CVE-2013-0541 : Buffer overflow in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.29, 8.0 before 8.0.0.6,

Buffer overflow in IBM WebSphere Application Server (WAS) 6.1 before 6.1.0.47, 7.0 before 7.0.0.29, 8.0 before 8.0.0.6, and 8.5 before 8.5.0.2 on Windows, when a localOS registry is used in conjunction with WebSphere Identity Manger (WIM), allows local users to cause a denial of service (daemon crash) via unspecified vectors.

Published 2013-04-24 10:28:37

Updated 2017-08-29 01:33:06

Source IBM Corporation

View at NVD, CVE.org

Vulnerability category: OverflowDenial of service

Exploit prediction scoring system (EPSS) score for CVE-2013-0541

Probability of exploitation activity in the next 30 days: 0.04%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 6 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2013-0541

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
1.9	LOW	AV:L/AC:M/Au:N/C:N/I:N/A:P	3.4	2.9	NIST
Access Vector: Local Access Complexity: Medium Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Partial

CWE ids for CVE-2013-0541

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2013-0541

https://exchange.xforce.ibmcloud.com/vulnerabilities/82696

IBM WebSphere Application Server denial of service CVE-2013-0541 Vulnerability Report
http://www-01.ibm.com/support/docview.wss?uid=swg1PM74909

IBM notice: The page you requested cannot be displayed
http://www-01.ibm.com/support/docview.wss?&uid=swg21632423

IBM Security Bulletin: Security Vulnerabilites fixed in IBM WebSphere Application Server 8.5.0.2
Vendor Advisory

