insecure use [of] multiple methods in the java.lang.class class.\""
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades no especificadas en el componente JRE en IBM Java 7 SR2 y anteriores, Java v6.0.1 SR3 y anteriores, Java 6 SR11 y anteriores, Java 5 SR14 y anteriores, y Java 142 SR13 FP13 y anteriores; como las usadas en IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control v5.1.2, WebSphere Real Time, Lotus Notes \u0026 Domino, Tivoli Storage Productivity Center, y Service Deliver Manager; y otros productos de otros vendedores como Red Hat, permite a atacantes remotos a ejecutar c\u00f3digoa trav\u00e9s de vectores relacionados con \"uso inseguro de uso [de] m\u00e9todos m\u00faltiples en la clase java.lang.class class.\""
}
],
"id": "CVE-2012-4822",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2013-01-11T00:55:01.087",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1465.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1466.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/bugtraq/2012/Sep/38"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/51326"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/51327"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/51328"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/51393"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/51634"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV29665"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21631786"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/55495"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78766"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1465.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1466.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/bugtraq/2012/Sep/38"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/51326"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/51327"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/51328"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/51393"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/51634"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV29665"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21631786"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/55495"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78766"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-07-23 11:03
Modified
2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 1.4.2 before 1.4.2 SR13-FP18, 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3009 and CVE-2013-3011.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | java | 5.0.0.0 | |
| ibm | java | 5.0.11.0 | |
| ibm | java | 5.0.11.1 | |
| ibm | java | 5.0.11.2 | |
| ibm | java | 5.0.12.0 | |
| ibm | java | 5.0.12.1 | |
| ibm | java | 5.0.12.2 | |
| ibm | java | 5.0.12.3 | |
| ibm | java | 5.0.12.4 | |
| ibm | java | 5.0.12.5 | |
| ibm | java | 5.0.13.0 | |
| ibm | java | 5.0.14.0 | |
| ibm | java | 5.0.15.0 | |
| ibm | java | 5.0.16.0 | |
| ibm | java | 5.0.16.1 | |
| ibm | java | 5.0.16.2 | |
| ibm | java | 6.0.0.0 | |
| ibm | java | 6.0.1.0 | |
| ibm | java | 6.0.2.0 | |
| ibm | java | 6.0.3.0 | |
| ibm | java | 6.0.4.0 | |
| ibm | java | 6.0.5.0 | |
| ibm | java | 6.0.6.0 | |
| ibm | java | 6.0.7.0 | |
| ibm | java | 6.0.8.0 | |
| ibm | java | 6.0.8.1 | |
| ibm | java | 6.0.9.0 | |
| ibm | java | 6.0.9.1 | |
| ibm | java | 6.0.9.2 | |
| ibm | java | 6.0.10.0 | |
| ibm | java | 6.0.10.1 | |
| ibm | java | 6.0.11.0 | |
| ibm | java | 6.0.12.0 | |
| ibm | java | 6.0.13.0 | |
| ibm | java | 6.0.13.1 | |
| ibm | java | 6.0.13.2 | |
| ibm | java | 7.0.0.0 | |
| ibm | java | 7.0.1.0 | |
| ibm | java | 7.0.2.0 | |
| ibm | java | 7.0.3.0 | |
| ibm | java | 7.0.4.0 | |
| ibm | java | 7.0.4.1 | |
| ibm | java | 7.0.4.2 | |
| ibm | java | 1.4.2 | |
| ibm | java | 1.4.2.13 | |
| ibm | java | 1.4.2.13.1 | |
| ibm | java | 1.4.2.13.2 | |
| ibm | java | 1.4.2.13.3 | |
| ibm | java | 1.4.2.13.4 | |
| ibm | java | 1.4.2.13.5 | |
| ibm | java | 1.4.2.13.6 | |
| ibm | java | 1.4.2.13.7 | |
| ibm | java | 1.4.2.13.8 | |
| ibm | java | 1.4.2.13.9 | |
| ibm | java | 1.4.2.13.10 | |
| ibm | java | 1.4.2.13.11 | |
| ibm | java | 1.4.2.13.12 | |
| ibm | java | 1.4.2.13.13 | |
| ibm | java | 1.4.2.13.14 | |
| ibm | java | 1.4.2.13.15 | |
| ibm | java | 1.4.2.13.16 | |
| ibm | java | 1.4.2.13.17 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:java:5.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "03D3F84F-3F6E-4DF1-B162-152293D951EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A18121C3-F3F1-4EC7-A64E-3F6A0C9788C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BAD59912-7325-4AE1-ACCF-D4F804AF3947",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "62783157-E3B6-4A23-8D2F-1FBD0762E9A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "14CC0D53-8AB8-4D44-82BB-0E6A974C36AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "91A3129F-17A6-4F32-BD5D-34E4A1D1A840",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E2845FF4-2620-4B8D-96CF-CC26B3DEA3C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CC7CD279-54B6-4F6B-AE14-299FB319C690",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.12.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0EA269CA-4676-4008-89EF-20FAB89886A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.12.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D22105B6-1378-4E1C-B28A-FCAE00A2D5CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "601762D3-1188-4945-931D-EB8DAC2847A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA4A30A6-498C-46B8-8EFC-45EB13354EAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "414CC00A-C797-4C34-8709-75DC061DCDE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.16.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4401B967-0550-44F1-8753-9632120D2A44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.16.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4961693D-F56C-46CD-B721-6A15E2837C17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.16.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AA4FBB66-CF6A-42D2-B122-1861F4139E75",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:java:6.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "14AD4A87-382A-41F0-96D8-0F0A9B738773",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33701DDF-6882-41D3-A11B-A1F4585A77A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "25C58BBA-06AC-40CD-A906-FD1B3B0AAB69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "76C5B430-EE11-4674-B4B0-895D66E3B32F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B1837D84-6B4F-40D8-9A3F-71C328F659BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D20A369B-2168-4883-A84C-BB48A71AFB33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3628AAB4-E524-46E5-AAF4-1980256F13CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "30DC9FE3-CDE9-4F83-989B-4E431BA18B56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C17B1C6B-04CE-49FB-B9BD-98ECD626B26F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "81F529EB-2BCA-4E3E-93E4-2A9880CDA367",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8DEAC3D6-F9F8-4F82-9BF1-FF0EC07A3274",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7694638C-CDAC-44DF-B9F9-F7237CD98017",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "23903A3C-1760-4836-BAE6-BDD32CBB4CBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2477E033-D26B-4D71-839B-5FE4B0927559",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CAB7BF-265E-411D-A584-E78DE171F065",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4E45F670-232F-4CE5-8926-6463E5619506",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5B70E6E3-15B3-4D48-AE49-B9184A58EECE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D5BCE3FD-B89B-4141-8103-9DB941AD60D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8EADFB3B-738F-4919-B165-9ECEED46EA6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B23A5431-E599-4848-AB83-B299898F5EF0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:java:7.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9A8BF650-B8F5-467E-8DBF-81788B55F345",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1752A831-916F-4A7D-8AAE-1CEFACC51F91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0C9744C4-76BE-428B-AFF2-5BCE00A58322",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "48B1DE45-90F9-416B-9087-8AEF5B0A3C46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9EF6A045-0DF6-463B-A0DB-6C31D8C2984C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A731493C-9B46-4105-9902-B15BA0E0FB11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "49454369-A494-4EAA-88D5-181570DEBB4A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "82F48415-7D29-488D-B0F0-21BBF67A8025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "429E0F9B-63D2-46C1-9BB3-C0B91FC5A0B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7D454628-6074-42C5-B2F4-8ABC5597746E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BC71A3DD-E08E-41FF-8443-5A75AD9F4FB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E09B43A6-87FB-4ECA-B837-469AA63FCED7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13.4:*:*:*:*:*:*:*",
"matchCriteriaId": "55BD6A1E-8043-43AA-980D-8A277CE3CDB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8549B650-7862-4C3B-8F26-8D9EC490000E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13.6:*:*:*:*:*:*:*",
"matchCriteriaId": "89D960CA-0065-44FE-83C4-F02119FEA7CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F2F28E80-A2FE-4985-8D02-06E6E10D8186",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13.8:*:*:*:*:*:*:*",
"matchCriteriaId": "E484DE96-7DDE-4B49-B6CF-E4A4F22BDA5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F6EA48C2-7EF8-4E2E-A366-DE53B73029F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13.10:*:*:*:*:*:*:*",
"matchCriteriaId": "7EF5408C-D5CA-4404-9268-D0C26325FDD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13.11:*:*:*:*:*:*:*",
"matchCriteriaId": "6515717B-2DBF-4D91-BA6F-8BD77DE860F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13.12:*:*:*:*:*:*:*",
"matchCriteriaId": "5A5E269F-A5F5-40D9-8FF2-8FAAD73AFA32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13.13:*:*:*:*:*:*:*",
"matchCriteriaId": "95CB9215-CB52-484A-A67A-C7C2CBA8F68D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13.14:*:*:*:*:*:*:*",
"matchCriteriaId": "6944A8CC-B4E5-4F1F-BA71-384D7EE074B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13.15:*:*:*:*:*:*:*",
"matchCriteriaId": "7D8146AC-57A3-4FB3-A384-DD3B00133E69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13.16:*:*:*:*:*:*:*",
"matchCriteriaId": "5803B80C-3169-45ED-B5C9-095C032778A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13.17:*:*:*:*:*:*:*",
"matchCriteriaId": "DD37B25A-3306-4FD2-84D4-EDDAA3236C12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 1.4.2 before 1.4.2 SR13-FP18, 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3009 and CVE-2013-3011."
},
{
"lang": "es",
"value": "Vulnerabilidad sin especificar en Java Runtime Environment (JRE) en IBM Java 1.4.2 anterior a 1.4.2 SR13-FP18, 5.0 anterior a 5.0 SR16-FP3, 6 anterior a 6 SR14, 6.0.1 anterior a 6.0.1 SR6, y 7 anterior a 7 SR5, permite a atacantes remotos comprometer la disponibilidad, confidencialidad e integridad a trav\u00e9s de vectores no especificados. Vulnerabilidad distinta de CVE-2013-3009 y CVE-2013-3011."
}
],
"id": "CVE-2013-3012",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-07-23T11:03:19.767",
"references": [
{
"source": "psirt@us.ibm.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00031.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1059.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1081.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/54154"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV44796"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV44797"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV44798"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM91730"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21642336"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013"
},
{
"source": "psirt@us.ibm.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84153"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00031.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1059.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1081.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/54154"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV44796"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV44797"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV44798"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM91730"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21642336"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84153"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2019-08-05 14:15
Modified
2024-11-21 04:43
Severity ?
Summary
Multiple binaries in IBM SDK, Java Technology Edition 7, 7R, and 8 on the AIX platform use insecure absolute RPATHs, which may facilitate code injection and privilege elevation by local users. IBM X-Force ID: 163984.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@us.ibm.com | http://www.ibm.com/support/docview.wss?uid=ibm10960422 | Vendor Advisory | |
| psirt@us.ibm.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/163984 | VDB Entry, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ibm.com/support/docview.wss?uid=ibm10960422 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/163984 | VDB Entry, Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:java:7.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9A8BF650-B8F5-467E-8DBF-81788B55F345",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.1.4.50:*:*:*:*:*:*:*",
"matchCriteriaId": "5FD30AB3-E817-4A67-B411-011963DB4B0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D4DA5845-1740-41C3-8D73-F1E826784497",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple binaries in IBM SDK, Java Technology Edition 7, 7R, and 8 on the AIX platform use insecure absolute RPATHs, which may facilitate code injection and privilege elevation by local users. IBM X-Force ID: 163984."
},
{
"lang": "es",
"value": "M\u00faltiples archivos binarios en el SDK de IBM , Java Technology Edition versiones 7, 7R y 8, en la plataforma AIX usan RPATH absolutos no seguros, que puede facilitar la inyecci\u00f3n de c\u00f3digo y la escalada de privilegios por parte de los usuarios locales. ID de IBM X-Force: 163984."
}
],
"id": "CVE-2019-4473",
"lastModified": "2024-11-21T04:43:38.913",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.5,
"impactScore": 5.9,
"source": "psirt@us.ibm.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-08-05T14:15:12.130",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10960422"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/163984"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10960422"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/163984"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-427"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-07-23 11:03
Modified
2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 6.0.1 before 6.0.1 SR6 and 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3006.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:java:6.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33701DDF-6882-41D3-A11B-A1F4585A77A7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:java:7.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9A8BF650-B8F5-467E-8DBF-81788B55F345",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1752A831-916F-4A7D-8AAE-1CEFACC51F91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0C9744C4-76BE-428B-AFF2-5BCE00A58322",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "48B1DE45-90F9-416B-9087-8AEF5B0A3C46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9EF6A045-0DF6-463B-A0DB-6C31D8C2984C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A731493C-9B46-4105-9902-B15BA0E0FB11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "49454369-A494-4EAA-88D5-181570DEBB4A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 6.0.1 before 6.0.1 SR6 and 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3006."
},
{
"lang": "es",
"value": "Vulnerabilidad sin especificar en Java Runtime Environment (JRE) en IBM Java 6.0.1 anterior a 6.0.1 SR6, y 7 anterior a 7 SR5, permite a atacantes remotos comprometer la disponibilidad, confidencialidad e integridad a trav\u00e9s de vectores no especificados. Vulnerabilidad distinta de CVE-2013-3006."
}
],
"id": "CVE-2013-3007",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-07-23T11:03:19.643",
"references": [
{
"source": "psirt@us.ibm.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/54154"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IX90117"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21642336"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013"
},
{
"source": "psirt@us.ibm.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84148"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/54154"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IX90117"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21642336"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84148"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-11-24 18:55
Modified
2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in IBM Java SDK 5.0.0 before SR16 FP4, 7.0.0 before SR6, 6.0.1 before SR7, and 6.0.0 before SR15 allows remote attackers to access restricted classes via unspecified vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:java:5.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "03D3F84F-3F6E-4DF1-B162-152293D951EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "14AD4A87-382A-41F0-96D8-0F0A9B738773",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33701DDF-6882-41D3-A11B-A1F4585A77A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9A8BF650-B8F5-467E-8DBF-81788B55F345",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in IBM Java SDK 5.0.0 before SR16 FP4, 7.0.0 before SR6, 6.0.1 before SR7, and 6.0.0 before SR15 allows remote attackers to access restricted classes via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en el Java SDK de IBM 5.0.0 anteriores a SR16 FP4, 7.0.0 anteriores a SR6, 6.0.1 anteriores a SR7, y 6.0.0 anteriores a SR15 permite a atacantes remotos acceder clases restringidas a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2013-4041",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-11-24T18:55:04.240",
"references": [
{
"source": "psirt@us.ibm.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1509.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://secunia.com/advisories/56338"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV51087"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV51088"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655202"
},
{
"source": "psirt@us.ibm.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86416"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_November_2013"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1509.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/56338"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV51087"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV51088"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655202"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86416"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_November_2013"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-01-11 00:55
Modified
2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes & Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, when running under a security manager, allows remote attackers to gain privileges by modifying or removing the security manager via vectors related to "insecure use of the java.lang.reflect.Method invoke() method."
