Page 3 of 25 results (0.007 seconds)

CVSS: 6.8EPSS: 1%CPEs: 4EXPL: 0

CVE-2013-5375 – JDK: unspecified sandbox bypass (XML)

https://notcve.org/view.php?id=CVE-2013-5375

Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6, 6.0.1 before SR7, 6.0.0 before SR15, and 5.0.0 before SR16 FP4 allows remote attackers to access restricted classes via unspecified vectors related to XML and XSL. Vulnerabilidad no especificada en IBM Java SDK 7.0.0 anteriores a SR6, 6.0.1 anteriores a SR7, 6.0.0 anteriores a SR15, y 5.0.0 anteriores a SR16 FP4 permite a atacantes remotos acceder a clases restringidas a través de vectores no especificados relacionados con XML y XSL. • http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html http://rhn.redhat.com/errata/RHSA-2013-1507.html http://rhn.redhat.com/errata/RHSA-2013-1508.html http://rhn.redhat.com/errata/RHSA-2013-1509.html http://rhn.redhat.com/errata/RHSA-2013-1793.html http://secunia.com/advisories/56338 http://www-01.ibm.com/support/docview.wss?uid=swg1IV51089 http://www-01.ibm.com/support/docview.wss?uid=swg1IV51090 http://www-01.ibm.com/support/docview.wss?uid •

CVSS: 9.3EPSS: 4%CPEs: 1EXPL: 0

CVE-2013-5458 – JDK: unspecified sandbox bypass (XML)

https://notcve.org/view.php?id=CVE-2013-5458

Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6 allows remote attackers to execute arbitrary code via unspecified vectors. Vulnerabilidad no especificada en IBM Java SDK 7.0.0 anteriores a SR7 permite a atacantes remotos ejecutar código de forma arbitraria a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html http://rhn.redhat.com/errata/RHSA-2013-1507.html http://secunia.com/advisories/56338 http://www-01.ibm.com/support/docview.wss?uid=swg1IV51328 http://www-01.ibm.com/support/docview.wss?uid=swg21655201 http://www-01.ibm.com/support/docview.wss?uid=swg21655202 https://exchange.xforce.ibmcloud.com/vulnerabilities/88257 https://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_November_2013 https:/& •

CVSS: 9.3EPSS: 5%CPEs: 1EXPL: 0

CVE-2013-5456 – JDK: unspecified sandbox bypass (ORB)

https://notcve.org/view.php?id=CVE-2013-5456

The com.ibm.rmi.io.SunSerializableFactory class in IBM Java SDK 7.0.0 before SR6 allows remote attackers to bypass a sandbox protection mechanism and execute arbitrary code via vectors related to deserialization inside the AccessController doPrivileged block. La clase com.ibm.rmi.io.SunSerializableFactory en IBM Java SDK 7.0.0 en versiones anteriores a SR6 permite a atacantes remotos eludir un mecanismo de protección de sandbox y ejecutar código arbitrario a través de vectores relacionados con deserialización dentro del bloque AccessController doPrivileged. • http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html http://rhn.redhat.com/errata/RHSA-2013-1507.html http://secunia.com/advisories/56338 http://www-01.ibm.com/support/docview.wss?uid=swg1IV51329 http://www-01.ibm.com/support/docview.wss?uid=swg21655201 http://www-01.ibm.com/support/docview.wss?uid=swg21655202 http://www.security-explorations.com/materials/SE-2012-01-IBM-3.pdf http://www.security-explorations.com/materials/SE-2012-01-IBM-5.pdf https:/& •

CVSS: 9.3EPSS: 1%CPEs: 7EXPL: 0

CVE-2013-3008 – JDK: Unspecified security fixes (July 2013)

https://notcve.org/view.php?id=CVE-2013-3008

Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3006. Vulnerabilidad sin especificar en Java Runtime Environment (JRE) en IBM Java 7 anterior a 7 SR5, permite a atacantes remotos comprometer la disponibilidad, confidencialidad e integridad a través de vectores no especificados. Vulnerabilidad distinta de CVE-2013-3006. • http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html http://rhn.redhat.com/errata/RHSA-2013-1060.html http://secunia.com/advisories/54154 http://www-01.ibm.com/support/docview.wss?uid=swg1IV44791 http://www-01.ibm.com/support/docview.wss?uid=swg21642336 http://www-01.ibm.com/support/docview.wss?uid=swg21644197 http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_July •

CVSS: 9.3EPSS: 2%CPEs: 62EXPL: 0

CVE-2013-3011 – JDK: Unspecified security fixes (July 2013)

https://notcve.org/view.php?id=CVE-2013-3011

Unspecified vulnerability in the Java Runtime Environment (JRE) in IBM Java 1.4.2 before 1.4.2 SR13-FP18, 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 allows remote attackers to affect confidentiality, availability, and integrity via unknown vectors, a different vulnerability than CVE-2013-3009 and CVE-2013-3012. Vulnerabilidad sin especificar en Java Runtime Environment (JRE) en IBM Java 1.4.2 anterior a 1.4.2 SR13-FP18, 5.0 anterior a 5.0 SR16-FP3, 6 anterior a 6 SR14, 6.0.1 anterior a 6.0.1 SR6, y 7 anterior a 7 SR5, permite a atacantes remotos comprometer la disponibilidad, confidencialidad e integridad a través de vectores no especificados. Vulnerabilidad distinta de CVE-2013-3009 y CVE-2013-3012. • http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00026.html http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00027.html http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00028.html http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00029.html http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00031.html http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2013-08 •