CVEs referencing this url

Products affected by CVE-2013-0541

IBM » Websphere Application Server » Version: 6.1.0.0
cpe:2.3:a:ibm:websphere_application_server:6.1.0.0:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
IBM » Websphere Application Server » Version: 6.1.0.1
cpe:2.3:a:ibm:websphere_application_server:6.1.0.1:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
IBM » Websphere Application Server » Version: 6.1.0.2
cpe:2.3:a:ibm:websphere_application_server:6.1.0.2:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
IBM » Websphere Application Server » Version: 6.1.0.3
cpe:2.3:a:ibm:websphere_application_server:6.1.0.3:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
IBM » Websphere Application Server » Version: 6.1.0.5
cpe:2.3:a:ibm:websphere_application_server:6.1.0.5:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
IBM » Websphere Application Server » Version: 6.1.0.7
cpe:2.3:a:ibm:websphere_application_server:6.1.0.7:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
IBM » Websphere Application Server » Version: 6.1.0.9
cpe:2.3:a:ibm:websphere_application_server:6.1.0.9:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
IBM » Websphere Application Server » Version: 6.1.0.11
cpe:2.3:a:ibm:websphere_application_server:6.1.0.11:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
IBM » Websphere Application Server » Version: 6.1.0.12
cpe:2.3:a:ibm:websphere_application_server:6.1.0.12:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
IBM » Websphere Application Server » Version: 6.1.0.13
cpe:2.3:a:ibm:websphere_application_server:6.1.0.13:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
IBM » Websphere Application Server » Version: 6.1.0.14
cpe:2.3:a:ibm:websphere_application_server:6.1.0.14:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
IBM » Websphere Application Server » Version: 6.1.0.15
cpe:2.3:a:ibm:websphere_application_server:6.1.0.15:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
IBM » Websphere Application Server » Version: 6.1.0.17
cpe:2.3:a:ibm:websphere_application_server:6.1.0.17:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
IBM » Websphere Application Server » Version: 6.1.0.21
cpe:2.3:a:ibm:websphere_application_server:6.1.0.21:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
IBM » Websphere Application Server » Version: 6.1.0.19
cpe:2.3:a:ibm:websphere_application_server:6.1.0.19:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
IBM » Websphere Application Server » Version: 7.0.0.1
cpe:2.3:a:ibm:websphere_application_server:7.0.0.1:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
IBM » Websphere Application Server » Version: 6.1.0.23
cpe:2.3:a:ibm:websphere_application_server:6.1.0.23:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
IBM » Websphere Application Server » Version: 7.0.0.4
cpe:2.3:a:ibm:websphere_application_server:7.0.0.4:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
IBM » Websphere Application Server » Version: 7.0.0.3
cpe:2.3:a:ibm:websphere_application_server:7.0.0.3:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
IBM » Websphere Application Server » Version: 6.1.0.25
cpe:2.3:a:ibm:websphere_application_server:6.1.0.25:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
IBM » Websphere Application Server » Version: 7.0.0.6
cpe:2.3:a:ibm:websphere_application_server:7.0.0.6:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
IBM » Websphere Application Server » Version: 7.0.0.5
cpe:2.3:a:ibm:websphere_application_server:7.0.0.5:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
IBM » Websphere Application Server » Version: 7.0.0.2
cpe:2.3:a:ibm:websphere_application_server:7.0.0.2:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
IBM » Websphere Application Server » Version: 6.1.0.27
cpe:2.3:a:ibm:websphere_application_server:6.1.0.27:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
IBM » Websphere Application Server » Version: 7.0.0.7
cpe:2.3:a:ibm:websphere_application_server:7.0.0.7:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
IBM » Websphere Application Server » Version: 7.0.0.8
cpe:2.3:a:ibm:websphere_application_server:7.0.0.8:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
IBM » Websphere Application Server » Version: 6.1.0.29
cpe:2.3:a:ibm:websphere_application_server:6.1.0.29:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
IBM » Websphere Application Server » Version: 6.1.0.31
cpe:2.3:a:ibm:websphere_application_server:6.1.0.31:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
IBM » Websphere Application Server » Version: 7.0.0.9
cpe:2.3:a:ibm:websphere_application_server:7.0.0.9:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
IBM » Websphere Application Server » Version: 6.1.0.33
cpe:2.3:a:ibm:websphere_application_server:6.1.0.33:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
IBM » Websphere Application Server » Version: 7.0.0.11
cpe:2.3:a:ibm:websphere_application_server:7.0.0.11:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
IBM » Websphere Application Server » Version: 7.0.0.13
cpe:2.3:a:ibm:websphere_application_server:7.0.0.13:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
IBM » Websphere Application Server » Version: 6.1.0.37
cpe:2.3:a:ibm:websphere_application_server:6.1.0.37:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
IBM » Websphere Application Server » Version: 6.1.0.35
cpe:2.3:a:ibm:websphere_application_server:6.1.0.35:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
IBM » Websphere Application Server » Version: 7.0.0.15
cpe:2.3:a:ibm:websphere_application_server:7.0.0.15:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
IBM » Websphere Application Server » Version: 7.0.0.17
cpe:2.3:a:ibm:websphere_application_server:7.0.0.17:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
IBM » Websphere Application Server » Version: 6.1.0.39
cpe:2.3:a:ibm:websphere_application_server:6.1.0.39:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
IBM » Websphere Application Server » Version: 8.0.0.0
cpe:2.3:a:ibm:websphere_application_server:8.0.0.0:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
IBM » Websphere Application Server » Version: 6.1.0.41
cpe:2.3:a:ibm:websphere_application_server:6.1.0.41:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
IBM » Websphere Application Server » Version: 7.0.0.19
cpe:2.3:a:ibm:websphere_application_server:7.0.0.19:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
IBM » Websphere Application Server » Version: 8.0.0.1
cpe:2.3:a:ibm:websphere_application_server:8.0.0.1:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
IBM » Websphere Application Server » Version: 7.0.0.21
cpe:2.3:a:ibm:websphere_application_server:7.0.0.21:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
IBM » Websphere Application Server » Version: 8.0.0.2
cpe:2.3:a:ibm:websphere_application_server:8.0.0.2:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
IBM » Websphere Application Server » Version: 6.1.0.43
cpe:2.3:a:ibm:websphere_application_server:6.1.0.43:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
IBM » Websphere Application Server » Version: 7.0.0.23
cpe:2.3:a:ibm:websphere_application_server:7.0.0.23:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
IBM » Websphere Application Server » Version: 8.0.0.3
cpe:2.3:a:ibm:websphere_application_server:8.0.0.3:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
IBM » Websphere Application Server » Version: 8.5.0.0
cpe:2.3:a:ibm:websphere_application_server:8.5.0.0:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
IBM » Websphere Application Server » Version: 8.0.0.4
cpe:2.3:a:ibm:websphere_application_server:8.0.0.4:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
IBM » Websphere Application Server » Version: 6.1.0.45
cpe:2.3:a:ibm:websphere_application_server:6.1.0.45:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
IBM » Websphere Application Server » Version: 7.0.0.25
cpe:2.3:a:ibm:websphere_application_server:7.0.0.25:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
IBM » Websphere Application Server » Version: 8.0.0.5
cpe:2.3:a:ibm:websphere_application_server:8.0.0.5:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
IBM » Websphere Application Server » Version: 8.5.0.1
cpe:2.3:a:ibm:websphere_application_server:8.5.0.1:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows
IBM » Websphere Application Server » Version: 7.0.0.27
cpe:2.3:a:ibm:websphere_application_server:7.0.0.27:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows

Vulnerability Details : CVE-2013-0541

Exploit prediction scoring system (EPSS) score for CVE-2013-0541

CVSS scores for CVE-2013-0541

CWE ids for CVE-2013-0541

References for CVE-2013-0541

Products affected by CVE-2013-0541