Lucene search
HistoryFeb 13, 2015 - 3:59 p.m.
CVE-2013-2027
4.6 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
6 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%
Jython 2.2.1 uses the current umask to set the privileges of the class cache files, which allows local users to bypass intended access restrictions via unspecified vectors.
Affected configurations
Node
opensuseopensuseMatch13.1
ORopensuseopensuseMatch13.2
Node
jython_projectjythonMatch2.2.1
Related
debiancve
debiancve
CVE-2013-2027
2015-02-13 15:59:00
cve
cve
CVE-2013-2027
2015-02-13 15:59:00
nessus
nessus
openSUSE Security Update : jython (openSUSE-2015-139)
2015-02-13 00:00:00
Mandriva Linux Security Advisory : jython (MDVSA-2015:158)
2015-03-30 00:00:00
RHEL 6 : jython (Unpatched Vulnerability)
2024-06-03 00:00:00
osv
osv
Jython Improper Access Restrictions vulnerability
2022-05-14 02:05:10
ibm
ibm
mageia
mageia
Updated jython packages fix CVE-2013-2027
2015-03-06 21:08:57
github
github
Jython Improper Access Restrictions vulnerability
2022-05-14 02:05:10
ubuntucve
ubuntucve
CVE-2013-2027
2015-02-13 00:00:00
securityvulns
securityvulns
Jython weak permissions
2015-04-19 00:00:00
[ MDVSA-2015:158 ] jython
2015-04-19 00:00:00
prion
prion
Design/Logic Flaw
2015-02-13 15:59:00
openvas
openvas
Mageia: Security Advisory (MGASA-2015-0096)
2022-01-28 00:00:00
Oracle WebLogic Server Multiple Vulnerabilities (cpujul2017-3236622)
2017-07-19 00:00:00
cvelist
cvelist
CVE-2013-2027
2015-02-13 15:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - July 2017
2018-03-20 00:00:00
4.6 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
6 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%
Related for NVD:CVE-2013-2027