CVE-2013-5375medium
Description
Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6, 6.0.1 before SR7, 6.0.0 before SR15, and 5.0.0 before SR16 FP4 allows remote attackers to access restricted classes via unspecified vectors related to XML and XSL.
References
http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html
http://rhn.redhat.com/errata/RHSA-2013-1507.html
http://rhn.redhat.com/errata/RHSA-2013-1508.html
http://rhn.redhat.com/errata/RHSA-2013-1509.html
http://rhn.redhat.com/errata/RHSA-2013-1793.html
http://secunia.com/advisories/56338
http://www-01.ibm.com/support/docview.wss?uid=swg1IV51089
http://www-01.ibm.com/support/docview.wss?uid=swg1IV51090
http://www-01.ibm.com/support/docview.wss?uid=swg21655201
http://www-01.ibm.com/support/docview.wss?uid=swg21655202
https://exchange.xforce.ibmcloud.com/vulnerabilities/86901
https://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_November_2013
Details
Source: MITRE
Published: 2013-11-24
Updated: 2017-08-29
Type: NVD-CWE-noinfo
Risk Information
CVSS v2
Base Score: 6.8
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Impact Score: 6.4
Exploitability Score: 8.6
Severity: MEDIUM