11 results (0.021 seconds)

CVSS: 8.1EPSS: 1%CPEs: 5EXPL: 0

Under certain circumstances, a flaw in the J9 JVM (IBM SDK, Java Technology Edition 7.1 and 8.0) allows untrusted code running under a security manager to elevate its privileges. IBM X-Force ID: 138823. Bajo determinadas circunstancias, un fallo en J9 JVM (IBM SDK, Java Technology Edition 7.1 y 8.0) permite que se ejecute código no fiable bajo un gestor de seguridad para elevar sus privilegios. IBM X-Force ID: 138823. • http://www.ibm.com/support/docview.wss?uid=isg3T1027315 http://www.ibm.com/support/docview.wss?uid=swg22014937 http://www.securityfocus.com/bid/103216 http://www.securitytracker.com/id/1040403 https://access.redhat.com/errata/RHSA-2018:1463 https://exchange.xforce.ibmcloud.com/vulnerabilities/138823 https://www.ibm.com/support/docview.wss?uid=swg22012965 https://access.redhat.com/security/cve/CVE-2018-1417 https://bugzilla.redhat.com/show_bug.cgi?id=1568966 • CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 6.8EPSS: 1%CPEs: 37EXPL: 0

Buffer overflow in the Java Virtual Machine (JVM) in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40 (7.1.3.40), and 8 before SR3 (8.0.3.0) allows remote attackers to execute arbitrary code via unspecified vectors. Desbordamiento de buffer en Java Virtual Machine (JVM) en IBM SDK, Java Technology Edition 6 en versiones anteriores a SR16 FP25 (6.0.16.25), 6 R1 en versiones anteriores a SR8 FP25 (6.1.8.25), 7 en versiones anteriores a SR9 FP40 (7.0.9.40), 7 R1 en versiones anteriores a SR3 FP40 (7.1.3.40) y 8 en versiones anteriores a SR3 (8.0.3.0) permite a atacantes remotos ejecutar código arbitrario a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00039.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00040.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00042.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00058.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00059.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00061.html http://lists.opensuse.org/opensuse-security-announce/2016-05 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 8.1EPSS: 2%CPEs: 32EXPL: 0

The com.ibm.CORBA.iiop.ClientDelegate class in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40 (7.1.3.40), and 8 before SR3 (8.0.3.0) uses the invoke method of the java.lang.reflect.Method class in an AccessController doPrivileged block, which allows remote attackers to call setSecurityManager and bypass a sandbox protection mechanism via vectors related to a Proxy object instance implementing the java.lang.reflect.InvocationHandler interface. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-3009. La clase com.ibm.CORBA.iiop.ClientDelegate en IBM SDK, Java Technology Edition 6 en versiones anteriores a SR16 FP25 (6.0.16.25), 6 R1 en versiones anteriores a SR8 FP25 (6.1.8.25), 7 en versiones anteriores a SR9 FP40 (7.0.9.40), 7 R1 en versiones anteriores a SR3 FP40 (7.1.3.40) y 8 en versiones anteriores a SR3 (8.0.3.0) utiliza el método de invocación de la clase java.lang.reflect.Method en un bloque AccessController doPrivileged, lo que permite a atacantes remotos llamar a setSecurityManager y eludir un mecanismo de protección sandbox a través de vectores relacionados con una instancia a un objeto Proxy implementando la interfaz java.lang.reflect.InvocationHandler. NOTA: esta vulnerabilidad existe debido a una solución incompleta para CVE-2013-3009. • http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00039.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00040.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00042.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00058.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00059.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00061.html http://lists.opensuse.org/opensuse-security-announce/2016-05 • CWE-20: Improper Input Validation •

CVSS: 8.1EPSS: 7%CPEs: 34EXPL: 0

The com.ibm.rmi.io.SunSerializableFactory class in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40 (7.1.3.40), and 8 before SR3 (8.0.3.0) does not properly deserialize classes in an AccessController doPrivileged block, which allows remote attackers to bypass a sandbox protection mechanism and execute arbitrary code as demonstrated by the readValue method of the com.ibm.rmi.io.ValueHandlerPool.ValueHandlerSingleton class, which implements the javax.rmi.CORBA.ValueHandler interface. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-5456. La clase com.ibm.rmi.io.SunSerializableFactory en IBM SDK, Java Technology Edition 6 en versiones anteriores a SR16 FP25 (6.0.16.25), 6 R1 en versiones anteriores a SR8 FP25 (6.1.8.25), 7 en versiones anteriores a SR9 FP40 (7.0.9.40), 7 R1 en versiones anteriores a SR3 FP40 (7.1.3.40) y 8 en versiones anteriores a SR3 (8.0.3.0) no deserializa correctamente las clases en un bloque AccessController doPrivileged, lo que permite a atacantes remotos eludir un mecanismo de protección sandbox y ejecutar código arbitrario como se demuestra mediante el método readValue de la clase com.ibm.rmi.io.ValueHandlerPool.ValueHandlerSingleton, lo que implementa la interfaz javax.rmi.CORBA.ValueHandler. NOTA: esta vulnerabilidad existe debido a una solución incompleta para CVE-2013-5456. • http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00039.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00040.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00042.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00058.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00059.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00061.html http://lists.opensuse.org/opensuse-security-announce/2016-05 •

CVSS: 9.1EPSS: 0%CPEs: 14EXPL: 0

The J9 JVM in IBM SDK, Java Technology Edition 6 before SR16 FP20, 6 R1 before SR8 FP20, 7 before SR9 FP30, and 7 R1 before SR3 FP30 allows remote attackers to obtain sensitive information or inject data by invoking non-public interface methods. El JVM J9 en IBM SDK, Java Technology Edition 6 en versiones anteriores a SR16 FP20, 6 R1 en versiones anteriores a SR8 FP20, 7 en versiones anteriores a SR9 FP30 y 7 R1 en versiones anteriores a SR3 FP30 permite a atacantes remotos obtener información sensible o inyectar datos invocando a métodos de interfaz no públicos. • http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00026.html http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00028.html http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00031.html http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00032.html http://www-01.ibm.com/support/docview.wss?uid=swg1IV72872 http://www-01.ibm.com/support/docview.wss?uid=swg21974194 http://www.securityfocus.com/bid/82451 https://access.redhat.com/errata/RHSA-201 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •