CVE-2013-5375

Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6, 6.0.1 before SR7, 6.0.0 before SR15, and 5.0.0 before SR16 FP4 allows remote attackers to access restricted classes via unspecified vectors related to XML and XSL.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 83%
Affected Products (NVD)
VendorProductVersion
ibmjava
5.0.0.0
ibmjava
6.0.0.0
ibmjava
6.0.1.0
ibmjava
7.0.0.0
𝑥
= Vulnerable software versions
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
java-1.5.0-ibm
RHEL 6
1:1.5.0.16.4-1jpp.1.el6_4
fixed
java-1.5.0-ibm-demo
RHEL 6
1:1.5.0.16.4-1jpp.1.el6_4
fixed
java-1.5.0-ibm-devel
RHEL 6
1:1.5.0.16.4-1jpp.1.el6_4
fixed
java-1.5.0-ibm-javacomm
RHEL 6
1:1.5.0.16.4-1jpp.1.el6_4
fixed
java-1.5.0-ibm-jdbc
RHEL 6
1:1.5.0.16.4-1jpp.1.el6_4
fixed
java-1.5.0-ibm-plugin
RHEL 6
1:1.5.0.16.4-1jpp.1.el6_4
fixed
java-1.5.0-ibm-src
RHEL 6
1:1.5.0.16.4-1jpp.1.el6_4
fixed
java-1.6.0-ibm
RHEL 6
1:1.6.0.15.0-1jpp.1.el6_4
fixed
java-1.6.0-ibm-demo
RHEL 6
1:1.6.0.15.0-1jpp.1.el6_4
fixed
java-1.6.0-ibm-devel
RHEL 6
1:1.6.0.15.0-1jpp.1.el6_4
fixed
java-1.6.0-ibm-javacomm
RHEL 6
1:1.6.0.15.0-1jpp.1.el6_4
fixed
java-1.6.0-ibm-jdbc
RHEL 6
1:1.6.0.15.0-1jpp.1.el6_4
fixed
java-1.6.0-ibm-plugin
RHEL 6
1:1.6.0.15.0-1jpp.1.el6_4
fixed
java-1.6.0-ibm-src
RHEL 6
1:1.6.0.15.0-1jpp.1.el6_4
fixed
java-1.7.0-ibm
RHEL 6
1:1.7.0.6.0-1jpp.1.el6_4
fixed
java-1.7.0-ibm-demo
RHEL 6
1:1.7.0.6.0-1jpp.1.el6_4
fixed
java-1.7.0-ibm-devel
RHEL 6
1:1.7.0.6.0-1jpp.1.el6_4
fixed
java-1.7.0-ibm-jdbc
RHEL 6
1:1.7.0.6.0-1jpp.1.el6_4
fixed
java-1.7.0-ibm-plugin
RHEL 6
1:1.7.0.6.0-1jpp.1.el6_4
fixed
java-1.7.0-ibm-src
RHEL 6
1:1.7.0.6.0-1jpp.1.el6_4
fixed
References
http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html
http://rhn.redhat.com/errata/RHSA-2013-1507.html
http://rhn.redhat.com/errata/RHSA-2013-1508.html
http://rhn.redhat.com/errata/RHSA-2013-1509.html
http://rhn.redhat.com/errata/RHSA-2013-1793.html
http://secunia.com/advisories/56338
http://www-01.ibm.com/support/docview.wss?uid=swg1IV51089
http://www-01.ibm.com/support/docview.wss?uid=swg1IV51090
http://www-01.ibm.com/support/docview.wss?uid=swg21655201
http://www-01.ibm.com/support/docview.wss?uid=swg21655202
https://exchange.xforce.ibmcloud.com/vulnerabilities/86901
https://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_November_2013
http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html
http://rhn.redhat.com/errata/RHSA-2013-1507.html
http://rhn.redhat.com/errata/RHSA-2013-1508.html
http://rhn.redhat.com/errata/RHSA-2013-1509.html
http://rhn.redhat.com/errata/RHSA-2013-1793.html
http://secunia.com/advisories/56338
http://www-01.ibm.com/support/docview.wss?uid=swg1IV51089
http://www-01.ibm.com/support/docview.wss?uid=swg1IV51090
http://www-01.ibm.com/support/docview.wss?uid=swg21655201
http://www-01.ibm.com/support/docview.wss?uid=swg21655202
https://exchange.xforce.ibmcloud.com/vulnerabilities/86901
https://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_November_2013