CVE-2013-5375

critical

Description

Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6, 6.0.1 before SR7, 6.0.0 before SR15, and 5.0.0 before SR16 FP4 allows remote attackers to access restricted classes via unspecified vectors related to XML and XSL.

References

https://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_November_2013

https://exchange.xforce.ibmcloud.com/vulnerabilities/86901

http://www-01.ibm.com/support/docview.wss?uid=swg21655202

http://www-01.ibm.com/support/docview.wss?uid=swg21655201

http://www-01.ibm.com/support/docview.wss?uid=swg1IV51090

http://www-01.ibm.com/support/docview.wss?uid=swg1IV51089

http://secunia.com/advisories/56338

http://rhn.redhat.com/errata/RHSA-2013-1793.html

http://rhn.redhat.com/errata/RHSA-2013-1509.html

http://rhn.redhat.com/errata/RHSA-2013-1508.html

http://rhn.redhat.com/errata/RHSA-2013-1507.html

http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html

Details

Source: Mitre, NVD

Published: 2013-11-24

Updated: 2017-08-29

Risk Information

CVSS v2

Base Score: 6.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

Detections

Analytics