gsd-2013-5375
Vulnerability from gsd
Modified
2023-12-13 01:22
Details
Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6, 6.0.1 before SR7, 6.0.0 before SR15, and 5.0.0 before SR16 FP4 allows remote attackers to access restricted classes via unspecified vectors related to XML and XSL.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2013-5375",
"description": "Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6, 6.0.1 before SR7, 6.0.0 before SR15, and 5.0.0 before SR16 FP4 allows remote attackers to access restricted classes via unspecified vectors related to XML and XSL.",
"id": "GSD-2013-5375",
"references": [
"https://www.suse.com/security/cve/CVE-2013-5375.html",
"https://access.redhat.com/errata/RHSA-2013:1793",
"https://access.redhat.com/errata/RHSA-2013:1509",
"https://access.redhat.com/errata/RHSA-2013:1508",
"https://access.redhat.com/errata/RHSA-2013:1507"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2013-5375"
],
"details": "Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6, 6.0.1 before SR7, 6.0.0 before SR15, and 5.0.0 before SR16 FP4 allows remote attackers to access restricted classes via unspecified vectors related to XML and XSL.",
"id": "GSD-2013-5375",
"modified": "2023-12-13T01:22:21.522054Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2013-5375",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6, 6.0.1 before SR7, 6.0.0 before SR15, and 5.0.0 before SR16 FP4 allows remote attackers to access restricted classes via unspecified vectors related to XML and XSL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "IV51090",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV51090"
},
{
"name": "ibm-xslt-cve20135375-security-bypass(86901)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86901"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21655202",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655202"
},
{
"name": "RHSA-2013:1508",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"name": "SUSE-SU-2013:1677",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"name": "https://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_November_2013",
"refsource": "CONFIRM",
"url": "https://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_November_2013"
},
{
"name": "RHSA-2013:1793",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"name": "RHSA-2013:1509",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1509.html"
},
{
"name": "RHSA-2013:1507",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"name": "56338",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/56338"
},
{
"name": "IV51089",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV51089"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:ibm:java:7.0.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ibm:java:5.0.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ibm:java:6.0.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ibm:java:6.0.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2013-5375"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6, 6.0.1 before SR7, 6.0.0 before SR15, and 5.0.0 before SR16 FP4 allows remote attackers to access restricted classes via unspecified vectors related to XML and XSL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "IV51089",
"refsource": "AIXAPAR",
"tags": [],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV51089"
},
{
"name": "IV51090",
"refsource": "AIXAPAR",
"tags": [],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV51090"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655201"
},
{
"name": "https://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_November_2013",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_November_2013"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21655202",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21655202"
},
{
"name": "RHSA-2013:1507",
"refsource": "REDHAT",
"tags": [],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1507.html"
},
{
"name": "SUSE-SU-2013:1677",
"refsource": "SUSE",
"tags": [],
"url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html"
},
{
"name": "RHSA-2013:1508",
"refsource": "REDHAT",
"tags": [],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1508.html"
},
{
"name": "RHSA-2013:1509",
"refsource": "REDHAT",
"tags": [],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1509.html"
},
{
"name": "RHSA-2013:1793",
"refsource": "REDHAT",
"tags": [],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1793.html"
},
{
"name": "56338",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/56338"
},
{
"name": "ibm-xslt-cve20135375-security-bypass(86901)",
"refsource": "XF",
"tags": [],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86901"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
}
},
"lastModifiedDate": "2017-08-29T01:33Z",
"publishedDate": "2013-11-24T18:55Z"
}
}
}
Loading...