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
"matchCriteriaId": "18BA3404-DE06-43A3-8319-31ECA80A8B8B",
"versionEndIncluding": "1.4.2.13.13",
"versionStartIncluding": "1.4.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5BEA3D56-2995-42F6-9306-84B9E24AD317",
"versionEndIncluding": "5.0.14.0",
"versionStartIncluding": "5.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6A59F289-2472-46F7-AD4B-24D9CE59807F",
"versionEndIncluding": "6.0.11.0",
"versionStartIncluding": "6.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9ABE8021-3E50-4DBF-991F-59BDD301389E",
"versionEndIncluding": "7.0.2.0",
"versionStartIncluding": "7.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6C3DB9C3-4DAC-4663-9097-95600E13FCDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CE8510F6-D054-488E-99E9-A58272C47AA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "15DB2AF7-B494-4494-8686-33CB6A4C2CDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6FD6A3A3-6D6C-4EE0-B092-862DB03AC320",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1D2A467B-72FA-4280-A397-BC9D86D5B012",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D419EFAE-E03F-4F4A-8C18-06BE61EBBF5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.0.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "F936FD55-AD59-47B3-8591-3F79B2ABB4E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A1588F54-4E8B-43C3-85E5-A12C04B694CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B6DDD0E9-9084-4F0A-B3F1-8357CAD88A3E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E0059358-69C1-4F89-B4E6-B6BE22845D33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "ECF00AEE-9A3A-46E3-8B0F-2131E3235431",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9861BE52-4945-4F36-B6EF-701DB789CA28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0D6BFA82-5CA0-403F-98E6-342EF87AE366",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "79CBA8AF-9C3D-4510-8D91-7C42931CD3FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6DB694E3-96E1-4283-8DE3-91E930F76A65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EDB2B497-83A2-41A4-9F0D-CD17080CC1DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "91D7FA80-1FD9-48F3-934A-FC7B3BAD4FD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E30C8593-884E-4F6B-B107-0B3276EB1102",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A5B5CCB4-BB4F-4677-A7AA-B7C20682A00D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2408220F-FBDB-419E-8F04-35BED47CE213",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "350ACC22-669F-4429-A525-36F56EF9678C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3C068055-FB7A-4AFB-AF29-28238ECF126F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1ACB4B2C-CCE1-4A0A-B962-B8C208869589",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "692E295E-E650-42D5-AF7A-D6276C3D76E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A1E25625-8570-4744-A2A2-4A4FB4D8AC6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "50660BA1-A24A-4DBF-AB59-1CF04FA54120",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5759CBCB-7B3F-462A-B51A-FD2C6B13CCE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "69A79FA5-83FB-4067-B2A6-17EAF3947998",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "17815F4E-BB34-40D2-A3EE-3C7741940D1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7DE79982-9E92-498A-B961-55CB1D2D104F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F6814E3F-479C-4F56-BF66-C685E60CCA34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "BB9EF5DE-4432-4099-AD59-CDD52E387BB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A1013797-0442-46A7-A94F-354388BA6B69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.0.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0CC228A3-1878-4A9F-8664-F4DFF77BF74B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0119A252-73B1-490F-9371-06E8FDB8B979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "57D24791-E798-4B08-A051-E880DEFB8268",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2758590C-67FD-4DD6-84C1-0D32264BBE5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A7FC083C-B25E-427F-B722-B5ABD4F072F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B0CF8A5-BC24-4204-BC06-2E1E2FB60E4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CDA723DB-62C5-4C84-B0BA-5313FDA49D73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "92F08B96-D43E-407E-839C-4C3C5BB58B2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5E50C779-C780-45FB-BC77-B9717389D2EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "867779A4-A7A5-48AD-9AC0-C6476719A5EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "6B7B7544-D60C-4B9A-BC29-B30AD86EC9B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9D475EF5-DBB3-4B98-BB07-83A2632B5E0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F797A209-65C0-4A20-9DA2-C5576C091DE2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9B01BCFA-13B4-4AB3-9558-4B704F6DCFA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D027E003-84C9-4290-A032-649C5E66B23B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1D9A13AC-B552-4E86-9E5D-62354D78E49C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4E5CDBCB-F314-453B-B837-B03B53215748",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7A92849F-05E0-47DB-AB43-8AC559568D0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes:8.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2BAE23EA-8576-4B4E-A6ED-91EB30E3FB6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_sametime:8.0.80407:*:*:*:*:*:*:*",
"matchCriteriaId": "EB384FC6-D343-40F1-B9D3-480217EB97D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_sametime:8.0.80822:*:*:*:*:*:*:*",
"matchCriteriaId": "9D4D8B5E-8172-4FC2-9F4F-6FB5D989DE1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_sametime:8.5.1.20100709-1631:*:*:*:advanced_embedded:*:*:*",
"matchCriteriaId": "62A619D0-A250-41F7-8BC3-37B1507AF37C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F6F9782A-17B1-4258-8B03-483328EFB01D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "27E40AA1-CF34-4757-8EE1-873A5B199496",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.0.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3997E3C6-1822-4DBB-A6E1-B46F4E0CF3B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.0.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "35746885-CB26-4527-AB17-BBEF37A33F70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6AE0191C-D6EF-486A-B497-9692D2892DA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BE3021AA-7337-46B2-AECE-D4C93C032578",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "29746507-F154-4216-B560-1D9243D5FF7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "80E42A69-B549-4904-AC5C-E2053CB38450",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2B2285A0-B3E7-4D41-9D06-796485D39B0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E0D4D6C6-656D-433F-973B-7C0F7FD09428",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9DC57196-D703-407C-9883-58C31C6C4C62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D25E5860-083C-4D43-945C-AB068BFF624B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E41ECC63-45B0-4011-8906-FF4DC825DA50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DB76CF67-767D-4A30-BB3F-2F44D80BC609",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "521A5B6F-D214-4181-915B-CE1AF1F90397",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:lotus_notes_traveler:8.5.3.3:interim_fix_1:*:*:*:*:*:*",
"matchCriteriaId": "87F9AF9E-E7EA-44DF-AD03-0D28CC105EC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_change:4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "AD723C24-48AA-480F-93A5-064F9D4D75F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_change:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AFCFCA2C-1594-4FE3-BE4D-B9407A1BC1C3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_change:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "323418E3-6CDF-4E84-8D3C-324BFE95DD4B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_change:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F08AFD22-F720-4683-9444-012722E5E979",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_host_on-demand:1.6.0.12:*:*:*:*:*:*:*",
"matchCriteriaId": "B9114377-B995-419A-A566-4CFD06715298",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_host_on-demand:8.0.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EAFD73FB-2F37-4B0D-A967-B6DD8500A273",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_host_on-demand:9.0.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5E0D1AE7-63C6-4E66-90EB-9FB1ED71FC22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_host_on-demand:10.0.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16CAC644-C915-46BF-88C3-6792304B7CE7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_host_on-demand:10.0.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C9B4EA6D-BA41-4170-B4EC-6850ACA98344",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "39AD3F53-55F2-451D-8A56-9B7B96F19AD8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5D8ABC05-561E-43D7-B408-BED36676C6B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BF30EFD9-12DD-4D2E-A087-66C008CF4338",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C3F20944-2611-41DC-8470-F267EA09A66F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "16A57406-18F3-4F9E-A6C1-72DB1B0D0F47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:rational_host_on-demand:11.0.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8CDC30B5-78D0-4F0F-9F85-96B85026F33F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:service_delivery_manager:7.2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AB5888AC-B251-4DE4-95E8-56385429343E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:service_delivery_manager:7.2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CCA27B37-E411-496D-B23B-C8F8B9F95239",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:smart_analytics_system_5600_software:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6A24824E-7091-41EA-A994-67DB0BAFF592",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:smart_analytics_system_5600_software:9.7:*:*:*:*:*:*:*",
"matchCriteriaId": "0C04EBD9-A8CD-498E-9724-848BBF4C13FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "BE417DBB-F699-4B0C-93E4-F2A96E60A42C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.1.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "503B5597-B95E-4F8F-BCB6-B303D378F5CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2289E7D5-2915-42D3-BE86-FF63BF507251",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "45864079-DC1E-42F6-B9D4-36E1A46DE093",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "39A65FE7-7745-4D94-A22C-D0C7CF1C339A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5DB4F6B1-F1A1-40A3-9EB6-36CBDCF5FD55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "13DB3D7D-0D80-4B7E-B516-D4AE2AE3FC48",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "11F1528F-BE73-4B03-BFA5-B1F96099F3F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AD8B5726-CDA8-4BDE-B2A6-AE308959A862",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6233ED9B-760D-4218-A25B-DF67D703D9EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "350B304F-4ED0-4A91-A901-77A149DE2481",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "50A2D35D-4170-4DD7-9AD3-39F23D432289",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "15E20435-C3A0-4A57-B82A-595A48BB0991",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33A34B3F-710C-42A8-B791-DA624B23E36D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E5010AB5-0932-4F05-9D6A-9D4C49151E83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7299B1C8-7BC2-4F42-B19E-4D0D2E599D02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1FC98EF0-EDCA-47D8-A4CE-083E3AA0376C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "6522CFEE-4368-4596-8DB9-18247AB19C67",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8E386E16-9F8F-4444-A190-EF964CA339F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "AC24B012-A887-4A3F-A32C-80435C64BC10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F0B310DC-21E5-4A0D-A3D6-B0FD21C6C4F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.8:*:*:*:*:*:*:*",
"matchCriteriaId": "499FAEEF-0533-44FE-8249-AE40C6233E06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.2.9:*:*:*:*:*:*:*",
"matchCriteriaId": "1E8B4310-F5D2-4448-89C1-E6D656351E7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "88380637-715A-49CB-A9B6-0F8411225E9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D3AF6714-0D55-4C81-B354-F3875ACE4388",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "94A90709-74AD-4C1B-806C-E7E335A3A773",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_monitoring:6.2.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E17308E6-B755-434F-8D2B-E5BBA37BA1F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_remote_control:5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C3BFA6A7-DA21-4DB1-829E-6CBF15AE19B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_real_time:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2487821D-BB7A-4574-A98B-B37604CD4654",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_real_time:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "88CB9D0F-DCAB-484D-ACA8-64772659EE6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tivoli_storage_productivity_center:5.0:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E541FE5B-2147-4340-85BE-C6A23E64F343",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tivoli_storage_productivity_center:5.1:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1EFAA15-C456-45A5-8B60-5CCF0CF0029B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:tivoli_storage_productivity_center:5.1.1:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8B783E88-2CDB-47B9-8F2F-126E60EA42CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:smart_analytics_system_5600:7200:*:*:*:*:*:*:*",
"matchCriteriaId": "CD9B9B97-8A48-4202-A48B-092585DDE4F2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes \u0026 Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, when running under a security manager, allows remote attackers to gain privileges by modifying or removing the security manager via vectors related to \"insecure use of the java.lang.reflect.Method invoke() method.\""
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en el componente JRE en IBM Java 7 SR2 y anteriores, Java v6.0.1 SR3 y anteriores, Java 6 SR11 y anteriores, Java 5 SR14 y anteriores, y Java 142 SR13 FP13 y anteriores; como las usadas en IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control v5.1.2, WebSphere Real Time, Lotus Notes \u0026 Domino, Tivoli Storage Productivity Center, y Service Deliver Manager; y otros productos de otros vendedores como Red Hat, ejecutandose en un gestor de seguridad, permite a atacantes remotos obtener privilegios modificando o eliminando el gestor de seguridad a trav\u00e9s de vectores relacionados con \"uso inseguro del m\u00e9todo java.lang.reflect.Method invoke()\""
}
],
"id": "CVE-2012-4820",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2013-01-11T00:55:00.963",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1465.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1466.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/bugtraq/2012/Sep/38"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/51326"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/51327"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/51328"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/51393"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/51634"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV29654"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21631786"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/55495"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78764"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1465.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1466.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/bugtraq/2012/Sep/38"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/51326"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/51327"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/51328"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/51393"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/51634"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV29654"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21631786"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/55495"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78764"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-07-02 21:59
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in IBM Java 8 before SR1 allows remote attackers to cause a denial of service via unknown vectors related to SSL/TLS and the Secure Socket Extension provider.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:java:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D4DA5845-1740-41C3-8D73-F1E826784497",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in IBM Java 8 before SR1 allows remote attackers to cause a denial of service via unknown vectors related to SSL/TLS and the Secure Socket Extension provider."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en IBM Java 8 anterior a SR1 permite a atacantes remotos causar una denegaci\u00f3n de servicio a trav\u00e9s de vectores desconocidos relacionados con el proveedor de extensiones SSL/TLS y the Secure Socket."
}
],
"id": "CVE-2015-1916",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-07-02T21:59:02.267",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV72245"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883640"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.securitytracker.com/id/1032779"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV72245"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883640"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032779"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2023-04-29 15:15
Modified
2024-11-21 08:00
Severity ?
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
IBM Runtime Environment, Java Technology Edition IBMJCEPlus and JSSE 8.0.7.0 through 8.0.7.11 components could expose sensitive information using a combination of flaws and configurations. IBM X-Force ID: 253188.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| psirt@us.ibm.com | https://exchange.xforce.ibmcloud.com/vulnerabilities/253188 | VDB Entry, Vendor Advisory | |
| psirt@us.ibm.com | https://www.ibm.com/support/pages/node/6985011 | Vendor Advisory | |
| psirt@us.ibm.com | https://www.ibm.com/support/pages/node/6986617 | Vendor Advisory | |
| psirt@us.ibm.com | https://www.ibm.com/support/pages/node/6986637 | Vendor Advisory | |
| psirt@us.ibm.com | https://www.ibm.com/support/pages/node/6987167 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/253188 | VDB Entry, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.ibm.com/support/pages/node/6985011 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.ibm.com/support/pages/node/6986617 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.ibm.com/support/pages/node/6986637 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.ibm.com/support/pages/node/6987167 | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | infosphere_information_server | 11.7 | |
| ibm | java | * | |
| ibm | websphere_application_server | * | |
| ibm | websphere_application_server | - | |
| ibm | websphere_application_server | 9.0.0.0 | |
| ibm | z\/transaction_processing_facility | 1.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:infosphere_information_server:11.7:*:*:*:*:*:*:*",
"matchCriteriaId": "4CED2F00-89E3-4BA9-A8FB-D43B308A59A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4B6E494E-BA83-4743-B9DD-4DE1F3BC0637",
"versionEndExcluding": "8.0.7.15",
"versionStartIncluding": "8.0.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:*:*:*:*:-:*:*:*",
"matchCriteriaId": "E06F1A60-BE9C-4922-A4A6-E4E1EF57A06D",
"versionEndExcluding": "8.5.5.23",
"versionStartIncluding": "8.5.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:-:*:*:*:liberty:*:*:*",
"matchCriteriaId": "7E0B3D5C-C912-4874-AD3D-62B6E6EBE742",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:websphere_application_server:9.0.0.0:*:*:*:-:*:*:*",
"matchCriteriaId": "E79B1229-6DC0-4461-B814-1F671AE0A090",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:z\\/transaction_processing_facility:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D3BF7682-2984-4286-9C17-2B650A4275E7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Runtime Environment, Java Technology Edition IBMJCEPlus and JSSE 8.0.7.0 through 8.0.7.11 components could expose sensitive information using a combination of flaws and configurations. IBM X-Force ID: 253188."
}
],
"id": "CVE-2023-30441",
"lastModified": "2024-11-21T08:00:11.340",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "psirt@us.ibm.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-04-29T15:15:18.953",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/253188"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ibm.com/support/pages/node/6985011"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ibm.com/support/pages/node/6986617"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ibm.com/support/pages/node/6986637"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ibm.com/support/pages/node/6987167"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/253188"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ibm.com/support/pages/node/6985011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ibm.com/support/pages/node/6986617"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ibm.com/support/pages/node/6986637"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ibm.com/support/pages/node/6987167"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-327"
}
],
"source": "psirt@us.ibm.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-07-23 11:03
Modified
2025-04-11 00:51
Severity ?
Summary
XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment (JRE) in IBM Java 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 as well as Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, Java SE Embedded 7u40 and earlier, and possibly other products allows remote attackers to cause a denial of service via vectors related to XML attribute names.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:java:5.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "03D3F84F-3F6E-4DF1-B162-152293D951EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A18121C3-F3F1-4EC7-A64E-3F6A0C9788C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BAD59912-7325-4AE1-ACCF-D4F804AF3947",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "62783157-E3B6-4A23-8D2F-1FBD0762E9A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "14CC0D53-8AB8-4D44-82BB-0E6A974C36AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "91A3129F-17A6-4F32-BD5D-34E4A1D1A840",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E2845FF4-2620-4B8D-96CF-CC26B3DEA3C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CC7CD279-54B6-4F6B-AE14-299FB319C690",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.12.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0EA269CA-4676-4008-89EF-20FAB89886A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.12.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D22105B6-1378-4E1C-B28A-FCAE00A2D5CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "601762D3-1188-4945-931D-EB8DAC2847A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA4A30A6-498C-46B8-8EFC-45EB13354EAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "414CC00A-C797-4C34-8709-75DC061DCDE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.16.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4401B967-0550-44F1-8753-9632120D2A44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.16.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4961693D-F56C-46CD-B721-6A15E2837C17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.16.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AA4FBB66-CF6A-42D2-B122-1861F4139E75",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:java:6.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "14AD4A87-382A-41F0-96D8-0F0A9B738773",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33701DDF-6882-41D3-A11B-A1F4585A77A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "25C58BBA-06AC-40CD-A906-FD1B3B0AAB69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "76C5B430-EE11-4674-B4B0-895D66E3B32F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B1837D84-6B4F-40D8-9A3F-71C328F659BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D20A369B-2168-4883-A84C-BB48A71AFB33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3628AAB4-E524-46E5-AAF4-1980256F13CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "30DC9FE3-CDE9-4F83-989B-4E431BA18B56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C17B1C6B-04CE-49FB-B9BD-98ECD626B26F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "81F529EB-2BCA-4E3E-93E4-2A9880CDA367",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8DEAC3D6-F9F8-4F82-9BF1-FF0EC07A3274",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7694638C-CDAC-44DF-B9F9-F7237CD98017",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "23903A3C-1760-4836-BAE6-BDD32CBB4CBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2477E033-D26B-4D71-839B-5FE4B0927559",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CAB7BF-265E-411D-A584-E78DE171F065",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4E45F670-232F-4CE5-8926-6463E5619506",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5B70E6E3-15B3-4D48-AE49-B9184A58EECE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D5BCE3FD-B89B-4141-8103-9DB941AD60D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8EADFB3B-738F-4919-B165-9ECEED46EA6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B23A5431-E599-4848-AB83-B299898F5EF0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:java:7.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9A8BF650-B8F5-467E-8DBF-81788B55F345",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1752A831-916F-4A7D-8AAE-1CEFACC51F91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0C9744C4-76BE-428B-AFF2-5BCE00A58322",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "48B1DE45-90F9-416B-9087-8AEF5B0A3C46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9EF6A045-0DF6-463B-A0DB-6C31D8C2984C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A731493C-9B46-4105-9902-B15BA0E0FB11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "49454369-A494-4EAA-88D5-181570DEBB4A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update51:*:*:*:*:*:*",
"matchCriteriaId": "04C71221-E477-4DF8-B10A-3AC64511E4EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update60:*:*:*:*:*:*",
"matchCriteriaId": "FF7DE0E6-F329-417B-8035-B4EBF9C97483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update40:*:*:*:*:*:*",
"matchCriteriaId": "220536FA-695D-4DE8-9813-494E3D061B78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update51:*:*:*:*:*:*",
"matchCriteriaId": "ACB55CC5-0EC7-44B2-B5A9-A5B1EE584791",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update60:*:*:*:*:*:*",
"matchCriteriaId": "4F6B5E73-6751-475A-B9BF-3414D3476208",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update40:*:*:*:*:*:*",
"matchCriteriaId": "7CB654DC-1D3D-4475-8815-335AC573F54C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DF26274E-5364-4FC1-9603-A78C365596DB",
"versionEndIncluding": "r27.7.6",
"versionStartIncluding": "r27.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:*:*:*:*:*:*:*:*",
"matchCriteriaId": "583E7A18-48C5-4AEE-A9C1-239D678E275A",
"versionEndIncluding": "r28.2.8",
"versionStartIncluding": "r28.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:sterling_b2b_integrator:5.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CF65201D-8980-450A-A542-3B5473A6F374",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:host_on-demand:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E51D5AEF-B3D4-4782-9988-BC1DB3F3F296",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:host_on-demand:11.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E179FC2F-C700-4998-9D7A-3B945874CAC1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:host_on-demand:11.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2341D5E7-15CD-4C8F-ABE8-AA915BFA2804",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:host_on-demand:11.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "474DC3BA-27F2-452A-85AD-BCC476EDD35B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:host_on-demand:11.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "997CA07C-EBB7-4D7F-AF23-A161817BF4A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:host_on-demand:11.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5BFE87FC-7B77-4840-8185-1707CB37323B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:host_on-demand:11.0.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C77DD8B3-A227-4350-8699-FEC822119393",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:host_on-demand:11.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1FA56704-18EB-4F3B-A36F-BCEF67B07C0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:host_on-demand:11.0.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "420CC5FF-0300-4FA7-AB53-78C1A0B83C11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:host_on-demand:11.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "B7132A0E-C2A1-403E-9516-A6911563D7B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:host_on-demand:11.0.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F32CA797-ED68-426E-9370-E16C90075E01",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:tivoli_application_dependency_discovery_manager:7.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BB2F6EF3-721A-43AB-AAFD-BE3EEDB0AA61",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E492C463-D76E-49B7-A4D4-3B499E422D89",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:oracle:solaris:-:*:*:*:*:*:-:*",
"matchCriteriaId": "F5027746-8216-452D-83C5-2F8E9546F2A5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:sterling_b2b_integrator:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "40363692-5283-4D0C-BAE1-C049C02A0294",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:sterling_b2b_integrator:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F805BA3A-178D-416E-9DED-4258F71A17C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:sterling_file_gateway:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "9A40AC14-AC2B-4A0D-A9CC-3A00B48D8975",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:sterling_file_gateway:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "1554D69E-D68E-46CA-B1F7-C24CAABF58E8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:hp:hp-ux:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F480AA32-841A-4E68-9343-B2E7548B0A0C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*",
"matchCriteriaId": "E492C463-D76E-49B7-A4D4-3B499E422D89",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:ibm:i:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C684FC45-C9BA-4EF0-BD06-BB289450DD21",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:oracle:solaris:-:*:*:*:*:*:-:*",
"matchCriteriaId": "F5027746-8216-452D-83C5-2F8E9546F2A5",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D806A17E-B8F9-466D-807D-3F1E77603DC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "DFBF430B-0832-44B0-AA0E-BA9E467F7668",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:-:*:*:*",
"matchCriteriaId": "4339DE06-19FB-4B8E-B6AE-3495F605AD05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "3ED68ADD-BBDA-4485-BC76-58F011D72311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_java:10:sp4:*:*:*:*:*:*",
"matchCriteriaId": "3CF5C5B9-2CB9-4CD8-B94F-A674ED909CC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_java:11:sp2:*:*:*:*:*:*",
"matchCriteriaId": "252CF7A7-3FEB-4503-AEE8-B67139C5B0D5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_java:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "79D7DBBA-6849-45F7-AFEF-C765569C481A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_sdk:11:sp2:*:*:*:*:*:*",
"matchCriteriaId": "2C634990-2690-4E3B-B21F-6687A6A34644",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_sdk:11:sp3:*:*:*:*:*:*",
"matchCriteriaId": "73B7BC23-6CCA-41B2-8F61-EDB95F1AFB1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:9:*:*:*:*:*:*:*",
"matchCriteriaId": "4CD2D897-E321-4CED-92E0-11A98B52053C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:ltss:*:*:*",
"matchCriteriaId": "CED02712-1031-4206-AC4D-E68710F46EC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:-:*:*:*",
"matchCriteriaId": "D1D7B467-58DD-45F1-9F1F-632620DF072A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:-:*:*",
"matchCriteriaId": "88D6E858-FD8F-4C55-B7D5-CEEDA2BBA898",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:*:vmware:*:*",
"matchCriteriaId": "DB4D6749-81A1-41D7-BF4F-1C45A7F49A22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*",
"matchCriteriaId": "E534C201-BCC5-473C-AAA7-AAB97CEB5437",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*",
"matchCriteriaId": "2470C6E8-2024-4CF5-9982-CFF50E88EAE9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*",
"matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*",
"matchCriteriaId": "CB66DB75-2B16-4EBF-9B93-CE49D8086E41",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E2076871-2E80-4605-A470-A41C1A8EC7EE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*",
"matchCriteriaId": "EFAA48D9-BEB4-4E49-AD50-325C262D46D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*",
"matchCriteriaId": "7F61F047-129C-41A6-8A27-FFCBB8563E91",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:xerces2_java:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8CFD62E4-794A-43C0-8C65-A44D970D1569",
"versionEndExcluding": "2.12.0",
"versionStartIncluding": "2.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment (JRE) in IBM Java 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 as well as Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, Java SE Embedded 7u40 and earlier, and possibly other products allows remote attackers to cause a denial of service via vectors related to XML attribute names."
