[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250108

 
 

909

 
 

196064

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2013-5375Date: (C)2013-11-28   (M)2024-04-04


Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6, 6.0.1 before SR7, 6.0.0 before SR15, and 5.0.0 before SR16 FP4 allows remote attackers to access restricted classes via unspecified vectors related to XML and XSL.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 6.8
Exploit Score: 8.6
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
SECUNIA-56338
IV51089
IV51090
RHSA-2013:1507
RHSA-2013:1508
RHSA-2013:1509
RHSA-2013:1793
SUSE-SU-2013:1677
http://www-01.ibm.com/support/docview.wss?uid=swg21655201
http://www-01.ibm.com/support/docview.wss?uid=swg21655202
https://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_November_2013
ibm-xslt-cve20135375-security-bypass(86901)

CPE    4
cpe:/a:ibm:java:7.0.0.0
cpe:/a:ibm:java:5.0.0.0
cpe:/a:ibm:java:6.0.1.0
cpe:/a:ibm:java:6.0.0.0
...
OVAL    5
oval:org.secpod.oval:def:505315
oval:org.secpod.oval:def:505610
oval:org.secpod.oval:def:505376
oval:org.secpod.oval:def:90224
...

© SecPod Technologies