CVE-2013-5375

medium

Description

Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6, 6.0.1 before SR7, 6.0.0 before SR15, and 5.0.0 before SR16 FP4 allows remote attackers to access restricted classes via unspecified vectors related to XML and XSL.

References

http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html

http://rhn.redhat.com/errata/RHSA-2013-1507.html

http://rhn.redhat.com/errata/RHSA-2013-1508.html

http://rhn.redhat.com/errata/RHSA-2013-1509.html

http://rhn.redhat.com/errata/RHSA-2013-1793.html

http://secunia.com/advisories/56338

http://www-01.ibm.com/support/docview.wss?uid=swg1IV51089

http://www-01.ibm.com/support/docview.wss?uid=swg1IV51090

http://www-01.ibm.com/support/docview.wss?uid=swg21655201

http://www-01.ibm.com/support/docview.wss?uid=swg21655202

https://exchange.xforce.ibmcloud.com/vulnerabilities/86901

https://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_November_2013

Details

Source: MITRE

Published: 2013-11-24

Updated: 2017-08-29

Type: NVD-CWE-noinfo

Risk Information

CVSS v2

Base Score: 6.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 8.6

Severity: MEDIUM