1. CVE-Search
  2. CVE-2013-5375
ID CVE-2013-5375
Summary Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6, 6.0.1 before SR7, 6.0.0 before SR15, and 5.0.0 before SR16 FP4 allows remote attackers to access restricted classes via unspecified vectors related to XML and XSL.
References
Vulnerable Configurations
  • cpe:2.3:a:ibm:java:5.0.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:java:5.0.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:java:6.0.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:java:6.0.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:java:6.0.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:java:6.0.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:ibm:java:7.0.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:java:7.0.0.0:*:*:*:*:*:*:*
CVSS
Base: 6.8 (as of 29-08-2017 - 01:33)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:P
redhat via4
advisories
  • rhsa
    id RHSA-2013:1507
  • rhsa
    id RHSA-2013:1508
  • rhsa
    id RHSA-2013:1509
  • rhsa
    id RHSA-2013:1793
rpms
  • java-1.7.0-ibm-1:1.7.0.6.0-1jpp.1.el5_10
  • java-1.7.0-ibm-1:1.7.0.6.0-1jpp.1.el6_4
  • java-1.7.0-ibm-demo-1:1.7.0.6.0-1jpp.1.el5_10
  • java-1.7.0-ibm-demo-1:1.7.0.6.0-1jpp.1.el6_4
  • java-1.7.0-ibm-devel-1:1.7.0.6.0-1jpp.1.el5_10
  • java-1.7.0-ibm-devel-1:1.7.0.6.0-1jpp.1.el6_4
  • java-1.7.0-ibm-jdbc-1:1.7.0.6.0-1jpp.1.el5_10
  • java-1.7.0-ibm-jdbc-1:1.7.0.6.0-1jpp.1.el6_4
  • java-1.7.0-ibm-plugin-1:1.7.0.6.0-1jpp.1.el5_10
  • java-1.7.0-ibm-plugin-1:1.7.0.6.0-1jpp.1.el6_4
  • java-1.7.0-ibm-src-1:1.7.0.6.0-1jpp.1.el5_10
  • java-1.7.0-ibm-src-1:1.7.0.6.0-1jpp.1.el6_4
  • java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5_10
  • java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6_4
  • java-1.6.0-ibm-accessibility-1:1.6.0.15.0-1jpp.1.el5_10
  • java-1.6.0-ibm-demo-1:1.6.0.15.0-1jpp.1.el5_10
  • java-1.6.0-ibm-demo-1:1.6.0.15.0-1jpp.1.el6_4
  • java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5_10
  • java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6_4
  • java-1.6.0-ibm-javacomm-1:1.6.0.15.0-1jpp.1.el5_10
  • java-1.6.0-ibm-javacomm-1:1.6.0.15.0-1jpp.1.el6_4
  • java-1.6.0-ibm-jdbc-1:1.6.0.15.0-1jpp.1.el5_10
  • java-1.6.0-ibm-jdbc-1:1.6.0.15.0-1jpp.1.el6_4
  • java-1.6.0-ibm-plugin-1:1.6.0.15.0-1jpp.1.el5_10
  • java-1.6.0-ibm-plugin-1:1.6.0.15.0-1jpp.1.el6_4
  • java-1.6.0-ibm-src-1:1.6.0.15.0-1jpp.1.el5_10
  • java-1.6.0-ibm-src-1:1.6.0.15.0-1jpp.1.el6_4
  • java-1.5.0-ibm-1:1.5.0.16.4-1jpp.1.el5_10
  • java-1.5.0-ibm-1:1.5.0.16.4-1jpp.1.el6_4
  • java-1.5.0-ibm-accessibility-1:1.5.0.16.4-1jpp.1.el5_10
  • java-1.5.0-ibm-demo-1:1.5.0.16.4-1jpp.1.el5_10
  • java-1.5.0-ibm-demo-1:1.5.0.16.4-1jpp.1.el6_4
  • java-1.5.0-ibm-devel-1:1.5.0.16.4-1jpp.1.el5_10
  • java-1.5.0-ibm-devel-1:1.5.0.16.4-1jpp.1.el6_4
  • java-1.5.0-ibm-javacomm-1:1.5.0.16.4-1jpp.1.el5_10
  • java-1.5.0-ibm-javacomm-1:1.5.0.16.4-1jpp.1.el6_4
  • java-1.5.0-ibm-jdbc-1:1.5.0.16.4-1jpp.1.el5_10
  • java-1.5.0-ibm-jdbc-1:1.5.0.16.4-1jpp.1.el6_4
  • java-1.5.0-ibm-plugin-1:1.5.0.16.4-1jpp.1.el5_10
  • java-1.5.0-ibm-plugin-1:1.5.0.16.4-1jpp.1.el6_4
  • java-1.5.0-ibm-src-1:1.5.0.16.4-1jpp.1.el5_10
  • java-1.5.0-ibm-src-1:1.5.0.16.4-1jpp.1.el6_4
  • java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el5
  • java-1.6.0-ibm-1:1.6.0.15.0-1jpp.1.el6
  • java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el5
  • java-1.6.0-ibm-devel-1:1.6.0.15.0-1jpp.1.el6
refmap via4
aixapar
  • IV51089
  • IV51090
confirm
secunia 56338
suse SUSE-SU-2013:1677
xf ibm-xslt-cve20135375-security-bypass(86901)
Last major update 29-08-2017 - 01:33
Published 24-11-2013 - 18:55
Last modified 29-08-2017 - 01:33
Back to Top