CVE-2013-5457 - Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6, 6.0.1 before SR7, and 6.0.0 before SR15

CVE-2013-5457

Summary

Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6, 6.0.1 before SR7, and 6.0.0 before SR15 allows remote attackers to execute arbitrary code via unspecified vectors.

References

Vulnerable Configurations

cpe:2.3:a:ibm:java:6.0.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:java:6.0.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:java:6.0.1.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:java:6.0.1.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:java:7.0.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:java:7.0.0.0:*:*:*:*:*:*:*

CVSS

Base:	9.3 (as of 29-08-2017 - 01:33)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:M/Au:N/C:C/I:C/A:C

redhat via4

advisories

rhsa
id RHSA-2013:1507
rhsa
id RHSA-2013:1508
rhsa
id RHSA-2013:1793

rpms

java-1.7.0-ibm-1:1.7.0.6.0-1jpp.1.el5_10
java-1.7.0-ibm-1:1.7.0.6.0-1jpp.1.el6_4
java-1.7.0-ibm-demo-1:1.7.0.6.0-1jpp.1.el5_10
java-1.7.0-ibm-demo-1:1.7.0.6.0-1jpp.1.el6_4
java-1.7.0-ibm-devel-1:1.7.0.6.0-1jpp.1.el5_10
java-1.7.0-ibm-devel-1:1.7.0.6.0-1jpp.1.el6_4
java-1.7.0-ibm-jdbc-1:1.7.0.6.0-1jpp.1.el5_10
java-1.7.0-ibm-jdbc-1:1.7.0.6.0-1jpp.1.el6_4
java-1.7.0-ibm-plugin-1:1.7.0.6.0-1jpp.1.el5_10
java-1.7.0-ibm-plugin-1:1.7.0.6.0-1jpp.1.el6_4
java-1.7.0-ibm-src-1:1.7.0.6.0-1jpp.1.el5_10
java-1.7.0-ibm-src-1:1.7.0.6.0-1jpp.1.el6_4
java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5_10
java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6_4
java-1.6.0-ibm-accessibility-1:1.6.0.15.0-1jpp.1.el5_10
java-1.6.0-ibm-demo-1:1.6.0.15.0-1jpp.1.el5_10
java-1.6.0-ibm-demo-1:1.6.0.15.0-1jpp.1.el6_4
java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5_10
java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6_4
java-1.6.0-ibm-javacomm-1:1.6.0.15.0-1jpp.1.el5_10
java-1.6.0-ibm-javacomm-1:1.6.0.15.0-1jpp.1.el6_4
java-1.6.0-ibm-jdbc-1:1.6.0.15.0-1jpp.1.el5_10
java-1.6.0-ibm-jdbc-1:1.6.0.15.0-1jpp.1.el6_4
java-1.6.0-ibm-plugin-1:1.6.0.15.0-1jpp.1.el5_10
java-1.6.0-ibm-plugin-1:1.6.0.15.0-1jpp.1.el6_4
java-1.6.0-ibm-src-1:1.6.0.15.0-1jpp.1.el5_10
java-1.6.0-ibm-src-1:1.6.0.15.0-1jpp.1.el6_4
java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5
java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6
java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5
java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6

refmap via4

aixapar	IV51334
confirm	http://www-01.ibm.com/support/docview.wss?uid=swg21655201 http://www-01.ibm.com/support/docview.wss?uid=swg21655202 https://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_November_2013
secunia	56338
suse	SUSE-SU-2013:1677
xf	ibm-java-cve20135457-code-exec(88256)

Last major update

29-08-2017 - 01:33

Published

24-11-2013 - 18:55

Last modified

29-08-2017 - 01:33