},
{
"lang": "es",
"value": "XMLscanner.java en Apache Xerces2 Java Parser, en versiones anteriores a la 2.12.0, tal y como se emple\u00f3 en Java Runtime Environment (JRE) en IBM Java, en versiones 5.0 anteriores a la 5.0 SR16-FP3, 6 anteriores a la 6 SR14, 6.0.1 anteriores a la 6.0.1 SR6 y 7 anteriores a la 7 SR5, as\u00ed como en Oracle Java SE 7u40 y anteriores, Java SE 6u60 y anteriores, Java SE 5.0u51 y anteriores, JRockit R28.2.8 y anteriores, JRockit R27.7.6 y anteriores, Java SE Embedded 7u40 y anteriores y, posiblemente, otros productos, permite que los atacantes remotos realicen una denegaci\u00f3n de servicio (DoS) mediante vectores relacionados con los nombres de atributo XML."
}
],
"id": "CVE-2013-4002",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-07-23T11:03:19.790",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Broken Link",
"Mailing List"
],
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Broken Link"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1059.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Broken Link"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Broken Link"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1081.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Broken Link"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Broken Link"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Broken Link"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Broken Link"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Broken Link"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1818.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Broken Link"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1821.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Broken Link"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1822.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Broken Link"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1823.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Broken Link"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0675.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Broken Link"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0720.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Broken Link"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0765.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Broken Link"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0773.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/56257"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT5982"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://svn.apache.org/viewvc/xerces/java/trunk/src/org/apache/xerces/impl/XMLScanner.java?r1=965250\u0026r2=1499506\u0026view=patch"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC98015"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21653371"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21657539"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_filenet_content_manager_and_ibm_content_foundation_xml_4j_denial_of_service_attack_cve_2013_4002"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Broken Link"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21648172"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/61310"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2033-1"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85260"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://issues.apache.org/jira/browse/XERCESJ-1679"
},
{
"source": "psirt@us.ibm.com",
"url": "https://lists.apache.org/thread.html/49dc6702104a86ecbb40292dcd329ce9ae4c32b74733199ecab14a73%40%3Cj-users.xerces.apache.org%3E"
},
{
"source": "psirt@us.ibm.com",
"url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E"
},
{
"source": "psirt@us.ibm.com",
"url": "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5%40%3Csolr-user.lucene.apache.org%3E"
},
{
"source": "psirt@us.ibm.com",
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "https://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Mailing List"
],
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Mailing List",
"Third Party Advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1059.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1081.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1818.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1821.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1822.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1823.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0675.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0720.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0765.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0773.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/56257"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://support.apple.com/kb/HT5982"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://svn.apache.org/viewvc/xerces/java/trunk/src/org/apache/xerces/impl/XMLScanner.java?r1=965250\u0026r2=1499506\u0026view=patch"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC98015"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21653371"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21657539"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_filenet_content_manager_and_ibm_content_foundation_xml_4j_denial_of_service_attack_cve_2013_4002"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21648172"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/61310"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2033-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"VDB Entry",
"Vendor Advisory"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85260"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Vendor Advisory"
],
"url": "https://issues.apache.org/jira/browse/XERCESJ-1679"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/49dc6702104a86ecbb40292dcd329ce9ae4c32b74733199ecab14a73%40%3Cj-users.xerces.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5%40%3Csolr-user.lucene.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-12-02 01:59
Modified
2025-04-12 10:46
Severity ?
Summary
IBM Java Runtime Environment (JRE) 7 R1 before SR1 FP1 (7.1.1.1), 7 before SR7 FP1 (7.0.7.1), 6 R1 before SR8 FP1 (6.1.8.1), 6 before SR16 FP1 (6.0.16.1), and before 5.0 SR16 FP7 (5.0.16.7) allows attackers to obtain the private key from a Certificate Management System (CMS) keystore via a brute force attack.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | java | 5.0.0.0 | |
| ibm | java | 5.0.11.0 | |
| ibm | java | 5.0.11.1 | |
| ibm | java | 5.0.11.2 | |
| ibm | java | 5.0.12.0 | |
| ibm | java | 5.0.12.1 | |
| ibm | java | 5.0.12.2 | |
| ibm | java | 5.0.12.3 | |
| ibm | java | 5.0.12.4 | |
| ibm | java | 5.0.12.5 | |
| ibm | java | 5.0.13.0 | |
| ibm | java | 5.0.14.0 | |
| ibm | java | 5.0.15.0 | |
| ibm | java | 5.0.16.0 | |
| ibm | java | 5.0.16.1 | |
| ibm | java | 5.0.16.2 | |
| ibm | java | 5.0.16.3 | |
| ibm | java | 6.0.0.0 | |
| ibm | java | 6.0.1.0 | |
| ibm | java | 6.0.2.0 | |
| ibm | java | 6.0.3.0 | |
| ibm | java | 6.0.4.0 | |
| ibm | java | 6.0.5.0 | |
| ibm | java | 6.0.6.0 | |
| ibm | java | 6.0.7.0 | |
| ibm | java | 6.0.8.0 | |
| ibm | java | 6.0.8.1 | |
| ibm | java | 6.0.9.0 | |
| ibm | java | 6.0.9.1 | |
| ibm | java | 6.0.9.2 | |
| ibm | java | 6.0.10.0 | |
| ibm | java | 6.0.10.1 | |
| ibm | java | 6.0.11.0 | |
| ibm | java | 6.0.12.0 | |
| ibm | java | 6.0.13.0 | |
| ibm | java | 6.0.13.1 | |
| ibm | java | 6.0.13.2 | |
| ibm | java | 6.0.14.0 | |
| ibm | java | 7.0.0.0 | |
| ibm | java | 7.0.1.0 | |
| ibm | java | 7.0.2.0 | |
| ibm | java | 7.0.3.0 | |
| ibm | java | 7.0.4.0 | |
| ibm | java | 7.0.4.1 | |
| ibm | java | 7.0.4.2 | |
| ibm | java | 7.0.5.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:java:5.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "03D3F84F-3F6E-4DF1-B162-152293D951EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A18121C3-F3F1-4EC7-A64E-3F6A0C9788C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BAD59912-7325-4AE1-ACCF-D4F804AF3947",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "62783157-E3B6-4A23-8D2F-1FBD0762E9A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "14CC0D53-8AB8-4D44-82BB-0E6A974C36AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "91A3129F-17A6-4F32-BD5D-34E4A1D1A840",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E2845FF4-2620-4B8D-96CF-CC26B3DEA3C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CC7CD279-54B6-4F6B-AE14-299FB319C690",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.12.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0EA269CA-4676-4008-89EF-20FAB89886A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.12.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D22105B6-1378-4E1C-B28A-FCAE00A2D5CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "601762D3-1188-4945-931D-EB8DAC2847A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA4A30A6-498C-46B8-8EFC-45EB13354EAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "414CC00A-C797-4C34-8709-75DC061DCDE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.16.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4401B967-0550-44F1-8753-9632120D2A44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.16.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4961693D-F56C-46CD-B721-6A15E2837C17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.16.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AA4FBB66-CF6A-42D2-B122-1861F4139E75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.16.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0E4B1DD6-3056-4FA8-8203-CCD8036FBD4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "14AD4A87-382A-41F0-96D8-0F0A9B738773",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33701DDF-6882-41D3-A11B-A1F4585A77A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "25C58BBA-06AC-40CD-A906-FD1B3B0AAB69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "76C5B430-EE11-4674-B4B0-895D66E3B32F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B1837D84-6B4F-40D8-9A3F-71C328F659BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D20A369B-2168-4883-A84C-BB48A71AFB33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3628AAB4-E524-46E5-AAF4-1980256F13CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "30DC9FE3-CDE9-4F83-989B-4E431BA18B56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C17B1C6B-04CE-49FB-B9BD-98ECD626B26F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "81F529EB-2BCA-4E3E-93E4-2A9880CDA367",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8DEAC3D6-F9F8-4F82-9BF1-FF0EC07A3274",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7694638C-CDAC-44DF-B9F9-F7237CD98017",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "23903A3C-1760-4836-BAE6-BDD32CBB4CBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2477E033-D26B-4D71-839B-5FE4B0927559",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CAB7BF-265E-411D-A584-E78DE171F065",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4E45F670-232F-4CE5-8926-6463E5619506",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5B70E6E3-15B3-4D48-AE49-B9184A58EECE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D5BCE3FD-B89B-4141-8103-9DB941AD60D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8EADFB3B-738F-4919-B165-9ECEED46EA6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B23A5431-E599-4848-AB83-B299898F5EF0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5FAE5E9B-3CF5-40E5-A551-1AFD6BD07A2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9A8BF650-B8F5-467E-8DBF-81788B55F345",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1752A831-916F-4A7D-8AAE-1CEFACC51F91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0C9744C4-76BE-428B-AFF2-5BCE00A58322",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "48B1DE45-90F9-416B-9087-8AEF5B0A3C46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9EF6A045-0DF6-463B-A0DB-6C31D8C2984C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A731493C-9B46-4105-9902-B15BA0E0FB11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "49454369-A494-4EAA-88D5-181570DEBB4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C76B9DFD-7259-423A-8CFC-A898E74897AE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Java Runtime Environment (JRE) 7 R1 before SR1 FP1 (7.1.1.1), 7 before SR7 FP1 (7.0.7.1), 6 R1 before SR8 FP1 (6.1.8.1), 6 before SR16 FP1 (6.0.16.1), and before 5.0 SR16 FP7 (5.0.16.7) allows attackers to obtain the private key from a Certificate Management System (CMS) keystore via a brute force attack."
},
{
"lang": "es",
"value": "IBM Java Runtime Environment (JRE) 7 R1 anterior a SR1 FP1 (7.1.1.1), 7 anterior a SR7 FP1 (7.0.7.1), 6 R1 anterior a SR8 FP1 (6.1.8.1), 6 anterior a SR16 FP1 (6.0.16.1), y anterior a 5.0 SR16 FP7 (5.0.16.7) permite a atacantes obtener la clave privada de un almac\u00e9n de claves del sistema de gesti\u00f3n de certificados \u0027Certificate Management System (CMS)\u0027 a trav\u00e9s de un ataque de fuerza bruta."
}
],
"id": "CVE-2014-3068",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-12-02T01:59:02.577",
"references": [
{
"source": "psirt@us.ibm.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV66876"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV66894"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21691089"
},
{
"source": "psirt@us.ibm.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1164201"
},
{
"source": "psirt@us.ibm.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93756"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV66876"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV66894"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21691089"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1164201"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93756"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-255"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-07-02 21:59
Modified
2025-04-12 10:46
Severity ?
Summary
IBM Java 7 R1 before SR3, 7 before SR9, 6 R1 before SR8 FP4, 6 before SR16 FP4, and 5.0 before SR16 FP10 allows remote attackers to bypass "permission checks" and obtain sensitive information via vectors related to the Java Virtual Machine.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D291505-B2CB-48F6-B4B9-8343DB71B4A2",
"versionEndExcluding": "5.0.16.10",
"versionStartIncluding": "5.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
"matchCriteriaId": "34A916D0-0419-47B4-91D7-3E1E74233DEC",
"versionEndExcluding": "6.0.16.4",
"versionStartIncluding": "6.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FE2C442C-B649-4BEE-A228-467597CCA5F7",
"versionEndExcluding": "6.1.8.4",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2A22DE1A-87C0-42EE-85ED-368F168D4DAF",
"versionEndExcluding": "7.0.9.0",
"versionStartIncluding": "7.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A058B1EB-3B24-430C-A278-7ABF45262756",
"versionEndExcluding": "7.1.3.0",
"versionStartIncluding": "7.1.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "IBM Java 7 R1 before SR3, 7 before SR9, 6 R1 before SR8 FP4, 6 before SR16 FP4, and 5.0 before SR16 FP10 allows remote attackers to bypass \"permission checks\" and obtain sensitive information via vectors related to the Java Virtual Machine."
},
{
"lang": "es",
"value": "IBM Java 7 R1 anterior a SR3, 7 anterior a SR9, 6 R1 anterior a SR8 FP4, 6 anterior a SR16 FP4, y 5.0 anterior a SR16 FP10 permite a atacantes remotos evadir \u0027comprobaciones de permisos\u0027 y obtener informaci\u00f3n sensible a trav\u00e9s de vectores relacionados con Java Virtual Machine."
}
],
"id": "CVE-2015-1914",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-07-02T21:59:01.377",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1006.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1007.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1020.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1021.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1091.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV72245"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV72246"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883640"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/74645"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1091.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV72245"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV72246"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883640"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/74645"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-11-24 18:55
Modified
2025-04-11 00:51
Severity ?
Summary
Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6 allows remote attackers to execute arbitrary code via unspecified vectors.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:java:7.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9A8BF650-B8F5-467E-8DBF-81788B55F345",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6 allows remote attackers to execute arbitrary code via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en IBM Java SDK 7.0.0 anteriores a SR7 permite a atacantes remotos ejecutar c\u00f3digo de forma arbitraria a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2013-5458",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-11-24T18:55:04.337",
"references": [
{
"source": "psirt@us.ibm.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://secunia.com/advisories/56338"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV51328"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655202"
},
{
"source": "psirt@us.ibm.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88257"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_November_2013"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/56338"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV51328"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655202"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88257"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_November_2013"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-07-02 21:59
Modified
2025-04-12 10:46
Severity ?
Summary
Unspecified vulnerability in IBM Java 8 before SR1, 7 R1 before SR2 FP11, 7 before SR9, 6 R1 before SR8 FP4, 6 before SR16 FP4, and 5.0 before SR16 FP10 allows remote attackers to gain privileges via unknown vectors related to the Java Virtual Machine.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0D291505-B2CB-48F6-B4B9-8343DB71B4A2",
"versionEndExcluding": "5.0.16.10",
"versionStartIncluding": "5.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FE38ADC0-5602-4620-85F3-76BEACF062BD",
"versionEndIncluding": "6.0.16.4",
"versionStartIncluding": "6.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FE2C442C-B649-4BEE-A228-467597CCA5F7",
"versionEndExcluding": "6.1.8.4",
"versionStartIncluding": "6.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F07FC23E-5B2C-418B-9243-4CCBCEFCFC50",
"versionEndIncluding": "7.0.9",
"versionStartIncluding": "7.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C77320D0-9B9F-44AC-9C4F-9A2C77795C95",
"versionEndExcluding": "7.1.2.11",
"versionStartIncluding": "7.1.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A407ADCE-EDA3-46B7-AE72-EF37B1C023A0",
"versionEndExcluding": "8.0.1.0",
"versionStartIncluding": "8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "16E6D998-B41D-4B49-9E00-8336D2E40A4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C18E3368-8980-45D2-AD3F-5BF385ABA693",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0E8CD4EF-DC90-40BB-A721-6EC087507906",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*",
"matchCriteriaId": "44B067C7-735E-43C9-9188-7E1522A02491",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "A8442C20-41F9-47FD-9A12-E724D3A31FD7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9EC0D196-F7B8-4BDD-9050-779F7A7FBEE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:ltss:*:*:*",
"matchCriteriaId": "35BBD83D-BDC7-4678-BE94-639F59281139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:ltss:*:*:*",
"matchCriteriaId": "67960FB9-13D1-4DEE-8158-31BF31BCBE6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*",
"matchCriteriaId": "CB6476C7-03F2-4939-AB85-69AA524516D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:*:*:*:*:*:*:*",
"matchCriteriaId": "F922115C-1907-4F65-9F23-3E63A8BCD4A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:*:*:*:*:*:*:*",
"matchCriteriaId": "DB2A1559-651C-46B0-B436-8E03DC8A60D2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in IBM Java 8 before SR1, 7 R1 before SR2 FP11, 7 before SR9, 6 R1 before SR8 FP4, 6 before SR16 FP4, and 5.0 before SR16 FP10 allows remote attackers to gain privileges via unknown vectors related to the Java Virtual Machine."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en IBM Java 8 anterior a SR1, 7 R1 anterior a SR2 FP11, 7 anterior a SR9, 6 R1 anterior a SR8 FP4, 6 anterior a SR16 FP4, y 5.0 anterior a SR16 FP10 permite a atacantes remotos ganar privilegios a trav\u00e9s de vectores desconocidos relacionados con Java Virtual Machine."
}
],
"id": "CVE-2015-0192",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-07-02T21:59:00.063",
"references": [
{
"source": "psirt@us.ibm.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1006.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1007.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1020.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1021.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1091.html"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV70682"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV70683"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883640"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1091.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV70682"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV70683"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883640"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-07-23 11:03
Modified
2025-04-11 00:51
Severity ?
