IBM Java Multiple Vulnerabilities
Last Update Date:
8 Nov 2013 10:24
Release Date:
8 Nov 2013
4030
Views
RISK: Medium Risk
TYPE: Operating Systems - Application Platforms
Multiple vulnerabilities have been identified in IBM Java, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, bypass certain security restrictions, cause a DoS (Denial of Service), and compromise a vulnerable system.
- Unspecified errors can be exploited to execute arbitrary code, and bypass certain security restrictions.
- An error when expanding entity references can be exploited to consume large amounts of memory and cause a crash or hang via a specially crafted XML containing malicious attributes.
Impact
- Denial of Service
- Remote Code Execution
- Security Restriction Bypass
- Information Disclosure
- Data Manipulation
System / Technologies affected
- Versions 5, 6, and 7
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Apply fixes.
Vulnerability Identifier
- CVE-2013-3829
- CVE-2013-4002
- CVE-2013-4041
- CVE-2013-5372
- CVE-2013-5375
- CVE-2013-5456
- CVE-2013-5457
- CVE-2013-5458
- CVE-2013-5772
- CVE-2013-5774
- CVE-2013-5776
- CVE-2013-5778
- CVE-2013-5780
- CVE-2013-5782
- CVE-2013-5783
- CVE-2013-5784
- CVE-2013-5787
- CVE-2013-5788
- CVE-2013-5789
- CVE-2013-5790
- CVE-2013-5797
- CVE-2013-5800
- CVE-2013-5801
- CVE-2013-5802
- CVE-2013-5803
- CVE-2013-5804
- CVE-2013-5805
- CVE-2013-5806
- CVE-2013-5809
- CVE-2013-5812
- CVE-2013-5814
- CVE-2013-5817
- CVE-2013-5818
- CVE-2013-5819
- CVE-2013-5820
- CVE-2013-5823
- CVE-2013-5824
- CVE-2013-5825
- CVE-2013-5829
- CVE-2013-5830
- CVE-2013-5831
- CVE-2013-5832
- CVE-2013-5838
- CVE-2013-5840
- CVE-2013-5842
- CVE-2013-5843
- CVE-2013-5848
- CVE-2013-5849
- CVE-2013-5850
- CVE-2013-5851
Source
Related Link
Share with