CVE-2013-5457

high

Description

Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6, 6.0.1 before SR7, and 6.0.0 before SR15 allows remote attackers to execute arbitrary code via unspecified vectors.

References

http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html

http://rhn.redhat.com/errata/RHSA-2013-1507.html

http://rhn.redhat.com/errata/RHSA-2013-1508.html

http://rhn.redhat.com/errata/RHSA-2013-1793.html

http://secunia.com/advisories/56338

http://www-01.ibm.com/support/docview.wss?uid=swg1IV51334

http://www-01.ibm.com/support/docview.wss?uid=swg21655201

http://www-01.ibm.com/support/docview.wss?uid=swg21655202

https://exchange.xforce.ibmcloud.com/vulnerabilities/88256

https://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_November_2013

Details

Source: MITRE

Published: 2013-11-24

Updated: 2017-08-29

Type: NVD-CWE-noinfo

Risk Information

CVSS v2

Base Score: 9.3

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 8.6

Severity: HIGH