Summary
The com.ibm.CORBA.iiop.ClientDelegate class in IBM Java 1.4.2 before 1.4.2 SR13-FP18, 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 improperly exposes the invoke method of the java.lang.reflect.Method class, which allows remote attackers to call setSecurityManager and bypass a sandbox protection mechanism via vectors related to the AccessController doPrivileged block.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | java | 1.4.2 | |
| ibm | java | 1.4.2.13 | |
| ibm | java | 1.4.2.13.1 | |
| ibm | java | 1.4.2.13.2 | |
| ibm | java | 1.4.2.13.3 | |
| ibm | java | 1.4.2.13.4 | |
| ibm | java | 1.4.2.13.5 | |
| ibm | java | 1.4.2.13.6 | |
| ibm | java | 1.4.2.13.7 | |
| ibm | java | 1.4.2.13.8 | |
| ibm | java | 1.4.2.13.9 | |
| ibm | java | 1.4.2.13.10 | |
| ibm | java | 1.4.2.13.11 | |
| ibm | java | 1.4.2.13.12 | |
| ibm | java | 1.4.2.13.13 | |
| ibm | java | 1.4.2.13.14 | |
| ibm | java | 1.4.2.13.15 | |
| ibm | java | 1.4.2.13.16 | |
| ibm | java | 1.4.2.13.17 | |
| ibm | java | 7.0.0.0 | |
| ibm | java | 7.0.1.0 | |
| ibm | java | 7.0.2.0 | |
| ibm | java | 7.0.3.0 | |
| ibm | java | 7.0.4.0 | |
| ibm | java | 7.0.4.1 | |
| ibm | java | 7.0.4.2 | |
| ibm | java | 6.0.0.0 | |
| ibm | java | 6.0.1.0 | |
| ibm | java | 6.0.2.0 | |
| ibm | java | 6.0.3.0 | |
| ibm | java | 6.0.4.0 | |
| ibm | java | 6.0.5.0 | |
| ibm | java | 6.0.6.0 | |
| ibm | java | 6.0.7.0 | |
| ibm | java | 6.0.8.0 | |
| ibm | java | 6.0.8.1 | |
| ibm | java | 6.0.9.0 | |
| ibm | java | 6.0.9.1 | |
| ibm | java | 6.0.9.2 | |
| ibm | java | 6.0.10.0 | |
| ibm | java | 6.0.10.1 | |
| ibm | java | 6.0.11.0 | |
| ibm | java | 6.0.12.0 | |
| ibm | java | 6.0.13.0 | |
| ibm | java | 6.0.13.1 | |
| ibm | java | 6.0.13.2 | |
| ibm | java | 5.0.0.0 | |
| ibm | java | 5.0.11.0 | |
| ibm | java | 5.0.11.1 | |
| ibm | java | 5.0.11.2 | |
| ibm | java | 5.0.12.0 | |
| ibm | java | 5.0.12.1 | |
| ibm | java | 5.0.12.2 | |
| ibm | java | 5.0.12.3 | |
| ibm | java | 5.0.12.4 | |
| ibm | java | 5.0.12.5 | |
| ibm | java | 5.0.13.0 | |
| ibm | java | 5.0.14.0 | |
| ibm | java | 5.0.15.0 | |
| ibm | java | 5.0.16.0 | |
| ibm | java | 5.0.16.1 | |
| ibm | java | 5.0.16.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "82F48415-7D29-488D-B0F0-21BBF67A8025",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13:*:*:*:*:*:*:*",
"matchCriteriaId": "429E0F9B-63D2-46C1-9BB3-C0B91FC5A0B8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7D454628-6074-42C5-B2F4-8ABC5597746E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BC71A3DD-E08E-41FF-8443-5A75AD9F4FB1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E09B43A6-87FB-4ECA-B837-469AA63FCED7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13.4:*:*:*:*:*:*:*",
"matchCriteriaId": "55BD6A1E-8043-43AA-980D-8A277CE3CDB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8549B650-7862-4C3B-8F26-8D9EC490000E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13.6:*:*:*:*:*:*:*",
"matchCriteriaId": "89D960CA-0065-44FE-83C4-F02119FEA7CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F2F28E80-A2FE-4985-8D02-06E6E10D8186",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13.8:*:*:*:*:*:*:*",
"matchCriteriaId": "E484DE96-7DDE-4B49-B6CF-E4A4F22BDA5F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13.9:*:*:*:*:*:*:*",
"matchCriteriaId": "F6EA48C2-7EF8-4E2E-A366-DE53B73029F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13.10:*:*:*:*:*:*:*",
"matchCriteriaId": "7EF5408C-D5CA-4404-9268-D0C26325FDD4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13.11:*:*:*:*:*:*:*",
"matchCriteriaId": "6515717B-2DBF-4D91-BA6F-8BD77DE860F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13.12:*:*:*:*:*:*:*",
"matchCriteriaId": "5A5E269F-A5F5-40D9-8FF2-8FAAD73AFA32",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13.13:*:*:*:*:*:*:*",
"matchCriteriaId": "95CB9215-CB52-484A-A67A-C7C2CBA8F68D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13.14:*:*:*:*:*:*:*",
"matchCriteriaId": "6944A8CC-B4E5-4F1F-BA71-384D7EE074B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13.15:*:*:*:*:*:*:*",
"matchCriteriaId": "7D8146AC-57A3-4FB3-A384-DD3B00133E69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13.16:*:*:*:*:*:*:*",
"matchCriteriaId": "5803B80C-3169-45ED-B5C9-095C032778A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:1.4.2.13.17:*:*:*:*:*:*:*",
"matchCriteriaId": "DD37B25A-3306-4FD2-84D4-EDDAA3236C12",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:java:7.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9A8BF650-B8F5-467E-8DBF-81788B55F345",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1752A831-916F-4A7D-8AAE-1CEFACC51F91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0C9744C4-76BE-428B-AFF2-5BCE00A58322",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "48B1DE45-90F9-416B-9087-8AEF5B0A3C46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9EF6A045-0DF6-463B-A0DB-6C31D8C2984C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A731493C-9B46-4105-9902-B15BA0E0FB11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:7.0.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "49454369-A494-4EAA-88D5-181570DEBB4A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:java:6.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "14AD4A87-382A-41F0-96D8-0F0A9B738773",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "33701DDF-6882-41D3-A11B-A1F4585A77A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "25C58BBA-06AC-40CD-A906-FD1B3B0AAB69",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "76C5B430-EE11-4674-B4B0-895D66E3B32F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B1837D84-6B4F-40D8-9A3F-71C328F659BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D20A369B-2168-4883-A84C-BB48A71AFB33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3628AAB4-E524-46E5-AAF4-1980256F13CE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "30DC9FE3-CDE9-4F83-989B-4E431BA18B56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C17B1C6B-04CE-49FB-B9BD-98ECD626B26F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "81F529EB-2BCA-4E3E-93E4-2A9880CDA367",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8DEAC3D6-F9F8-4F82-9BF1-FF0EC07A3274",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.9.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7694638C-CDAC-44DF-B9F9-F7237CD98017",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.9.2:*:*:*:*:*:*:*",
"matchCriteriaId": "23903A3C-1760-4836-BAE6-BDD32CBB4CBD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2477E033-D26B-4D71-839B-5FE4B0927559",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.10.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B1CAB7BF-265E-411D-A584-E78DE171F065",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4E45F670-232F-4CE5-8926-6463E5619506",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5B70E6E3-15B3-4D48-AE49-B9184A58EECE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D5BCE3FD-B89B-4141-8103-9DB941AD60D0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.13.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8EADFB3B-738F-4919-B165-9ECEED46EA6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:6.0.13.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B23A5431-E599-4848-AB83-B299898F5EF0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:java:5.0.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "03D3F84F-3F6E-4DF1-B162-152293D951EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A18121C3-F3F1-4EC7-A64E-3F6A0C9788C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.11.1:*:*:*:*:*:*:*",
"matchCriteriaId": "BAD59912-7325-4AE1-ACCF-D4F804AF3947",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.11.2:*:*:*:*:*:*:*",
"matchCriteriaId": "62783157-E3B6-4A23-8D2F-1FBD0762E9A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.12.0:*:*:*:*:*:*:*",
"matchCriteriaId": "14CC0D53-8AB8-4D44-82BB-0E6A974C36AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "91A3129F-17A6-4F32-BD5D-34E4A1D1A840",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E2845FF4-2620-4B8D-96CF-CC26B3DEA3C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CC7CD279-54B6-4F6B-AE14-299FB319C690",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.12.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0EA269CA-4676-4008-89EF-20FAB89886A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.12.5:*:*:*:*:*:*:*",
"matchCriteriaId": "D22105B6-1378-4E1C-B28A-FCAE00A2D5CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.13.0:*:*:*:*:*:*:*",
"matchCriteriaId": "601762D3-1188-4945-931D-EB8DAC2847A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.14.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FA4A30A6-498C-46B8-8EFC-45EB13354EAF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.15.0:*:*:*:*:*:*:*",
"matchCriteriaId": "414CC00A-C797-4C34-8709-75DC061DCDE1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.16.0:*:*:*:*:*:*:*",
"matchCriteriaId": "4401B967-0550-44F1-8753-9632120D2A44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.16.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4961693D-F56C-46CD-B721-6A15E2837C17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:java:5.0.16.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AA4FBB66-CF6A-42D2-B122-1861F4139E75",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The com.ibm.CORBA.iiop.ClientDelegate class in IBM Java 1.4.2 before 1.4.2 SR13-FP18, 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 improperly exposes the invoke method of the java.lang.reflect.Method class, which allows remote attackers to call setSecurityManager and bypass a sandbox protection mechanism via vectors related to the AccessController doPrivileged block."
},
{
"lang": "es",
"value": "La clase com.ibm.CORBA.iiop.ClientDelegate en IBM Java 1.4.2 en vesiones anteriores a 1.4.2 SR13-FP18, 5.0 en vesiones anteriores a 5.0 SR16-FP3, 6 en vesiones anteriores a 6 SR14, 6.0.1 en vesiones anteriores a 6.0.1 SR6 y 7 en vesiones anteriores a 7 SR5 expone de manera incorrecta el m\u00e9todo invocado de la clase java.lang.reflect.Method, lo que permite a atacantes remotos hacer llamar a setSecurityManager y eludir un mecanismo de protecci\u00f3n de sandbox a trav\u00e9s de vectores relacionados con el bloque AccessController doPrivileged."
}
],
"id": "CVE-2013-3009",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-07-23T11:03:19.693",
"references": [
{
"source": "psirt@us.ibm.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00031.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1059.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1081.html"
},
{
"source": "psirt@us.ibm.com",
"url": "http://seclists.org/fulldisclosure/2016/Apr/20"
},
{
"source": "psirt@us.ibm.com",
"url": "http://seclists.org/fulldisclosure/2016/Apr/3"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/54154"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV44792"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IX90118"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM91727"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21642336"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197"
},
{
"source": "psirt@us.ibm.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.security-explorations.com/materials/SE-2012-01-IBM-2.pdf"
},
{
"source": "psirt@us.ibm.com",
"url": "http://www.security-explorations.com/materials/SE-2012-01-IBM-4.pdf"
},
{
"source": "psirt@us.ibm.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84150"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00031.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1059.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1081.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2016/Apr/20"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://seclists.org/fulldisclosure/2016/Apr/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/54154"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV44792"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IX90118"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM91727"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21642336"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.security-explorations.com/materials/SE-2012-01-IBM-2.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.security-explorations.com/materials/SE-2012-01-IBM-4.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84150"
}
],
"sourceIdentifier": "psirt@us.ibm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2012-4822 (GCVE-0-2012-4822)
Vulnerability from cvelistv5
Published
2013-01-11 00:00
Modified
2024-08-06 20:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple unspecified vulnerabilities in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes & Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allow remote attackers to execute arbitrary code via vectors related to "insecure use [of] multiple methods in the java.lang.class class."
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:50:16.938Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2012:1466",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1466.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
},
{
"name": "20120911 [SE-2012-01] Security vulnerabilities in IBM Java",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://seclists.org/bugtraq/2012/Sep/38"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652"
},
{
"name": "RHSA-2013:1455",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
},
{
"name": "IV29665",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV29665"
},
{
"name": "55495",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/55495"
},
{
"name": "ibm-java-jlc-code-execution(78766)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78766"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21631786"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
},
{
"name": "51327",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51327"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546"
},
{
"name": "RHSA-2012:1467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
},
{
"name": "RHSA-2012:1465",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1465.html"
},
{
"name": "51328",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51328"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708"
},
{
"name": "51634",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51634"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705"
},
{
"name": "RHSA-2013:1456",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
},
{
"name": "51393",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51393"
},
{
"name": "51326",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51326"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-09-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes \u0026 Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allow remote attackers to execute arbitrary code via vectors related to \"insecure use [of] multiple methods in the java.lang.class class.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "RHSA-2012:1466",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1466.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
},
{
"name": "20120911 [SE-2012-01] Security vulnerabilities in IBM Java",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://seclists.org/bugtraq/2012/Sep/38"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652"
},
{
"name": "RHSA-2013:1455",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
},
{
"name": "IV29665",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV29665"
},
{
"name": "55495",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/55495"
},
{
"name": "ibm-java-jlc-code-execution(78766)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78766"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21631786"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
},
{
"name": "51327",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51327"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546"
},
{
"name": "RHSA-2012:1467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
},
{
"name": "RHSA-2012:1465",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1465.html"
},
{
"name": "51328",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51328"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708"
},
{
"name": "51634",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51634"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705"
},
{
"name": "RHSA-2013:1456",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
},
{
"name": "51393",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51393"
},
{
"name": "51326",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51326"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2012-4822",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes \u0026 Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allow remote attackers to execute arbitrary code via vectors related to \"insecure use [of] multiple methods in the java.lang.class class.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2012:1466",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1466.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
},
{
"name": "20120911 [SE-2012-01] Security vulnerabilities in IBM Java",
"refsource": "BUGTRAQ",
"url": "http://seclists.org/bugtraq/2012/Sep/38"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652"
},
{
"name": "RHSA-2013:1455",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
},
{
"name": "IV29665",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV29665"
},
{
"name": "55495",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/55495"
},
{
"name": "ibm-java-jlc-code-execution(78766)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78766"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21631786",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21631786"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
},
{
"name": "51327",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51327"
},
{
"name": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546",
"refsource": "CONFIRM",
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546"
},
{
"name": "RHSA-2012:1467",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
},
{
"name": "RHSA-2012:1465",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1465.html"
},
{
"name": "51328",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51328"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708"
},
{
"name": "51634",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51634"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705"
},
{
"name": "RHSA-2013:1456",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
},
{
"name": "51393",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51393"
},
{
"name": "51326",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51326"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2012-4822",
"datePublished": "2013-01-11T00:00:00",
"dateReserved": "2012-09-06T00:00:00",
"dateUpdated": "2024-08-06T20:50:16.938Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-4820 (GCVE-0-2012-4820)
Vulnerability from cvelistv5
Published
2013-01-11 00:00
Modified
2024-08-06 20:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes & Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, when running under a security manager, allows remote attackers to gain privileges by modifying or removing the security manager via vectors related to "insecure use of the java.lang.reflect.Method invoke() method."
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:50:17.367Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2012:1466",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1466.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
},
{
"name": "20120911 [SE-2012-01] Security vulnerabilities in IBM Java",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://seclists.org/bugtraq/2012/Sep/38"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652"
},
{
"name": "RHSA-2013:1455",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
},
{
"name": "55495",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/55495"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21631786"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
},
{
"name": "51327",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51327"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546"
},
{
"name": "ibm-java-invoke-code-execution(78764)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78764"
},
{
"name": "RHSA-2012:1467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
},
{
"name": "RHSA-2012:1465",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1465.html"
},
{
"name": "51328",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51328"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708"
},
{
"name": "51634",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51634"
},
{
"name": "IV29654",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV29654"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705"
},
{
"name": "RHSA-2013:1456",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
},
{
"name": "51393",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51393"
},
{
"name": "51326",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51326"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-09-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes \u0026 Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, when running under a security manager, allows remote attackers to gain privileges by modifying or removing the security manager via vectors related to \"insecure use of the java.lang.reflect.Method invoke() method.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "RHSA-2012:1466",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1466.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
},
{
"name": "20120911 [SE-2012-01] Security vulnerabilities in IBM Java",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://seclists.org/bugtraq/2012/Sep/38"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652"
},
{
"name": "RHSA-2013:1455",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
},
{
"name": "55495",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/55495"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21631786"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
},
{
"name": "51327",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51327"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546"
},
{
"name": "ibm-java-invoke-code-execution(78764)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78764"
},
{
"name": "RHSA-2012:1467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
},
{
"name": "RHSA-2012:1465",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1465.html"
},
{
"name": "51328",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51328"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708"
},
{
"name": "51634",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51634"
},
{
"name": "IV29654",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV29654"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705"
},
{
"name": "RHSA-2013:1456",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
},
{
"name": "51393",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51393"
},
{
"name": "51326",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51326"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2012-4820",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes \u0026 Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, when running under a security manager, allows remote attackers to gain privileges by modifying or removing the security manager via vectors related to \"insecure use of the java.lang.reflect.Method invoke() method.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2012:1466",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1466.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
},
{
"name": "20120911 [SE-2012-01] Security vulnerabilities in IBM Java",
"refsource": "BUGTRAQ",
"url": "http://seclists.org/bugtraq/2012/Sep/38"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652"
},
{
"name": "RHSA-2013:1455",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
},
{
"name": "55495",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/55495"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21631786",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21631786"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
},
{
"name": "51327",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51327"
},
{
"name": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546",
"refsource": "CONFIRM",
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546"
},
{
"name": "ibm-java-invoke-code-execution(78764)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78764"
},
{
"name": "RHSA-2012:1467",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
},
{
"name": "RHSA-2012:1465",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1465.html"
},
{
"name": "51328",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51328"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708"
},
{
"name": "51634",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51634"
},
{
"name": "IV29654",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV29654"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705"
},
{
"name": "RHSA-2013:1456",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
},
{
"name": "51393",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51393"
},
{
"name": "51326",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51326"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2012-4820",
"datePublished": "2013-01-11T00:00:00",
"dateReserved": "2012-09-06T00:00:00",
"dateUpdated": "2024-08-06T20:50:17.367Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-5458 (GCVE-0-2013-5458)
Vulnerability from cvelistv5
Published
2013-11-24 18:00
Modified
2024-08-06 17:15
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6 allows remote attackers to execute arbitrary code via unspecified vectors.
