Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM9B651965662FB4BB7669237110855869D79C7DB4430BED93C0FA89B297B71879
HistorySep 29, 2018 - 8:06 p.m.

Security Bulletin: Vulnerability in Rational Functional Tester versions 8.5.1 and earlier due to security vulnerability in IBM JRE 7.0 Service Release 5 or earlier (CVE-2013-5772)

2018-09-2920:06:32
www.ibm.com
6

EPSS

0.007

Percentile

80.8%

JSON

Summary

A security vulnerability exists in the Java Runtime Environments (JREs) IBM JRE 7.0 Service Release 5 or earlier that can affect the security of Rational Functional Tester (RFT).

Vulnerability Details

| Subscribe to My Notifications to be notified of important product support alerts like this.

  • Follow this link for more information (requires login with your IBM ID)
    —|—

CVEID:CVE-2013-5772

Description: Remote attackers can affect integrity via unknown vectors related to jhat.

CVSS Base Score: 2.6 **CVSS Temporal Score:**See <https://exchange.xforce.ibmcloud.com/vulnerabilities/88007&gt; for the current score *CVSS Environmental Score:**Undefined CVSS Vector: (AV/N:AC/H:Au/N:C/N:I/P:A/N)

Affected Products and Versions

Rational Functional Tester version 8.5.1 and earlier that shipped with IBM 7.0 Service Release 5 or earlier are affected.

Remediation/Fixes

Upgrade to Rational Functional Tester 8.5.1.1 which ships with IBM Java 7.0 Service Release 6 and addresses this security issue.

If you do not want to upgrade to 8.5.1.1, download the IBM 7.0 Service Release 6 from the IBM Java website and configure RFT to use it.

Workarounds and Mitigations

None

Related

veracode 17
nvd 1
cvelist 1
prion 1
ubuntucve 1
cve 1
ibm 10
openvas 28
nessus 37
redhat 8
centos 3
amazon 2
oraclelinux 3
mageia 2
ubuntu 2
f5 1
suse 4
aix 1
kaspersky 1
securityvulns 1
oracle 1
gentoo 2
veracode
veracode
Authorization Bypass
2019-05-02 04:54:18
Sandbox Restrictions Bypass
2019-05-02 04:58:36
Sandbox Restrictions Bypass
2019-05-02 04:58:36
nvd
nvd
CVE-2013-5772
2013-10-16 15:55:34
cvelist
cvelist
CVE-2013-5772
2013-10-16 15:00:00
prion
prion
Design/Logic Flaw
2013-10-16 15:55:00
ubuntucve
ubuntucve
CVE-2013-5772
2013-10-16 00:00:00
cve
cve
CVE-2013-5772
2013-10-16 15:55:34
ibm
ibm
Security Bulletin: Vulnerability in Rational Functional Tester versions 8.5.1.1 and earlier due to security vulnerability in IBM SDK, Java Technology Edition Version 7 Service Refresh 6 (CVE-2013-5907, CVE-2014-0417)
2019-05-07 13:26:07
Security Bulletin: SmartCloud Orchestrator - Multiple security vulnerabilities exist in the IBM SDK, Java™ Technology Edition (CVE-2013-5802, CVE-2013-5772, CVE-2014-0411)
2018-06-17 22:30:49
Security Bulletin: IBM Flex System Manager (FSM) is affected by security vulnerabilities. (CVE-2013-5772, CVE-2013-5803, CVE-2013-5372, CVE-2013-5780, CVE-2013-5211)
2019-01-31 01:25:01
openvas
openvas
Oracle Java SE JRE Multiple Unspecified Vulnerabilities-02 (Oct 2013) - Windows
2013-10-25 00:00:00
Amazon Linux: Security Advisory (ALAS-2013-246)
2015-09-08 00:00:00
RedHat Update for java-1.6.0-openjdk RHSA-2013:1505-01
2013-11-08 00:00:00
nessus
nessus
Amazon Linux AMI : java-1.6.0-openjdk (ALAS-2013-246)
2013-11-14 00:00:00
Oracle Linux 5 / 6 : java-1.6.0-openjdk (ELSA-2013-1505)
2013-11-06 00:00:00
Scientific Linux Security Update : java-1.6.0-openjdk on SL5.x, SL6.x i386/x86_64 (20131105)
2013-11-06 00:00:00
redhat
redhat
(RHSA-2013:1505) Important: java-1.6.0-openjdk security update
2013-11-05 00:00:00
(RHSA-2013:1447) Important: java-1.7.0-openjdk security update
2013-10-21 00:00:00
(RHSA-2013:1451) Critical: java-1.7.0-openjdk security update
2013-10-22 00:00:00
centos
centos
java security update
2013-11-05 20:45:16
java security update
2013-10-23 11:04:05
java security update
2013-10-22 07:41:01
amazon
amazon
Important: java-1.6.0-openjdk
2013-11-05 13:35:00
Critical: java-1.7.0-openjdk
2013-10-23 15:22:00
oraclelinux
oraclelinux
java-1.6.0-openjdk security update
2013-11-05 00:00:00
java-1.7.0-openjdk security update
2013-10-21 00:00:00
java-1.7.0-openjdk security update
2013-10-22 00:00:00
mageia
mageia
Updated java-1.6.0-openjdk package fixes multiple vulnerabilities
2013-11-13 23:05:43
Updated java-1.7.0-openjdk package fixes security vulnerabilities
2013-11-13 23:03:04
ubuntu
ubuntu
OpenJDK 6 vulnerabilities
2013-11-21 00:00:00
OpenJDK 7 vulnerabilities
2014-01-23 00:00:00
f5
f5
Multiple Java vulnerabilities
2016-05-25 01:58:00
suse
suse
Security update for OpenJDK 7 (important)
2013-11-13 15:04:17
Security update for IBM Java 7 (important)
2013-11-22 08:04:19
Security update for IBM Java 5 (important)
2013-11-15 00:04:35
aix
aix
Multiple Java vulnerabilities
2013-12-11 10:53:34
kaspersky
kaspersky
KLA10492 Multiple vulnerabilities in Oracle products
2013-10-16 00:00:00
securityvulns
securityvulns
Oracle / Sun / MySQL / PeopleSoft applications multiple security vulnerabilities
2013-12-09 00:00:00
oracle
oracle
Oracle Critical Patch Update - October 2013
2013-10-15 00:00:00
gentoo
gentoo
IcedTea JDK: Multiple vulnerabilities
2014-06-29 00:00:00
Oracle JRE/JDK: Multiple vulnerabilities
2014-01-27 00:00:00

EPSS

0.007

Percentile

80.8%

JSON
Related for 9B651965662FB4BB7669237110855869D79C7DB4430BED93C0FA89B297B71879
veracode17nvd1cvelist1prion1ubuntucve1cve1ibm10openvas28nessus37redhat8centos3amazon2oraclelinux3mageia2ubuntu2f51suse4aix1kaspersky1securityvulns1oracle1gentoo2