Lucene search
K

10 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2013-2027

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Jython 2.2.1 uses the current umask to set the privileges of the class cache files, which allows local users to bypass intended access restrictions via...

4.6CVSS8.2AI score0.00441EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.24 views

RHEL 6 : jython (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - Jython creates executables class files with wrong permissions CVE-2013-2027 Note that Nessus has not tested for thi...

4.6CVSS7.3AI score0.00441EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2023/09/27 11:7 a.m.62 views

Security Bulletin: Vulnerability of jython-standalone-2.7.0.jar have affected APM WebSphere Application Server Agent and APM Tomcat Agent

Summary APM WebSphere Application Server Agent and APM Tomcat Agent are vulnerable to jython-standalone-2.7.0.jar CVE-2013-2027. The workaround includes jython-standalone-2.7.0.jar upgraded to jython-standalone-2.7.3.jar. Vulnerability Details CVEID:CVE-2013-2027 DESCRIPTION: Jython could allow a...

4.6CVSS9.4AI score0.00441EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.18 views

Mageia: Security Advisory (MGASA-2015-0096)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.6CVSS9.6AI score0.00441EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2015/03/30 12:0 a.m.39 views

Mandriva Linux Security Advisory : jython (MDVSA-2015:158)

Updated jython packages fix security vulnerability : There are serveral problems with the way Jython creates class cache files, potentially leading to arbitrary code execution or information disclosure CVE-2013-2027. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

4.6CVSS9AI score0.00441EPSS
Exploits0References2
OSV
OSV
added 2015/03/06 6:8 p.m.10 views

MGASA-2015-0096 Updated jython packages fix CVE-2013-2027

Updated jython packages fix security vulnerability: There are serveral problems with the way Jython creates class cache files, potentially leading to arbitrary code execution or information disclosure CVE-2013-2027...

4.6CVSS7.1AI score0.00441EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2015/02/13 3:59 p.m.29 views

CVE-2013-2027

Jython 2.2.1 uses the current umask to set the privileges of the class cache files, which allows local users to bypass intended access restrictions via unspecified vectors...

4.6CVSS7.2AI score0.00441EPSS
Exploits0References1
CVE
CVE
added 2015/02/13 3:0 p.m.94 views

CVE-2013-2027

CVE-2013-2027 affects Jython 2.2.1, where class cache files are created with permissions from the current umask, allowing local attackers to bypass access restrictions. The IBM advisory notes potential arbitrary code execution or information disclosure and recommends upgrading to jython-standalon...

4.6CVSS8.5AI score0.00441EPSS
Exploits0References5Affected Software1
Debian CVE
Debian CVE
added 2015/02/13 3:0 p.m.33 views

CVE-2013-2027

Jython 2.2.1 uses the current umask to set the privileges of the class cache files, which allows local users to bypass intended access restrictions via unspecified vectors...

4.6CVSS8.9AI score0.00441EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/02/13 12:0 a.m.40 views

openSUSE Security Update : jython (openSUSE-2015-139)

jython was updated to fix one security issue. This security issue was fixed : - CVE-2013-2027: Creates executables class files with wrong permissions %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security...

4.6CVSS8.2AI score0.00441EPSS
Exploits0References2
Rows per page
Query Builder