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:15:20.197Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "IV51328",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV51328"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655202"
},
{
"name": "SUSE-SU-2013:1677",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_November_2013"
},
{
"name": "ibm-java-cve20135458-code-exec(88257)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88257"
},
{
"name": "RHSA-2013:1507",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"name": "56338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56338"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-11-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6 allows remote attackers to execute arbitrary code via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "IV51328",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV51328"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655202"
},
{
"name": "SUSE-SU-2013:1677",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_November_2013"
},
{
"name": "ibm-java-cve20135458-code-exec(88257)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88257"
},
{
"name": "RHSA-2013:1507",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"name": "56338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56338"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2013-5458",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6 allows remote attackers to execute arbitrary code via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "IV51328",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV51328"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21655202",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655202"
},
{
"name": "SUSE-SU-2013:1677",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"name": "https://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_November_2013",
"refsource": "CONFIRM",
"url": "https://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_November_2013"
},
{
"name": "ibm-java-cve20135458-code-exec(88257)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88257"
},
{
"name": "RHSA-2013:1507",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"name": "56338",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56338"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2013-5458",
"datePublished": "2013-11-24T18:00:00",
"dateReserved": "2013-08-22T00:00:00",
"dateUpdated": "2024-08-06T17:15:20.197Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-5456 (GCVE-0-2013-5456)
Vulnerability from cvelistv5
Published
2013-11-24 18:00
Modified
2024-08-06 17:15
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The com.ibm.rmi.io.SunSerializableFactory class in IBM Java SDK 7.0.0 before SR6 allows remote attackers to bypass a sandbox protection mechanism and execute arbitrary code via vectors related to deserialization inside the AccessController doPrivileged block.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:15:20.186Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "IV51329",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV51329"
},
{
"name": "ibm-java-cve20135456-code-exec(88255)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88255"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655202"
},
{
"name": "SUSE-SU-2013:1677",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.security-explorations.com/materials/SE-2012-01-IBM-3.pdf"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_November_2013"
},
{
"name": "RHSA-2013:1507",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.security-explorations.com/materials/SE-2012-01-IBM-5.pdf"
},
{
"name": "56338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56338"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-11-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The com.ibm.rmi.io.SunSerializableFactory class in IBM Java SDK 7.0.0 before SR6 allows remote attackers to bypass a sandbox protection mechanism and execute arbitrary code via vectors related to deserialization inside the AccessController doPrivileged block."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "IV51329",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV51329"
},
{
"name": "ibm-java-cve20135456-code-exec(88255)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88255"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655202"
},
{
"name": "SUSE-SU-2013:1677",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.security-explorations.com/materials/SE-2012-01-IBM-3.pdf"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_November_2013"
},
{
"name": "RHSA-2013:1507",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.security-explorations.com/materials/SE-2012-01-IBM-5.pdf"
},
{
"name": "56338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56338"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2013-5456",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The com.ibm.rmi.io.SunSerializableFactory class in IBM Java SDK 7.0.0 before SR6 allows remote attackers to bypass a sandbox protection mechanism and execute arbitrary code via vectors related to deserialization inside the AccessController doPrivileged block."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "IV51329",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV51329"
},
{
"name": "ibm-java-cve20135456-code-exec(88255)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88255"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21655202",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655202"
},
{
"name": "SUSE-SU-2013:1677",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"name": "http://www.security-explorations.com/materials/SE-2012-01-IBM-3.pdf",
"refsource": "MISC",
"url": "http://www.security-explorations.com/materials/SE-2012-01-IBM-3.pdf"
},
{
"name": "https://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_November_2013",
"refsource": "CONFIRM",
"url": "https://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_November_2013"
},
{
"name": "RHSA-2013:1507",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"name": "http://www.security-explorations.com/materials/SE-2012-01-IBM-5.pdf",
"refsource": "MISC",
"url": "http://www.security-explorations.com/materials/SE-2012-01-IBM-5.pdf"
},
{
"name": "56338",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56338"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2013-5456",
"datePublished": "2013-11-24T18:00:00",
"dateReserved": "2013-08-22T00:00:00",
"dateUpdated": "2024-08-06T17:15:20.186Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-0485 (GCVE-0-2013-0485)
Vulnerability from cvelistv5
Published
2014-01-21 18:00
Modified
2024-08-06 14:25
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in IBM Java SDK 7 before SR4-FP1, 6 before SR13-FP1, 5.0 before SR16-FP1, and 1.4.2 before SR13-FP16 has unknown impact and attack vectors related to Class Libraries.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:25:10.427Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/developerworks/java/jdk/aix/j532/fixes.html#SR16FP1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/developerworks/java/jdk/aix/j732/Java7.fixes.html#SR4FP1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/developerworks/java/jdk/aix/j664/Java6_64.fixes.html#SR13FP1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/developerworks/java/jdk/aix/142_64/fixes.html#SR13FP16"
},
{
"name": "SUSE-SU-2013:0701",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00020.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=950072"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-04-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in IBM Java SDK 7 before SR4-FP1, 6 before SR13-FP1, 5.0 before SR16-FP1, and 1.4.2 before SR13-FP16 has unknown impact and attack vectors related to Class Libraries."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-05-10T14:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/developerworks/java/jdk/aix/j532/fixes.html#SR16FP1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/developerworks/java/jdk/aix/j732/Java7.fixes.html#SR4FP1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/developerworks/java/jdk/aix/j664/Java6_64.fixes.html#SR13FP1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/developerworks/java/jdk/aix/142_64/fixes.html#SR13FP16"
},
{
"name": "SUSE-SU-2013:0701",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00020.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=950072"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2013-0485",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in IBM Java SDK 7 before SR4-FP1, 6 before SR13-FP1, 5.0 before SR16-FP1, and 1.4.2 before SR13-FP16 has unknown impact and attack vectors related to Class Libraries."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/developerworks/java/jdk/aix/j532/fixes.html#SR16FP1",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/developerworks/java/jdk/aix/j532/fixes.html#SR16FP1"
},
{
"name": "http://www.ibm.com/developerworks/java/jdk/aix/j732/Java7.fixes.html#SR4FP1",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/developerworks/java/jdk/aix/j732/Java7.fixes.html#SR4FP1"
},
{
"name": "http://www.ibm.com/developerworks/java/jdk/aix/j664/Java6_64.fixes.html#SR13FP1",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/developerworks/java/jdk/aix/j664/Java6_64.fixes.html#SR13FP1"
},
{
"name": "http://www.ibm.com/developerworks/java/jdk/aix/142_64/fixes.html#SR13FP16",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/developerworks/java/jdk/aix/142_64/fixes.html#SR13FP16"
},
{
"name": "SUSE-SU-2013:0701",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00020.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=950072",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=950072"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2013-0485",
"datePublished": "2014-01-21T18:00:00",
"dateReserved": "2012-12-16T00:00:00",
"dateUpdated": "2024-08-06T14:25:10.427Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3009 (GCVE-0-2013-3009)
Vulnerability from cvelistv5
Published
2013-07-23 10:00
Modified
2024-08-06 15:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The com.ibm.CORBA.iiop.ClientDelegate class in IBM Java 1.4.2 before 1.4.2 SR13-FP18, 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 improperly exposes the invoke method of the java.lang.reflect.Method class, which allows remote attackers to call setSecurityManager and bypass a sandbox protection mechanism via vectors related to the AccessController doPrivileged block.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:52:21.832Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2013:1060",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.security-explorations.com/materials/SE-2012-01-IBM-2.pdf"
},
{
"name": "SUSE-SU-2013:1264",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00031.html"
},
{
"name": "SUSE-SU-2013:1257",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
},
{
"name": "SUSE-SU-2013:1256",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
},
{
"name": "54154",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54154"
},
{
"name": "IV44792",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV44792"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.security-explorations.com/materials/SE-2012-01-IBM-4.pdf"
},
{
"name": "SUSE-SU-2013:1263",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html"
},
{
"name": "RHSA-2013:1059",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1059.html"
},
{
"name": "ibm-java-cve20133009(84150)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84150"
},
{
"name": "20160405 Re: [SE-2012-01] Broken security fix in IBM Java 7/8",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2016/Apr/20"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197"
},
{
"name": "IX90118",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IX90118"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013"
},
{
"name": "SUSE-SU-2013:1293",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html"
},
{
"name": "RHSA-2013:1081",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1081.html"
},
{
"name": "20160404 [SE-2012-01] Broken security fix in IBM Java 7/8",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2016/Apr/3"
},
{
"name": "SUSE-SU-2013:1255",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html"
},
{
"name": "PM91727",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM91727"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21642336"
},
{
"name": "SUSE-SU-2013:1305",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-06-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The com.ibm.CORBA.iiop.ClientDelegate class in IBM Java 1.4.2 before 1.4.2 SR13-FP18, 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 improperly exposes the invoke method of the java.lang.reflect.Method class, which allows remote attackers to call setSecurityManager and bypass a sandbox protection mechanism via vectors related to the AccessController doPrivileged block."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-28T14:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "RHSA-2013:1060",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.security-explorations.com/materials/SE-2012-01-IBM-2.pdf"
},
{
"name": "SUSE-SU-2013:1264",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00031.html"
},
{
"name": "SUSE-SU-2013:1257",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
},
{
"name": "SUSE-SU-2013:1256",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
},
{
"name": "54154",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54154"
},
{
"name": "IV44792",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV44792"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.security-explorations.com/materials/SE-2012-01-IBM-4.pdf"
},
{
"name": "SUSE-SU-2013:1263",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html"
},
{
"name": "RHSA-2013:1059",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1059.html"
},
{
"name": "ibm-java-cve20133009(84150)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84150"
},
{
"name": "20160405 Re: [SE-2012-01] Broken security fix in IBM Java 7/8",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2016/Apr/20"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197"
},
{
"name": "IX90118",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IX90118"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013"
},
{
"name": "SUSE-SU-2013:1293",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html"
},
{
"name": "RHSA-2013:1081",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1081.html"
},
{
"name": "20160404 [SE-2012-01] Broken security fix in IBM Java 7/8",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2016/Apr/3"
},
{
"name": "SUSE-SU-2013:1255",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html"
},
{
"name": "PM91727",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM91727"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21642336"
},
{
"name": "SUSE-SU-2013:1305",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2013-3009",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The com.ibm.CORBA.iiop.ClientDelegate class in IBM Java 1.4.2 before 1.4.2 SR13-FP18, 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 improperly exposes the invoke method of the java.lang.reflect.Method class, which allows remote attackers to call setSecurityManager and bypass a sandbox protection mechanism via vectors related to the AccessController doPrivileged block."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2013:1060",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
},
{
"name": "http://www.security-explorations.com/materials/SE-2012-01-IBM-2.pdf",
"refsource": "MISC",
"url": "http://www.security-explorations.com/materials/SE-2012-01-IBM-2.pdf"
},
{
"name": "SUSE-SU-2013:1264",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00031.html"
},
{
"name": "SUSE-SU-2013:1257",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
},
{
"name": "SUSE-SU-2013:1256",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
},
{
"name": "54154",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54154"
},
{
"name": "IV44792",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV44792"
},
{
"name": "http://www.security-explorations.com/materials/SE-2012-01-IBM-4.pdf",
"refsource": "MISC",
"url": "http://www.security-explorations.com/materials/SE-2012-01-IBM-4.pdf"
},
{
"name": "SUSE-SU-2013:1263",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html"
},
{
"name": "RHSA-2013:1059",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1059.html"
},
{
"name": "ibm-java-cve20133009(84150)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84150"
},
{
"name": "20160405 Re: [SE-2012-01] Broken security fix in IBM Java 7/8",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/Apr/20"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197"
},
{
"name": "IX90118",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IX90118"
},
{
"name": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013"
},
{
"name": "SUSE-SU-2013:1293",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html"
},
{
"name": "RHSA-2013:1081",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1081.html"
},
{
"name": "20160404 [SE-2012-01] Broken security fix in IBM Java 7/8",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2016/Apr/3"
},
{
"name": "SUSE-SU-2013:1255",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html"
},
{
"name": "PM91727",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM91727"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21642336",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21642336"
},
{
"name": "SUSE-SU-2013:1305",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2013-3009",
"datePublished": "2013-07-23T10:00:00",
"dateReserved": "2013-04-12T00:00:00",
"dateUpdated": "2024-08-06T15:52:21.832Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4002 (GCVE-0-2013-4002)
Vulnerability from cvelistv5
Published
2013-07-23 10:00
Modified
2024-08-06 16:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment (JRE) in IBM Java 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 as well as Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, Java SE Embedded 7u40 and earlier, and possibly other products allows remote attackers to cause a denial of service via vectors related to XML attribute names.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:30:49.315Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "IC98015",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC98015"
},
{
"name": "RHSA-2013:1060",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
},
{
"name": "RHSA-2014:0414",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "GLSA-201406-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "RHSA-2013:1447",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
},
{
"name": "RHSA-2015:0765",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0765.html"
},
{
"name": "RHSA-2013:1440",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
},
{
"name": "RHSA-2015:0675",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0675.html"
},
{
"name": "61310",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/61310"
},
{
"name": "RHSA-2015:0773",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0773.html"
},
{
"name": "RHSA-2015:0720",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0720.html"
},
{
"name": "SUSE-SU-2013:1257",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
},
{
"name": "USN-2033-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2033-1"
},
{
"name": "USN-2089-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"name": "SUSE-SU-2013:1256",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
},
{
"name": "HPSBUX02944",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
},
{
"name": "RHSA-2013:1505",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
},
{
"name": "HPSBUX02943",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
},
{
"name": "RHSA-2014:1822",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1822.html"
},
{
"name": "56257",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56257"
},
{
"name": "SUSE-SU-2013:1263",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html"
},
{
"name": "RHSA-2013:1059",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1059.html"
},
{
"name": "RHSA-2014:1823",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1823.html"
},
{
"name": "openSUSE-SU-2013:1663",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
},
{
"name": "SUSE-SU-2013:1666",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
},
{
"name": "APPLE-SA-2013-10-15-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
},
{
"name": "SUSE-SU-2013:1293",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html"
},
{
"name": "RHSA-2013:1081",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1081.html"
},
{
"name": "[j-users] 20180503 [ANNOUNCEMENT]: Apache Xerces-J 2.12.0 now available",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/49dc6702104a86ecbb40292dcd329ce9ae4c32b74733199ecab14a73%40%3Cj-users.xerces.apache.org%3E"
},
{
"name": "SUSE-SU-2013:1255",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html"
},
{
"name": "RHSA-2013:1451",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
},
{
"name": "RHSA-2014:1818",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1818.html"
},
{
"name": "RHSA-2014:1821",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1821.html"
},
{
"name": "SUSE-SU-2013:1305",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html"
},
{
"name": "ibm-java-cve20134002-dos(85260)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85260"
},
{
"name": "[lucene-solr-user] 20190104 Re: SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E"
},
{
"name": "[lucene-solr-user] 20200320 CVEs (vulnerabilities) that apply to Solr 8.4.1",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5%40%3Csolr-user.lucene.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21648172"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21657539"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://issues.apache.org/jira/browse/XERCESJ-1679"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://svn.apache.org/viewvc/xerces/java/trunk/src/org/apache/xerces/impl/XMLScanner.java?r1=965250\u0026r2=1499506\u0026view=patch"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21653371"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT5982"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_filenet_content_manager_and_ibm_content_foundation_xml_4j_denial_of_service_attack_cve_2013_4002"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-07-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment (JRE) in IBM Java 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 as well as Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, Java SE Embedded 7u40 and earlier, and possibly other products allows remote attackers to cause a denial of service via vectors related to XML attribute names."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-04-19T23:19:06",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "IC98015",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC98015"
},
{
"name": "RHSA-2013:1060",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
},
{
"name": "RHSA-2014:0414",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "GLSA-201406-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "RHSA-2013:1447",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
},
{
"name": "RHSA-2015:0765",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0765.html"
},
{
"name": "RHSA-2013:1440",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
},
{
"name": "RHSA-2015:0675",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0675.html"
},
{
"name": "61310",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/61310"
},
{
"name": "RHSA-2015:0773",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0773.html"
},
{
"name": "RHSA-2015:0720",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0720.html"
},
{
"name": "SUSE-SU-2013:1257",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
},
{
"name": "USN-2033-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2033-1"
},
{
"name": "USN-2089-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"name": "SUSE-SU-2013:1256",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
},
{
"name": "HPSBUX02944",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
},
{
"name": "RHSA-2013:1505",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
},
{
"name": "HPSBUX02943",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
},
{
"name": "RHSA-2014:1822",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1822.html"
},
{
"name": "56257",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56257"
},
{
"name": "SUSE-SU-2013:1263",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html"
},
{
"name": "RHSA-2013:1059",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1059.html"
},
{
