CVE-2013-5457 : Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6, 6.0.1 before SR7, and 6.0.0 before SR15 allows remote attack

Unspecified vulnerability in IBM Java SDK 7.0.0 before SR6, 6.0.1 before SR7, and 6.0.0 before SR15 allows remote attackers to execute arbitrary code via unspecified vectors.

Published 2013-11-24 18:55:04

Updated 2017-08-29 01:33:48

Source IBM Corporation

View at NVD, CVE.org

Vulnerability category: Execute code

Exploit prediction scoring system (EPSS) score for CVE-2013-5457

Probability of exploitation activity in the next 30 days: 3.55%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 90 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2013-5457

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
9.3	HIGH	AV:N/AC:M/Au:N/C:C/I:C/A:C	8.6	10.0	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

References for CVE-2013-5457

http://rhn.redhat.com/errata/RHSA-2013-1793.html

RHSA-2013:1793 - Security Advisory - Red Hat Customer Portal

CVEs referencing this url
http://www-01.ibm.com/support/docview.wss?uid=swg1IV51334

IBM IV51334: FIX SECURITY VULNERABILITY CVE-2013-5457
https://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_November_2013

Security Vulnerabilities - Java SDK
Vendor Advisory

CVEs referencing this url
http://rhn.redhat.com/errata/RHSA-2013-1508.html

RHSA-2013:1508 - Security Advisory - Red Hat Customer Portal

CVEs referencing this url
http://rhn.redhat.com/errata/RHSA-2013-1507.html

RHSA-2013:1507 - Security Advisory - Red Hat Customer Portal

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00013.html

[security-announce] SUSE-SU-2013:1677-1: important: Security update for

CVEs referencing this url
http://www-01.ibm.com/support/docview.wss?uid=swg21655202

IBM Security Bulletin: Multiple vulnerabilities in IBM WebSphere Real Time
Vendor Advisory

CVEs referencing this url
http://www-01.ibm.com/support/docview.wss?uid=swg21655201

IBM Security Bulletin: Multiple vulnerabilities in current releases of the IBM® SDK, Java™ Technology Edition
Vendor Advisory

CVEs referencing this url
https://exchange.xforce.ibmcloud.com/vulnerabilities/88256

IBM Java SDK code execution CVE-2013-5457 Vulnerability Report

Products affected by CVE-2013-5457

IBM » Java » Version: 6.0.0.0
cpe:2.3:a:ibm:java:6.0.0.0:*:*:*:*:*:*:*
Matching versions
IBM » Java » Version: 7.0.0.0
cpe:2.3:a:ibm:java:7.0.0.0:*:*:*:*:*:*:*
Matching versions
IBM » Java » Version: 6.0.1.0
cpe:2.3:a:ibm:java:6.0.1.0:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2013-5457

Exploit prediction scoring system (EPSS) score for CVE-2013-5457

CVSS scores for CVE-2013-5457

References for CVE-2013-5457

Products affected by CVE-2013-5457