Podatność CVE-2012-4823


Publikacja: 2013-01-10   Modyfikacja: 2013-01-11

Opis:
Unspecified vulnerability in the JRE component in IBM Java 7 SR2 and earlier, Java 6.0.1 SR3 and earlier, Java 6 SR11 and earlier, Java 5 SR14 and earlier, and Java 142 SR13 FP13 and earlier; as used in IBM Rational Host On-Demand, Rational Change, Tivoli Monitoring, Smart Analytics System 5600, Tivoli Remote Control 5.1.2, WebSphere Real Time, Lotus Notes & Domino, Tivoli Storage Productivity Center, and Service Deliver Manager; and other products from other vendors such as Red Hat, allows remote attackers to execute arbitrary code via vectors related to "insecure use of the java.lang.ClassLoder defineClass() method."

Typ:

CWE-noinfo

CVSS2 => (AV:N/AC:M/Au:N/C:C/I:C/A:C)

Ogólna skala CVSS
Znaczenie
Łatwość wykorzystania
9.3/10
10/10
8.6/10
Wymagany dostęp
Złożoność ataku
Autoryzacja
Zdalny
Średnia
Nie wymagana
Wpływ na poufność
Wpływ na integralność
Wpływ na dostępność
Pełny
Pełny
Pełny
Affected software
Tivoli storage productivity center -> 5.0 
Tivoli storage productivity center -> 5.1 
Tivoli storage productivity center -> 5.1.1 
IBM -> Smart analytics system 5600 
IBM -> JAVA 
IBM -> Lotus domino 
IBM -> Lotus notes 
IBM -> Lotus notes sametime 
IBM -> Lotus notes traveler 
IBM -> Rational change 
IBM -> Rational host on-demand 
IBM -> Service delivery manager 
IBM -> Smart analytics system 5600 software 
IBM -> Tivoli monitoring 
IBM -> Tivoli remote control 
IBM -> Websphere real time 

 Referencje:
http://rhn.redhat.com/errata/RHSA-2012-1466.html
http://rhn.redhat.com/errata/RHSA-2012-1467.html
http://rhn.redhat.com/errata/RHSA-2013-1455.html
http://rhn.redhat.com/errata/RHSA-2013-1456.html
http://seclists.org/bugtraq/2012/Sep/38
http://www.securityfocus.com/bid/55495
http://www-01.ibm.com/support/docview.wss?uid=swg1IV29687
http://www-01.ibm.com/support/docview.wss?uid=swg21615705
http://www-01.ibm.com/support/docview.wss?uid=swg21615800
http://www-01.ibm.com/support/docview.wss?uid=swg21616490
http://www-01.ibm.com/support/docview.wss?uid=swg21616594
http://www-01.ibm.com/support/docview.wss?uid=swg21616616
http://www-01.ibm.com/support/docview.wss?uid=swg21616617
http://www-01.ibm.com/support/docview.wss?uid=swg21616652
http://www-01.ibm.com/support/docview.wss?uid=swg21616708
http://www-01.ibm.com/support/docview.wss?uid=swg21621154
https://exchange.xforce.ibmcloud.com/vulnerabilities/78767
https://www-304.ibm.com/support/docview.wss?uid=swg21616546

Copyright 2024, cxsecurity.com

 

Back to Top