"name": "RHSA-2014:1823",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1823.html"
},
{
"name": "openSUSE-SU-2013:1663",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
},
{
"name": "SUSE-SU-2013:1666",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
},
{
"name": "APPLE-SA-2013-10-15-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
},
{
"name": "SUSE-SU-2013:1293",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html"
},
{
"name": "RHSA-2013:1081",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1081.html"
},
{
"name": "[j-users] 20180503 [ANNOUNCEMENT]: Apache Xerces-J 2.12.0 now available",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/49dc6702104a86ecbb40292dcd329ce9ae4c32b74733199ecab14a73%40%3Cj-users.xerces.apache.org%3E"
},
{
"name": "SUSE-SU-2013:1255",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html"
},
{
"name": "RHSA-2013:1451",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
},
{
"name": "RHSA-2014:1818",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1818.html"
},
{
"name": "RHSA-2014:1821",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1821.html"
},
{
"name": "SUSE-SU-2013:1305",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html"
},
{
"name": "ibm-java-cve20134002-dos(85260)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85260"
},
{
"name": "[lucene-solr-user] 20190104 Re: SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451%40%3Csolr-user.lucene.apache.org%3E"
},
{
"name": "[lucene-solr-user] 20200320 CVEs (vulnerabilities) that apply to Solr 8.4.1",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5%40%3Csolr-user.lucene.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=swg21648172"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21657539"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://issues.apache.org/jira/browse/XERCESJ-1679"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://svn.apache.org/viewvc/xerces/java/trunk/src/org/apache/xerces/impl/XMLScanner.java?r1=965250\u0026r2=1499506\u0026view=patch"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21653371"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT5982"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_filenet_content_manager_and_ibm_content_foundation_xml_4j_denial_of_service_attack_cve_2013_4002"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2013-4002",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "XMLscanner.java in Apache Xerces2 Java Parser before 2.12.0, as used in the Java Runtime Environment (JRE) in IBM Java 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 as well as Oracle Java SE 7u40 and earlier, Java SE 6u60 and earlier, Java SE 5.0u51 and earlier, JRockit R28.2.8 and earlier, JRockit R27.7.6 and earlier, Java SE Embedded 7u40 and earlier, and possibly other products allows remote attackers to cause a denial of service via vectors related to XML attribute names."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "IC98015",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC98015"
},
{
"name": "RHSA-2013:1060",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
},
{
"name": "RHSA-2014:0414",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2014:0414"
},
{
"name": "GLSA-201406-32",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-201406-32.xml"
},
{
"name": "RHSA-2013:1447",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1447.html"
},
{
"name": "RHSA-2015:0765",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0765.html"
},
{
"name": "RHSA-2013:1440",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1440.html"
},
{
"name": "RHSA-2015:0675",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0675.html"
},
{
"name": "61310",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/61310"
},
{
"name": "RHSA-2015:0773",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0773.html"
},
{
"name": "RHSA-2015:0720",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0720.html"
},
{
"name": "SUSE-SU-2013:1257",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
},
{
"name": "USN-2033-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2033-1"
},
{
"name": "USN-2089-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2089-1"
},
{
"name": "SUSE-SU-2013:1256",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
},
{
"name": "HPSBUX02944",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=138674073720143\u0026w=2"
},
{
"name": "RHSA-2013:1505",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1505.html"
},
{
"name": "HPSBUX02943",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=138674031212883\u0026w=2"
},
{
"name": "RHSA-2014:1822",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1822.html"
},
{
"name": "56257",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56257"
},
{
"name": "SUSE-SU-2013:1263",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html"
},
{
"name": "RHSA-2013:1059",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1059.html"
},
{
"name": "RHSA-2014:1823",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1823.html"
},
{
"name": "openSUSE-SU-2013:1663",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-11/msg00023.html"
},
{
"name": "SUSE-SU-2013:1666",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00010.html"
},
{
"name": "APPLE-SA-2013-10-15-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2013/Oct/msg00001.html"
},
{
"name": "SUSE-SU-2013:1293",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html"
},
{
"name": "RHSA-2013:1081",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1081.html"
},
{
"name": "[j-users] 20180503 [ANNOUNCEMENT]: Apache Xerces-J 2.12.0 now available",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/49dc6702104a86ecbb40292dcd329ce9ae4c32b74733199ecab14a73@%3Cj-users.xerces.apache.org%3E"
},
{
"name": "SUSE-SU-2013:1255",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html"
},
{
"name": "RHSA-2013:1451",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1451.html"
},
{
"name": "RHSA-2014:1818",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1818.html"
},
{
"name": "RHSA-2014:1821",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1821.html"
},
{
"name": "SUSE-SU-2013:1305",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html"
},
{
"name": "ibm-java-cve20134002-dos(85260)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85260"
},
{
"name": "[lucene-solr-user] 20190104 Re: SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/708d94141126eac03011144a971a6411fcac16d9c248d1d535a39451@%3Csolr-user.lucene.apache.org%3E"
},
{
"name": "[lucene-solr-user] 20200320 CVEs (vulnerabilities) that apply to Solr 8.4.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r204ba2a9ea750f38d789d2bb429cc0925ad6133deea7cbc3001d96b5@%3Csolr-user.lucene.apache.org%3E"
},
{
"name": "https://www.oracle.com/security-alerts/cpuapr2022.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuapr2022.html"
},
{
"name": "http://www.ibm.com/support/docview.wss?uid=swg21648172",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/support/docview.wss?uid=swg21648172"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21657539",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21657539"
},
{
"name": "https://issues.apache.org/jira/browse/XERCESJ-1679",
"refsource": "CONFIRM",
"url": "https://issues.apache.org/jira/browse/XERCESJ-1679"
},
{
"name": "http://svn.apache.org/viewvc/xerces/java/trunk/src/org/apache/xerces/impl/XMLScanner.java?r1=965250\u0026r2=1499506\u0026view=patch",
"refsource": "CONFIRM",
"url": "http://svn.apache.org/viewvc/xerces/java/trunk/src/org/apache/xerces/impl/XMLScanner.java?r1=965250\u0026r2=1499506\u0026view=patch"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21653371",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21653371"
},
{
"name": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013",
"refsource": "MISC",
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013"
},
{
"name": "http://support.apple.com/kb/HT5982",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT5982"
},
{
"name": "https://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html",
"refsource": "CONFIRM",
"url": "https://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html"
},
{
"name": "http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_filenet_content_manager_and_ibm_content_foundation_xml_4j_denial_of_service_attack_cve_2013_4002",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_ibm_filenet_content_manager_and_ibm_content_foundation_xml_4j_denial_of_service_attack_cve_2013_4002"
},
{
"name": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html",
"refsource": "CONFIRM",
"url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS13-025/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2013-4002",
"datePublished": "2013-07-23T10:00:00",
"dateReserved": "2013-06-07T00:00:00",
"dateUpdated": "2024-08-06T16:30:49.315Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-1914 (GCVE-0-2015-1914)
Vulnerability from cvelistv5
Published
2015-07-02 21:16
Modified
2024-08-06 04:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
IBM Java 7 R1 before SR3, 7 before SR9, 6 R1 before SR8 FP4, 6 before SR16 FP4, and 5.0 before SR16 FP10 allows remote attackers to bypass "permission checks" and obtain sensitive information via vectors related to the Java Virtual Machine.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:54:16.525Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2015:1007",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1007.html"
},
{
"name": "IV72245",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV72245"
},
{
"name": "RHSA-2015:1006",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1006.html"
},
{
"name": "RHSA-2015:1091",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1091.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883640"
},
{
"name": "SUSE-SU-2015:1138",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html"
},
{
"name": "RHSA-2015:1020",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1020.html"
},
{
"name": "SUSE-SU-2015:1086",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html"
},
{
"name": "74645",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/74645"
},
{
"name": "SUSE-SU-2015:1085",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html"
},
{
"name": "RHSA-2015:1021",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1021.html"
},
{
"name": "SUSE-SU-2015:1073",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html"
},
{
"name": "SUSE-SU-2015:1161",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html"
},
{
"name": "IV72246",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV72246"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Java 7 R1 before SR3, 7 before SR9, 6 R1 before SR8 FP4, 6 before SR16 FP4, and 5.0 before SR16 FP10 allows remote attackers to bypass \"permission checks\" and obtain sensitive information via vectors related to the Java Virtual Machine."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-23T18:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "RHSA-2015:1007",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1007.html"
},
{
"name": "IV72245",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV72245"
},
{
"name": "RHSA-2015:1006",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1006.html"
},
{
"name": "RHSA-2015:1091",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1091.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883640"
},
{
"name": "SUSE-SU-2015:1138",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html"
},
{
"name": "RHSA-2015:1020",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1020.html"
},
{
"name": "SUSE-SU-2015:1086",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html"
},
{
"name": "74645",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/74645"
},
{
"name": "SUSE-SU-2015:1085",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html"
},
{
"name": "RHSA-2015:1021",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1021.html"
},
{
"name": "SUSE-SU-2015:1073",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html"
},
{
"name": "SUSE-SU-2015:1161",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html"
},
{
"name": "IV72246",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV72246"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2015-1914",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Java 7 R1 before SR3, 7 before SR9, 6 R1 before SR8 FP4, 6 before SR16 FP4, and 5.0 before SR16 FP10 allows remote attackers to bypass \"permission checks\" and obtain sensitive information via vectors related to the Java Virtual Machine."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2015:1007",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1007.html"
},
{
"name": "IV72245",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV72245"
},
{
"name": "RHSA-2015:1006",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1006.html"
},
{
"name": "RHSA-2015:1091",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1091.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21883640",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883640"
},
{
"name": "SUSE-SU-2015:1138",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html"
},
{
"name": "RHSA-2015:1020",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1020.html"
},
{
"name": "SUSE-SU-2015:1086",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html"
},
{
"name": "74645",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/74645"
},
{
"name": "SUSE-SU-2015:1085",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html"
},
{
"name": "RHSA-2015:1021",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1021.html"
},
{
"name": "SUSE-SU-2015:1073",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html"
},
{
"name": "SUSE-SU-2015:1161",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html"
},
{
"name": "IV72246",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV72246"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2015-1914",
"datePublished": "2015-07-02T21:16:00",
"dateReserved": "2015-02-19T00:00:00",
"dateUpdated": "2024-08-06T04:54:16.525Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-5457 (GCVE-0-2013-5457)
Vulnerability from cvelistv5
Published
2013-11-24 18:00
Modified
2024-08-06 17:15
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6, 6.0.1 before SR7, and 6.0.0 before SR15 allows remote attackers to execute arbitrary code via unspecified vectors.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:15:20.222Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655202"
},
{
"name": "ibm-java-cve20135457-code-exec(88256)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88256"
},
{
"name": "RHSA-2013:1508",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"name": "SUSE-SU-2013:1677",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"name": "IV51334",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV51334"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_November_2013"
},
{
"name": "RHSA-2013:1793",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"name": "RHSA-2013:1507",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"name": "56338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56338"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-11-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6, 6.0.1 before SR7, and 6.0.0 before SR15 allows remote attackers to execute arbitrary code via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655202"
},
{
"name": "ibm-java-cve20135457-code-exec(88256)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88256"
},
{
"name": "RHSA-2013:1508",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"name": "SUSE-SU-2013:1677",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"name": "IV51334",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV51334"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_November_2013"
},
{
"name": "RHSA-2013:1793",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"name": "RHSA-2013:1507",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"name": "56338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56338"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2013-5457",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6, 6.0.1 before SR7, and 6.0.0 before SR15 allows remote attackers to execute arbitrary code via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21655202",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655202"
},
{
"name": "ibm-java-cve20135457-code-exec(88256)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88256"
},
{
"name": "RHSA-2013:1508",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"name": "SUSE-SU-2013:1677",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"name": "IV51334",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV51334"
},
{
"name": "https://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_November_2013",
"refsource": "CONFIRM",
"url": "https://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_November_2013"
},
{
"name": "RHSA-2013:1793",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"name": "RHSA-2013:1507",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"name": "56338",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56338"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2013-5457",
"datePublished": "2013-11-24T18:00:00",
"dateReserved": "2013-08-22T00:00:00",
"dateUpdated": "2024-08-06T17:15:20.222Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3006 (GCVE-0-2013-3006)
Vulnerability from cvelistv5
Published
2013-07-23 10:00
Modified
2024-08-06 15:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3008.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:52:21.358Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2013:1060",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
},
{
"name": "SUSE-SU-2013:1257",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
},
{
"name": "SUSE-SU-2013:1256",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
},
{
"name": "54154",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54154"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013"
},
{
"name": "ibm-java-cve20133006(84147)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84147"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21642336"
},
{
"name": "IV44790",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV44790"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-07-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3008."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "RHSA-2013:1060",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
},
{
"name": "SUSE-SU-2013:1257",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
},
{
"name": "SUSE-SU-2013:1256",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
},
{
"name": "54154",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54154"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013"
},
{
"name": "ibm-java-cve20133006(84147)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84147"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21642336"
},
{
"name": "IV44790",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV44790"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2013-3006",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3008."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2013:1060",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
},
{
"name": "SUSE-SU-2013:1257",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
},
{
"name": "SUSE-SU-2013:1256",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
},
{
"name": "54154",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54154"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197"
},
{
"name": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013"
},
{
"name": "ibm-java-cve20133006(84147)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84147"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21642336",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21642336"
},
{
"name": "IV44790",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV44790"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2013-3006",
"datePublished": "2013-07-23T10:00:00",
"dateReserved": "2013-04-12T00:00:00",
"dateUpdated": "2024-08-06T15:52:21.358Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3007 (GCVE-0-2013-3007)
Vulnerability from cvelistv5
Published
2013-07-23 10:00
Modified
2024-08-06 15:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 6.0.1 before 6.0.1 SR6 and 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3006.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:52:21.359Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2013:1060",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
},
{
"name": "SUSE-SU-2013:1257",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
},
{
"name": "SUSE-SU-2013:1256",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
},
{
"name": "54154",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54154"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197"
},
{
"name": "IX90117",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IX90117"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013"
},
{
"name": "ibm-java-cve20133007(84148)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84148"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21642336"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-07-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 6.0.1 before 6.0.1 SR6 and 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3006."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "RHSA-2013:1060",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
},
{
"name": "SUSE-SU-2013:1257",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
},
{
"name": "SUSE-SU-2013:1256",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
},
{
"name": "54154",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54154"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197"
},
{
"name": "IX90117",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IX90117"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013"
},
{
"name": "ibm-java-cve20133007(84148)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84148"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21642336"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2013-3007",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 6.0.1 before 6.0.1 SR6 and 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3006."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2013:1060",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
},
{
"name": "SUSE-SU-2013:1257",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
},
{
"name": "SUSE-SU-2013:1256",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
},
{
"name": "54154",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54154"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197"
},
{
"name": "IX90117",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IX90117"
},
{
"name": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013"
},
{
"name": "ibm-java-cve20133007(84148)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84148"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21642336",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21642336"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2013-3007",
"datePublished": "2013-07-23T10:00:00",
"dateReserved": "2013-04-12T00:00:00",
"dateUpdated": "2024-08-06T15:52:21.359Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-30441 (GCVE-0-2023-30441)
Vulnerability from cvelistv5
Published
2023-04-29 14:40
Modified
2025-01-30 17:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-327 - Use of a Broken or Risky Cryptographic Algorithm
Summary
IBM Runtime Environment, Java Technology Edition IBMJCEPlus and JSSE 8.0.7.0 through 8.0.7.11 components could expose sensitive information using a combination of flaws and configurations. IBM X-Force ID: 253188.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T14:21:44.927Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.ibm.com/support/pages/node/6985011"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.ibm.com/support/pages/node/6987167"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.ibm.com/support/pages/node/6986637"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.ibm.com/support/pages/node/6986617"
},
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/253188"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-30441",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-30T17:01:16.734539Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-30T17:01:26.113Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Java",
"vendor": "IBM",
"versions": [
{
"lessThanOrEqual": "8.0.7.11",
"status": "affected",
"version": "8.0.7.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "IBM Runtime Environment, Java Technology Edition IBMJCEPlus and JSSE 8.0.7.0 through 8.0.7.11 components could expose sensitive information using a combination of flaws and configurations. IBM X-Force ID: 253188."
}
],
"value": "IBM Runtime Environment, Java Technology Edition IBMJCEPlus and JSSE 8.0.7.0 through 8.0.7.11 components could expose sensitive information using a combination of flaws and configurations. IBM X-Force ID: 253188."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-327",
"description": "CWE-327 Use of a Broken or Risky Cryptographic Algorithm",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-29T14:40:40.263Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.ibm.com/support/pages/node/6985011"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://www.ibm.com/support/pages/node/6987167"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://www.ibm.com/support/pages/node/6986637"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://www.ibm.com/support/pages/node/6986617"
},
{
"tags": [
"vdb-entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/253188"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IBM Java information disclosure",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2023-30441",
"datePublished": "2023-04-29T14:40:40.263Z",
"dateReserved": "2023-04-08T15:56:40.868Z",
"dateUpdated": "2025-01-30T17:01:26.113Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-3387 (GCVE-0-2011-3387)
Vulnerability from cvelistv5
Published
2011-09-02 23:00
Modified
2024-08-06 23:29
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The class file parser in IBM Java 1.4.2 SR13 FP9 allows remote authenticated users to cause a denial of service (memory consumption or an infinite loop) via a crafted attribute length field in a class file, related to validation of a length field at the wrong time, a different vulnerability than CVE-2011-0311.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:29:56.838Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ibm-java-class-file-dos(69641)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69641"
},
{
"name": "PM42551",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "https://www-304.ibm.com/support/docview.wss?uid=isg1PM42551"
},
{
"name": "RHSA-2011:1265",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1265.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-06-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The class file parser in IBM Java 1.4.2 SR13 FP9 allows remote authenticated users to cause a denial of service (memory consumption or an infinite loop) via a crafted attribute length field in a class file, related to validation of a length field at the wrong time, a different vulnerability than CVE-2011-0311."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ibm-java-class-file-dos(69641)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69641"
},
{
"name": "PM42551",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "https://www-304.ibm.com/support/docview.wss?uid=isg1PM42551"
},
{
"name": "RHSA-2011:1265",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1265.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-3387",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The class file parser in IBM Java 1.4.2 SR13 FP9 allows remote authenticated users to cause a denial of service (memory consumption or an infinite loop) via a crafted attribute length field in a class file, related to validation of a length field at the wrong time, a different vulnerability than CVE-2011-0311."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ibm-java-class-file-dos(69641)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69641"
},
{
"name": "PM42551",
"refsource": "AIXAPAR",
"url": "https://www-304.ibm.com/support/docview.wss?uid=isg1PM42551"
},
{
"name": "RHSA-2011:1265",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1265.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-3387",
"datePublished": "2011-09-02T23:00:00",
"dateReserved": "2011-09-02T00:00:00",
"dateUpdated": "2024-08-06T23:29:56.838Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3010 (GCVE-0-2013-3010)
Vulnerability from cvelistv5
Published
2013-07-23 10:00
Modified
2024-08-06 15:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 6.0.1 before 6.0.1 SR6 and 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3007.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:52:21.587Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2013:1060",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
},
{
"name": "IX90119",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IX90119"
},
{
"name": "SUSE-SU-2013:1257",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
},
{
"name": "SUSE-SU-2013:1256",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
},
{
"name": "54154",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54154"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197"
},
{
"name": "ibm-java-cve20133010(84151)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84151"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21642336"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-07-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 6.0.1 before 6.0.1 SR6 and 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3007."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "RHSA-2013:1060",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
},
{
"name": "IX90119",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IX90119"
},
{
"name": "SUSE-SU-2013:1257",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
},
{
"name": "SUSE-SU-2013:1256",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
},
{
"name": "54154",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54154"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197"
},
{
"name": "ibm-java-cve20133010(84151)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84151"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21642336"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2013-3010",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 6.0.1 before 6.0.1 SR6 and 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3007."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2013:1060",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
},
{
"name": "IX90119",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IX90119"
},
{
"name": "SUSE-SU-2013:1257",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
},
{
"name": "SUSE-SU-2013:1256",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
},
{
"name": "54154",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54154"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197"
},
{
"name": "ibm-java-cve20133010(84151)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84151"
},
{
"name": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21642336",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21642336"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2013-3010",
"datePublished": "2013-07-23T10:00:00",
"dateReserved": "2013-04-12T00:00:00",
"dateUpdated": "2024-08-06T15:52:21.587Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-5375 (GCVE-0-2013-5375)
Vulnerability from cvelistv5
Published
2013-11-24 18:00
Modified
2024-08-06 17:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6, 6.0.1 before SR7, 6.0.0 before SR15, and 5.0.0 before SR16 FP4 allows remote attackers to access restricted classes via unspecified vectors related to XML and XSL.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T17:06:52.400Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "IV51090",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV51090"
},
{
"name": "ibm-xslt-cve20135375-security-bypass(86901)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86901"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655202"
},
{
"name": "RHSA-2013:1508",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"name": "SUSE-SU-2013:1677",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_November_2013"
},
{
"name": "RHSA-2013:1793",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"name": "RHSA-2013:1509",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1509.html"
},
{
"name": "RHSA-2013:1507",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"name": "56338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56338"
},
{
"name": "IV51089",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV51089"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-11-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6, 6.0.1 before SR7, 6.0.0 before SR15, and 5.0.0 before SR16 FP4 allows remote attackers to access restricted classes via unspecified vectors related to XML and XSL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "IV51090",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV51090"
},
{
"name": "ibm-xslt-cve20135375-security-bypass(86901)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86901"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655202"
},
{
"name": "RHSA-2013:1508",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"name": "SUSE-SU-2013:1677",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_November_2013"
},
{
"name": "RHSA-2013:1793",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"name": "RHSA-2013:1509",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1509.html"
},
{
"name": "RHSA-2013:1507",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"name": "56338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56338"
},
{
"name": "IV51089",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV51089"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2013-5375",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6, 6.0.1 before SR7, 6.0.0 before SR15, and 5.0.0 before SR16 FP4 allows remote attackers to access restricted classes via unspecified vectors related to XML and XSL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "IV51090",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV51090"
},
{
"name": "ibm-xslt-cve20135375-security-bypass(86901)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86901"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21655202",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655202"
},
{
"name": "RHSA-2013:1508",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"name": "SUSE-SU-2013:1677",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"name": "https://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_November_2013",
"refsource": "CONFIRM",
"url": "https://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_November_2013"
},
{
"name": "RHSA-2013:1793",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"name": "RHSA-2013:1509",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1509.html"
},
{
"name": "RHSA-2013:1507",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"name": "56338",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56338"
},
{
"name": "IV51089",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV51089"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2013-5375",
"datePublished": "2013-11-24T18:00:00",
"dateReserved": "2013-08-22T00:00:00",
"dateUpdated": "2024-08-06T17:06:52.400Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-4821 (GCVE-0-2012-4821)
Vulnerability from cvelistv5
Published
2013-01-11 00:00
Modified
2024-08-06 20:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple unspecified vulnerabilities in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes & Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allow remote attackers to execute arbitrary code via "insecure use" of the (1) java.lang.Class getDeclaredMethods or nd (2) java.lang.reflect.AccessibleObject setAccessible() methods.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:50:16.927Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594"
},
{
"name": "ibm-java-gdm-sa-ce(78765)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78765"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
},
{
"name": "20120911 [SE-2012-01] Security vulnerabilities in IBM Java",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://seclists.org/bugtraq/2012/Sep/38"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652"
},
{
"name": "IV29659",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV29659"
},
{
"name": "55495",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/55495"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546"
},
{
"name": "RHSA-2012:1467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708"
},
{
"name": "51634",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51634"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705"
},
{
"name": "51326",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51326"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-09-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes \u0026 Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allow remote attackers to execute arbitrary code via \"insecure use\" of the (1) java.lang.Class getDeclaredMethods or nd (2) java.lang.reflect.AccessibleObject setAccessible() methods."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594"
},
{
"name": "ibm-java-gdm-sa-ce(78765)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78765"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
},
{
"name": "20120911 [SE-2012-01] Security vulnerabilities in IBM Java",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://seclists.org/bugtraq/2012/Sep/38"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652"
},
{
"name": "IV29659",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV29659"
},
{
"name": "55495",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/55495"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546"
},
{
"name": "RHSA-2012:1467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708"
},
{
"name": "51634",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51634"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705"
},
{
"name": "51326",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51326"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2012-4821",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes \u0026 Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allow remote attackers to execute arbitrary code via \"insecure use\" of the (1) java.lang.Class getDeclaredMethods or nd (2) java.lang.reflect.AccessibleObject setAccessible() methods."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594"
},
{
"name": "ibm-java-gdm-sa-ce(78765)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78765"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
},
{
"name": "20120911 [SE-2012-01] Security vulnerabilities in IBM Java",
"refsource": "BUGTRAQ",
"url": "http://seclists.org/bugtraq/2012/Sep/38"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652"
},
{
"name": "IV29659",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV29659"
},
{
"name": "55495",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/55495"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
},
{
"name": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546",
"refsource": "CONFIRM",
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546"
},
{
"name": "RHSA-2012:1467",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708"
},
{
"name": "51634",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51634"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705"
},
{
"name": "51326",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51326"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2012-4821",
"datePublished": "2013-01-11T00:00:00",
"dateReserved": "2012-09-06T00:00:00",
"dateUpdated": "2024-08-06T20:50:16.927Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-3065 (GCVE-0-2014-3065)
Vulnerability from cvelistv5
Published
2014-12-02 01:00
Modified
2024-08-06 10:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in IBM Java Runtime Environment (JRE) 7 R1 before SR2 (7.1.2.0), 7 before SR8 (7.0.8.0), 6 R1 before SR8 FP2 (6.1.8.2), 6 before SR16 FP2 (6.0.16.2), and before SR16 FP8 (5.0.16.8) allows local users to execute arbitrary code via vectors related to the shared classes cache.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:35:55.374Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2014:1880",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1880.html"
},
{
"name": "RHSA-2014:1877",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1877.html"
},
{
"name": "IV66045",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV66045"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283"
},
{
"name": "IV66044",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV66044"
},
{
"name": "RHSA-2014:1881",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1881.html"
},
{
"name": "SUSE-SU-2014:1549",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html"
},
{
"name": "SUSE-SU-2015:0376",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html"
},
{
"name": "RHSA-2014:1876",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1876.html"
},
{
"name": "RHSA-2015:0264",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1162554"
},
{
"name": "SUSE-SU-2015:0392",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"
},
{
"name": "SUSE-SU-2014:1526",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html"
},
{
"name": "SUSE-SU-2015:0345",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html"
},
{
"name": "RHSA-2014:1882",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1882.html"
},
{
"name": "71147",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/71147"
},
{
"name": "SUSE-SU-2015:0344",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-10-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in IBM Java Runtime Environment (JRE) 7 R1 before SR2 (7.1.2.0), 7 before SR8 (7.0.8.0), 6 R1 before SR8 FP2 (6.1.8.2), 6 before SR16 FP2 (6.0.16.2), and before SR16 FP8 (5.0.16.8) allows local users to execute arbitrary code via vectors related to the shared classes cache."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-03-16T16:57:00",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "RHSA-2014:1880",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1880.html"
},
{
"name": "RHSA-2014:1877",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1877.html"
},
{
"name": "IV66045",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV66045"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283"
},
{
"name": "IV66044",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV66044"
},
{
"name": "RHSA-2014:1881",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1881.html"
},
{
"name": "SUSE-SU-2014:1549",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html"
},
{
"name": "SUSE-SU-2015:0376",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html"
},
{
"name": "RHSA-2014:1876",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1876.html"
},
{
"name": "RHSA-2015:0264",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1162554"
},
{
"name": "SUSE-SU-2015:0392",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"
},
{
"name": "SUSE-SU-2014:1526",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html"
},
{
"name": "SUSE-SU-2015:0345",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html"
},
{
"name": "RHSA-2014:1882",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-1882.html"
},
{
"name": "71147",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/71147"
},
{
"name": "SUSE-SU-2015:0344",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-3065",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in IBM Java Runtime Environment (JRE) 7 R1 before SR2 (7.1.2.0), 7 before SR8 (7.0.8.0), 6 R1 before SR8 FP2 (6.1.8.2), 6 before SR16 FP2 (6.0.16.2), and before SR16 FP8 (5.0.16.8) allows local users to execute arbitrary code via vectors related to the shared classes cache."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2014:1880",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1880.html"
},
{
"name": "RHSA-2014:1877",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1877.html"
},
{
"name": "IV66045",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV66045"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283"
},
{
"name": "IV66044",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV66044"
},
{
"name": "RHSA-2014:1881",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1881.html"
},
{
"name": "SUSE-SU-2014:1549",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html"
},
{
"name": "SUSE-SU-2015:0376",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html"
},
{
"name": "RHSA-2014:1876",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1876.html"
},
{
"name": "RHSA-2015:0264",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1162554",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1162554"
},
{
"name": "SUSE-SU-2015:0392",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"
},
{
"name": "SUSE-SU-2014:1526",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html"
},
{
"name": "SUSE-SU-2015:0345",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html"
},
{
"name": "RHSA-2014:1882",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1882.html"
},
{
"name": "71147",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/71147"
},
{
"name": "SUSE-SU-2015:0344",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2014-3065",
"datePublished": "2014-12-02T01:00:00",
"dateReserved": "2014-04-29T00:00:00",
"dateUpdated": "2024-08-06T10:35:55.374Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-3068 (GCVE-0-2014-3068)
Vulnerability from cvelistv5
Published
2014-12-02 01:00
Modified
2024-08-06 10:35
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
IBM Java Runtime Environment (JRE) 7 R1 before SR1 FP1 (7.1.1.1), 7 before SR7 FP1 (7.0.7.1), 6 R1 before SR8 FP1 (6.1.8.1), 6 before SR16 FP1 (6.0.16.1), and before 5.0 SR16 FP7 (5.0.16.7) allows attackers to obtain the private key from a Certificate Management System (CMS) keystore via a brute force attack.
References
| ► | URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:35:55.934Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ibm-ikeyman-cve20143068-info-disc(93756)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93756"
},
{
"name": "IV66876",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV66876"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21691089"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1164201"
},
{
"name": "RHSA-2015:0264",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
},
{
"name": "IV66894",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV66894"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-10-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM Java Runtime Environment (JRE) 7 R1 before SR1 FP1 (7.1.1.1), 7 before SR7 FP1 (7.0.7.1), 6 R1 before SR8 FP1 (6.1.8.1), 6 before SR16 FP1 (6.0.16.1), and before 5.0 SR16 FP7 (5.0.16.7) allows attackers to obtain the private key from a Certificate Management System (CMS) keystore via a brute force attack."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "ibm-ikeyman-cve20143068-info-disc(93756)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93756"
},
{
"name": "IV66876",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV66876"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21691089"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1164201"
},
{
"name": "RHSA-2015:0264",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
},
{
"name": "IV66894",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV66894"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2014-3068",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Java Runtime Environment (JRE) 7 R1 before SR1 FP1 (7.1.1.1), 7 before SR7 FP1 (7.0.7.1), 6 R1 before SR8 FP1 (6.1.8.1), 6 before SR16 FP1 (6.0.16.1), and before 5.0 SR16 FP7 (5.0.16.7) allows attackers to obtain the private key from a Certificate Management System (CMS) keystore via a brute force attack."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ibm-ikeyman-cve20143068-info-disc(93756)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/93756"
},
{
"name": "IV66876",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV66876"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21691089",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21691089"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1164201",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1164201"
},
{
"name": "RHSA-2015:0264",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
},
{
"name": "IV66894",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV66894"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2014-3068",
"datePublished": "2014-12-02T01:00:00",
"dateReserved": "2014-04-29T00:00:00",
"dateUpdated": "2024-08-06T10:35:55.934Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-4823 (GCVE-0-2012-4823)
Vulnerability from cvelistv5
Published
2013-01-11 00:00
Modified
2024-08-06 20:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes & Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allows remote attackers to execute arbitrary code via vectors related to "insecure use of the java.lang.ClassLoder defineClass() method."
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:50:17.295Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2012:1466",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1466.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
},
{
"name": "20120911 [SE-2012-01] Security vulnerabilities in IBM Java",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://seclists.org/bugtraq/2012/Sep/38"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652"
},
{
"name": "RHSA-2013:1455",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
},
{
"name": "IV29687",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV29687"
},
{
"name": "55495",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/55495"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
},
{
"name": "51327",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51327"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546"
},
{
"name": "ibm-java-defineclass-code-execution(78767)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78767"
},
{
"name": "RHSA-2012:1467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708"
},
{
"name": "51634",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51634"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705"
},
{
"name": "RHSA-2013:1456",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
},
{
"name": "51326",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51326"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-09-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes \u0026 Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allows remote attackers to execute arbitrary code via vectors related to \"insecure use of the java.lang.ClassLoder defineClass() method.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "RHSA-2012:1466",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1466.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
},
{
"name": "20120911 [SE-2012-01] Security vulnerabilities in IBM Java",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://seclists.org/bugtraq/2012/Sep/38"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652"
},
{
"name": "RHSA-2013:1455",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
},
{
"name": "IV29687",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV29687"
},
{
"name": "55495",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/55495"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
},
{
"name": "51327",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51327"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546"
},
{
"name": "ibm-java-defineclass-code-execution(78767)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78767"
},
{
"name": "RHSA-2012:1467",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708"
},
{
"name": "51634",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51634"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705"
},
{
"name": "RHSA-2013:1456",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
},
{
"name": "51326",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51326"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2012-4823",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes \u0026 Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allows remote attackers to execute arbitrary code via vectors related to \"insecure use of the java.lang.ClassLoder defineClass() method.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2012:1466",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1466.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616616"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616594"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616617"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21621154"
},
{
"name": "20120911 [SE-2012-01] Security vulnerabilities in IBM Java",
"refsource": "BUGTRAQ",
"url": "http://seclists.org/bugtraq/2012/Sep/38"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616652"
},
{
"name": "RHSA-2013:1455",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1455.html"
},
{
"name": "IV29687",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV29687"
},
{
"name": "55495",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/55495"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615800"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616490"
},
{
"name": "51327",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51327"
},
{
"name": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546",
"refsource": "CONFIRM",
"url": "https://www-304.ibm.com/support/docview.wss?uid=swg21616546"
},
{
"name": "ibm-java-defineclass-code-execution(78767)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78767"
},
{
"name": "RHSA-2012:1467",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1467.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21616708"
},
{
"name": "51634",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51634"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21615705"
},
{
"name": "RHSA-2013:1456",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1456.html"
},
{
"name": "51326",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51326"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2012-4823",
"datePublished": "2013-01-11T00:00:00",
"dateReserved": "2012-09-06T00:00:00",
"dateUpdated": "2024-08-06T20:50:17.295Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-0192 (GCVE-0-2015-0192)
Vulnerability from cvelistv5
Published
2015-07-02 21:16
Modified
2024-08-06 04:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in IBM Java 8 before SR1, 7 R1 before SR2 FP11, 7 before SR9, 6 R1 before SR8 FP4, 6 before SR16 FP4, and 5.0 before SR16 FP10 allows remote attackers to gain privileges via unknown vectors related to the Java Virtual Machine.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:03:10.540Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2015:1007",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1007.html"
},
{
"name": "RHSA-2015:1006",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1006.html"
},
{
"name": "IV70683",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV70683"
},
{
"name": "RHSA-2015:1091",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1091.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883640"
},
{
"name": "SUSE-SU-2015:1138",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html"
},
{
"name": "RHSA-2015:1020",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1020.html"
},
{
"name": "SUSE-SU-2015:1086",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html"
},
{
"name": "IV70682",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV70682"
},
{
"name": "SUSE-SU-2015:1085",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html"
},
{
"name": "RHSA-2015:1021",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1021.html"
},
{
"name": "SUSE-SU-2015:1073",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html"
},
{
"name": "SUSE-SU-2015:1161",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in IBM Java 8 before SR1, 7 R1 before SR2 FP11, 7 before SR9, 6 R1 before SR8 FP4, 6 before SR16 FP4, and 5.0 before SR16 FP10 allows remote attackers to gain privileges via unknown vectors related to the Java Virtual Machine."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-23T18:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "RHSA-2015:1007",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1007.html"
},
{
"name": "RHSA-2015:1006",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1006.html"
},
{
"name": "IV70683",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV70683"
},
{
"name": "RHSA-2015:1091",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1091.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883640"
},
{
"name": "SUSE-SU-2015:1138",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html"
},
{
"name": "RHSA-2015:1020",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1020.html"
},
{
"name": "SUSE-SU-2015:1086",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html"
},
{
"name": "IV70682",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV70682"
},
{
"name": "SUSE-SU-2015:1085",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html"
},
{
"name": "RHSA-2015:1021",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2015-1021.html"
},
{
"name": "SUSE-SU-2015:1073",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html"
},
{
"name": "SUSE-SU-2015:1161",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2015-0192",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in IBM Java 8 before SR1, 7 R1 before SR2 FP11, 7 before SR9, 6 R1 before SR8 FP4, 6 before SR16 FP4, and 5.0 before SR16 FP10 allows remote attackers to gain privileges via unknown vectors related to the Java Virtual Machine."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2015:1007",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1007.html"
},
{
"name": "RHSA-2015:1006",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1006.html"
},
{
"name": "IV70683",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV70683"
},
{
"name": "RHSA-2015:1091",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1091.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21883640",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883640"
},
{
"name": "SUSE-SU-2015:1138",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html"
},
{
"name": "RHSA-2015:1020",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1020.html"
},
{
"name": "SUSE-SU-2015:1086",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html"
},
{
"name": "IV70682",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV70682"
},
{
"name": "SUSE-SU-2015:1085",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html"
},
{
"name": "RHSA-2015:1021",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2015-1021.html"
},
{
"name": "SUSE-SU-2015:1073",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html"
},
{
"name": "SUSE-SU-2015:1161",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2015-0192",
"datePublished": "2015-07-02T21:16:00",
"dateReserved": "2014-11-18T00:00:00",
"dateUpdated": "2024-08-06T04:03:10.540Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-0311 (GCVE-0-2011-0311)
Vulnerability from cvelistv5
Published
2011-09-02 23:00
Modified
2024-08-06 21:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The class file parser in IBM Java before 1.4.2 SR13 FP9, as used in IBM Runtimes for Java Technology 5.0.0 before SR13 and 6.0.0 before SR10, allows remote authenticated users to cause a denial of service (JVM segmentation fault, and possibly memory consumption or an infinite loop) via a crafted attribute length field in a class file, which triggers a buffer over-read.
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:51:07.806Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "SUSE-SU-2011:0823",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00010.html"
},
{
"name": "IZ89602",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ89602"
},
{
"name": "RHSA-2011:1159",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1159.html"
},
{
"name": "ibm-rjt-classfile-dos(65189)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65189"
},
{
"name": "IZ89620",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ89620"
},
{
"name": "PM42551",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "https://www-304.ibm.com/support/docview.wss?uid=isg1PM42551"
},
{
"name": "SUSE-SA:2011:024",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00004.html"
},
{
"name": "RHSA-2011:1265",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1265.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-01-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The class file parser in IBM Java before 1.4.2 SR13 FP9, as used in IBM Runtimes for Java Technology 5.0.0 before SR13 and 6.0.0 before SR10, allows remote authenticated users to cause a denial of service (JVM segmentation fault, and possibly memory consumption or an infinite loop) via a crafted attribute length field in a class file, which triggers a buffer over-read."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "SUSE-SU-2011:0823",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00010.html"
},
{
"name": "IZ89602",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ89602"
},
{
"name": "RHSA-2011:1159",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1159.html"
},
{
"name": "ibm-rjt-classfile-dos(65189)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65189"
},
{
"name": "IZ89620",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ89620"
},
{
"name": "PM42551",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "https://www-304.ibm.com/support/docview.wss?uid=isg1PM42551"
},
{
"name": "SUSE-SA:2011:024",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00004.html"
},
{
"name": "RHSA-2011:1265",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2011-1265.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-0311",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The class file parser in IBM Java before 1.4.2 SR13 FP9, as used in IBM Runtimes for Java Technology 5.0.0 before SR13 and 6.0.0 before SR10, allows remote authenticated users to cause a denial of service (JVM segmentation fault, and possibly memory consumption or an infinite loop) via a crafted attribute length field in a class file, which triggers a buffer over-read."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "SUSE-SU-2011:0823",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00010.html"
},
{
"name": "IZ89602",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ89602"
},
{
"name": "RHSA-2011:1159",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1159.html"
},
{
"name": "ibm-rjt-classfile-dos(65189)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65189"
},
{
"name": "IZ89620",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ89620"
},
{
"name": "PM42551",
"refsource": "AIXAPAR",
"url": "https://www-304.ibm.com/support/docview.wss?uid=isg1PM42551"
},
{
"name": "SUSE-SA:2011:024",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00004.html"
},
{
"name": "RHSA-2011:1265",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2011-1265.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-0311",
"datePublished": "2011-09-02T23:00:00",
"dateReserved": "2011-01-06T00:00:00",
"dateUpdated": "2024-08-06T21:51:07.806Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3012 (GCVE-0-2013-3012)
Vulnerability from cvelistv5
Published
2013-07-23 10:00
Modified
2024-08-06 15:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 1.4.2 before 1.4.2 SR13-FP18, 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3009 and CVE-2013-3011.
References
| ► | URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:52:21.782Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2013:1060",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
},
{
"name": "ibm-java-cve20133012(84153)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84153"
},
{
"name": "IV44798",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV44798"
},
{
"name": "SUSE-SU-2013:1264",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00031.html"
},
{
"name": "SUSE-SU-2013:1257",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
},
{
"name": "IV44796",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV44796"
},
{
"name": "SUSE-SU-2013:1256",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
},
{
"name": "54154",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54154"
},
{
"name": "SUSE-SU-2013:1263",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html"
},
{
"name": "RHSA-2013:1059",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1059.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013"
},
{
"name": "SUSE-SU-2013:1293",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html"
},
{
"name": "RHSA-2013:1081",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1081.html"
},
{
"name": "PM91730",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM91730"
},
{
"name": "SUSE-SU-2013:1255",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html"
},
{
"name": "IV44797",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV44797"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21642336"
},
{
"name": "SUSE-SU-2013:1305",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-06-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 1.4.2 before 1.4.2 SR13-FP18, 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3009 and CVE-2013-3011."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-28T14:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "RHSA-2013:1060",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
},
{
"name": "ibm-java-cve20133012(84153)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84153"
},
{
"name": "IV44798",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV44798"
},
{
"name": "SUSE-SU-2013:1264",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00031.html"
},
{
"name": "SUSE-SU-2013:1257",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
},
{
"name": "IV44796",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV44796"
},
{
"name": "SUSE-SU-2013:1256",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
},
{
"name": "54154",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54154"
},
{
"name": "SUSE-SU-2013:1263",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html"
},
{
"name": "RHSA-2013:1059",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1059.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013"
},
{
"name": "SUSE-SU-2013:1293",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html"
},
{
"name": "RHSA-2013:1081",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1081.html"
},
{
"name": "PM91730",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM91730"
},
{
"name": "SUSE-SU-2013:1255",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html"
},
{
"name": "IV44797",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV44797"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21642336"
},
{
"name": "SUSE-SU-2013:1305",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2013-3012",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 1.4.2 before 1.4.2 SR13-FP18, 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3009 and CVE-2013-3011."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2013:1060",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
},
{
"name": "ibm-java-cve20133012(84153)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84153"
},
{
"name": "IV44798",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV44798"
},
{
"name": "SUSE-SU-2013:1264",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00031.html"
},
{
"name": "SUSE-SU-2013:1257",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
},
{
"name": "IV44796",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV44796"
},
{
"name": "SUSE-SU-2013:1256",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
},
{
"name": "54154",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54154"
},
{
"name": "SUSE-SU-2013:1263",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html"
},
{
"name": "RHSA-2013:1059",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1059.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197"
},
{
"name": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013"
},
{
"name": "SUSE-SU-2013:1293",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html"
},
{
"name": "RHSA-2013:1081",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1081.html"
},
{
"name": "PM91730",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM91730"
},
{
"name": "SUSE-SU-2013:1255",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html"
},
{
"name": "IV44797",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV44797"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21642336",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21642336"
},
{
"name": "SUSE-SU-2013:1305",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2013-3012",
"datePublished": "2013-07-23T10:00:00",
"dateReserved": "2013-04-12T00:00:00",
"dateUpdated": "2024-08-06T15:52:21.782Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-4732 (GCVE-0-2019-4732)
Vulnerability from cvelistv5
Published
2020-02-03 16:45
Modified
2024-09-16 22:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Gain Privileges
Summary
IBM SDK, Java Technology Edition Version 7.0.0.0 through 7.0.10.55, 7.1.0.0 through 7.1.4.55, and 8.0.0.0 through 8.0.6.0 could allow a local authenticated attacker to execute arbitrary code on the system, caused by DLL search order hijacking vulnerability in Microsoft Windows client. By placing a specially-crafted file in a compromised folder, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 172618.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:40:48.965Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.ibm.com/support/pages/node/1288060"
},
{
"name": "ibm-sdk-cve20194732-code-exec (172618)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/172618"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Java",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7.0.0.0"
},
{
"status": "affected",
"version": "7.1.0.0"
},
{
"status": "affected",
"version": "8.0.0.0"
},
{
"status": "affected",
"version": "7.0.10.55"
},
{
"status": "affected",
"version": "7.1.4.55"
},
{
"status": "affected",
"version": "8.0.6.0"
}
]
}
],
"datePublic": "2020-01-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "IBM SDK, Java Technology Edition Version 7.0.0.0 through 7.0.10.55, 7.1.0.0 through 7.1.4.55, and 8.0.0.0 through 8.0.6.0 could allow a local authenticated attacker to execute arbitrary code on the system, caused by DLL search order hijacking vulnerability in Microsoft Windows client. By placing a specially-crafted file in a compromised folder, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 172618."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitCodeMaturity": "UNPROVEN",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"remediationLevel": "OFFICIAL_FIX",
"reportConfidence": "CONFIRMED",
"scope": "CHANGED",
"temporalScore": 6.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AC:H/AV:L/PR:H/I:H/C:H/A:H/S:C/UI:R/E:U/RC:C/RL:O",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Gain Privileges",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-03T16:45:18",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.ibm.com/support/pages/node/1288060"
},
{
"name": "ibm-sdk-cve20194732-code-exec (172618)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/172618"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2020-01-31T00:00:00",
"ID": "CVE-2019-4732",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Java",
"version": {
"version_data": [
{
"version_value": "7.0.0.0"
},
{
"version_value": "7.1.0.0"
},
{
"version_value": "8.0.0.0"
},
{
"version_value": "7.0.10.55"
},
{
"version_value": "7.1.4.55"
},
{
"version_value": "8.0.6.0"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM SDK, Java Technology Edition Version 7.0.0.0 through 7.0.10.55, 7.1.0.0 through 7.1.4.55, and 8.0.0.0 through 8.0.6.0 could allow a local authenticated attacker to execute arbitrary code on the system, caused by DLL search order hijacking vulnerability in Microsoft Windows client. By placing a specially-crafted file in a compromised folder, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 172618."
}
]
},
"impact": {
"cvssv3": {
"BM": {
"A": "H",
"AC": "H",
"AV": "L",
"C": "H",
"I": "H",
"PR": "H",
"S": "C",
"UI": "R"
},
"TM": {
"E": "U",
"RC": "C",
"RL": "O"
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Gain Privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.ibm.com/support/pages/node/1288060",
"refsource": "CONFIRM",
"title": "IBM Security Bulletin 1288060 (Java)",
"url": "https://www.ibm.com/support/pages/node/1288060"
},
{
"name": "ibm-sdk-cve20194732-code-exec (172618)",
"refsource": "XF",
"title": "X-Force Vulnerability Report",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/172618"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2019-4732",
"datePublished": "2020-02-03T16:45:18.286953Z",
"dateReserved": "2019-01-03T00:00:00",
"dateUpdated": "2024-09-16T22:09:29.963Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-4473 (GCVE-0-2019-4473)
Vulnerability from cvelistv5
Published
2019-08-05 13:40
Modified
2024-09-16 17:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Gain Privileges
Summary
Multiple binaries in IBM SDK, Java Technology Edition 7, 7R, and 8 on the AIX platform use insecure absolute RPATHs, which may facilitate code injection and privilege elevation by local users. IBM X-Force ID: 163984.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:33:37.949Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10960422"
},
{
"name": "ibm-java-cve20194473-priv-escalation (163984)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/163984"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Java",
"vendor": "IBM",
"versions": [
{
"status": "affected",
"version": "7"
},
{
"status": "affected",
"version": "7R1"
},
{
"status": "affected",
"version": "8"
}
]
}
],
"datePublic": "2019-08-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple binaries in IBM SDK, Java Technology Edition 7, 7R, and 8 on the AIX platform use insecure absolute RPATHs, which may facilitate code injection and privilege elevation by local users. IBM X-Force ID: 163984."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitCodeMaturity": "UNPROVEN",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"remediationLevel": "OFFICIAL_FIX",
"reportConfidence": "CONFIRMED",
"scope": "UNCHANGED",
"temporalScore": 7.3,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/I:H/AC:L/A:H/C:H/UI:N/PR:N/AV:L/S:U/RL:O/RC:C/E:U",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Gain Privileges",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-08-05T13:40:15",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10960422"
},
{
"name": "ibm-java-cve20194473-priv-escalation (163984)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/163984"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2019-08-01T00:00:00",
"ID": "CVE-2019-4473",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Java",
"version": {
"version_data": [
{
"version_value": "7"
},
{
"version_value": "7R1"
},
{
"version_value": "8"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple binaries in IBM SDK, Java Technology Edition 7, 7R, and 8 on the AIX platform use insecure absolute RPATHs, which may facilitate code injection and privilege elevation by local users. IBM X-Force ID: 163984."
}
]
},
"impact": {
"cvssv3": {
"BM": {
"A": "H",
"AC": "L",
"AV": "L",
"C": "H",
"I": "H",
"PR": "N",
"S": "U",
"UI": "N"
},
"TM": {
"E": "U",
"RC": "C",
"RL": "O"
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Gain Privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.ibm.com/support/docview.wss?uid=ibm10960422",
"refsource": "CONFIRM",
"title": "IBM Security Bulletin 960422 (Java)",
"url": "http://www.ibm.com/support/docview.wss?uid=ibm10960422"
},
{
"name": "ibm-java-cve20194473-priv-escalation (163984)",
"refsource": "XF",
"title": "X-Force Vulnerability Report",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/163984"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2019-4473",
"datePublished": "2019-08-05T13:40:15.625844Z",
"dateReserved": "2019-01-03T00:00:00",
"dateUpdated": "2024-09-16T17:28:54.997Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3008 (GCVE-0-2013-3008)
Vulnerability from cvelistv5
Published
2013-07-23 10:00
Modified
2024-08-06 15:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3006.
References
| ► | URL | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:52:21.691Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2013:1060",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
},
{
"name": "SUSE-SU-2013:1257",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
},
{
"name": "IV44791",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV44791"
},
{
"name": "SUSE-SU-2013:1256",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
},
{
"name": "54154",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54154"
},
{
"name": "ibm-java-cve20133008(84149)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84149"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21642336"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-07-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3006."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "RHSA-2013:1060",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
},
{
"name": "SUSE-SU-2013:1257",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
},
{
"name": "IV44791",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV44791"
},
{
"name": "SUSE-SU-2013:1256",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
},
{
"name": "54154",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54154"
},
{
"name": "ibm-java-cve20133008(84149)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84149"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21642336"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2013-3008",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3006."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2013:1060",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
},
{
"name": "SUSE-SU-2013:1257",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
},
{
"name": "IV44791",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV44791"
},
{
"name": "SUSE-SU-2013:1256",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
},
{
"name": "54154",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54154"
},
{
"name": "ibm-java-cve20133008(84149)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84149"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197"
},
{
"name": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21642336",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21642336"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2013-3008",
"datePublished": "2013-07-23T10:00:00",
"dateReserved": "2013-04-12T00:00:00",
"dateUpdated": "2024-08-06T15:52:21.691Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-1916 (GCVE-0-2015-1916)
Vulnerability from cvelistv5
Published
2015-07-02 21:16
Modified
2024-08-06 04:54
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in IBM Java 8 before SR1 allows remote attackers to cause a denial of service via unknown vectors related to SSL/TLS and the Secure Socket Extension provider.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:54:16.436Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "IV72245",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV72245"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883640"
},
{
"name": "1032779",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032779"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-05-05T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in IBM Java 8 before SR1 allows remote attackers to cause a denial of service via unknown vectors related to SSL/TLS and the Secure Socket Extension provider."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-12-23T18:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "IV72245",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV72245"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883640"
},
{
"name": "1032779",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032779"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2015-1916",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in IBM Java 8 before SR1 allows remote attackers to cause a denial of service via unknown vectors related to SSL/TLS and the Secure Socket Extension provider."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "IV72245",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV72245"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21883640",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883640"
},
{
"name": "1032779",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032779"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2015-1916",
"datePublished": "2015-07-02T21:16:00",
"dateReserved": "2015-02-19T00:00:00",
"dateUpdated": "2024-08-06T04:54:16.436Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4041 (GCVE-0-2013-4041)
Vulnerability from cvelistv5
Published
2013-11-24 18:00
Modified
2024-08-06 16:30
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in IBM Java SDK 5.0.0 before SR16 FP4, 7.0.0 before SR6, 6.0.1 before SR7, and 6.0.0 before SR15 allows remote attackers to access restricted classes via unspecified vectors.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:30:49.863Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ibm-java-cve20134041-priv-escalation(86416)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86416"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655202"
},
{
"name": "IV51088",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV51088"
},
{
"name": "RHSA-2013:1508",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"name": "SUSE-SU-2013:1677",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_November_2013"
},
{
"name": "IV51087",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV51087"
},
{
"name": "RHSA-2013:1793",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"name": "RHSA-2013:1509",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1509.html"
},
{
"name": "RHSA-2013:1507",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"name": "56338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/56338"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-11-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in IBM Java SDK 5.0.0 before SR16 FP4, 7.0.0 before SR6, 6.0.1 before SR7, and 6.0.0 before SR15 allows remote attackers to access restricted classes via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "ibm-java-cve20134041-priv-escalation(86416)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86416"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655202"
},
{
"name": "IV51088",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV51088"
},
{
"name": "RHSA-2013:1508",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"name": "SUSE-SU-2013:1677",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_November_2013"
},
{
"name": "IV51087",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV51087"
},
{
"name": "RHSA-2013:1793",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"name": "RHSA-2013:1509",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1509.html"
},
{
"name": "RHSA-2013:1507",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"name": "56338",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/56338"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2013-4041",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in IBM Java SDK 5.0.0 before SR16 FP4, 7.0.0 before SR6, 6.0.1 before SR7, and 6.0.0 before SR15 allows remote attackers to access restricted classes via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ibm-java-cve20134041-priv-escalation(86416)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86416"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21655202",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655202"
},
{
"name": "IV51088",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV51088"
},
{
"name": "RHSA-2013:1508",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"name": "SUSE-SU-2013:1677",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"name": "https://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_November_2013",
"refsource": "CONFIRM",
"url": "https://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_November_2013"
},
{
"name": "IV51087",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV51087"
},
{
"name": "RHSA-2013:1793",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"name": "RHSA-2013:1509",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1509.html"
},
{
"name": "RHSA-2013:1507",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"name": "56338",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56338"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2013-4041",
"datePublished": "2013-11-24T18:00:00",
"dateReserved": "2013-06-07T00:00:00",
"dateUpdated": "2024-08-06T16:30:49.863Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3011 (GCVE-0-2013-3011)
Vulnerability from cvelistv5
Published
2013-07-23 10:00
Modified
2024-08-06 15:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 1.4.2 before 1.4.2 SR13-FP18, 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3009 and CVE-2013-3012.
References
| ► | URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:52:21.574Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "IV44793",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV44793"
},
{
"name": "PM91729",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM91729"
},
{
"name": "RHSA-2013:1060",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
},
{
"name": "ibm-java-cve30133011(84152)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84152"
},
{
"name": "SUSE-SU-2013:1264",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00031.html"
},
{
"name": "SUSE-SU-2013:1257",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
},
{
"name": "SUSE-SU-2013:1256",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
},
{
"name": "54154",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54154"
},
{
"name": "IV44795",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV44795"
},
{
"name": "SUSE-SU-2013:1263",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html"
},
{
"name": "RHSA-2013:1059",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1059.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013"
},
{
"name": "SUSE-SU-2013:1293",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html"
},
{
"name": "RHSA-2013:1081",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1081.html"
},
{
"name": "SUSE-SU-2013:1255",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21642336"
},
{
"name": "SUSE-SU-2013:1305",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-06-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 1.4.2 before 1.4.2 SR13-FP18, 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3009 and CVE-2013-3012."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-11-28T14:57:01",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"name": "IV44793",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV44793"
},
{
"name": "PM91729",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM91729"
},
{
"name": "RHSA-2013:1060",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
},
{
"name": "ibm-java-cve30133011(84152)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84152"
},
{
"name": "SUSE-SU-2013:1264",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00031.html"
},
{
"name": "SUSE-SU-2013:1257",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
},
{
"name": "SUSE-SU-2013:1256",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
},
{
"name": "54154",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54154"
},
{
"name": "IV44795",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV44795"
},
{
"name": "SUSE-SU-2013:1263",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html"
},
{
"name": "RHSA-2013:1059",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1059.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013"
},
{
"name": "SUSE-SU-2013:1293",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html"
},
{
"name": "RHSA-2013:1081",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1081.html"
},
{
"name": "SUSE-SU-2013:1255",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21642336"
},
{
"name": "SUSE-SU-2013:1305",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2013-3011",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 1.4.2 before 1.4.2 SR13-FP18, 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3009 and CVE-2013-3012."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "IV44793",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV44793"
},
{
"name": "PM91729",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1PM91729"
},
{
"name": "RHSA-2013:1060",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1060.html"
},
{
"name": "ibm-java-cve30133011(84152)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84152"
},
{
"name": "SUSE-SU-2013:1264",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00031.html"
},
{
"name": "SUSE-SU-2013:1257",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html"
},
{
"name": "SUSE-SU-2013:1256",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html"
},
{
"name": "54154",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54154"
},
{
"name": "IV44795",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV44795"
},
{
"name": "SUSE-SU-2013:1263",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html"
},
{
"name": "RHSA-2013:1059",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1059.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21644197"
},
{
"name": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013",
"refsource": "CONFIRM",
"url": "http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July_2013"
},
{
"name": "SUSE-SU-2013:1293",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html"
},
{
"name": "RHSA-2013:1081",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1081.html"
},
{
"name": "SUSE-SU-2013:1255",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21642336",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21642336"
},
{
"name": "SUSE-SU-2013:1305",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00003.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2013-3011",
"datePublished": "2013-07-23T10:00:00",
"dateReserved": "2013-04-12T00:00:00",
"dateUpdated": "2024-08-06T15:52:21.574Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}