SUSE CVE-2019-4473

🗓️ 15 Feb 2023 04:17:28Reported by Suse CVEType

susecve

susecve🔗 www.suse.com👁 2 Views

SUSE reports CVE-2019-4473 in IBM Java for AIX with insecure RPATHs enabling local code injection.

Reporter	Title	Published	Views	Family All 119
IBM Security Bulletins	Security Bulletin: IBM SDK, Java Technology Edition Quarterly CPU - January 2019 through July 2022 affects AIX LPARs in IBM PureData System for Operational Analytics	4 Nov 202220:17	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect the IBM Spectrum Protect Server on AIX (CVE-2019-4473, CVE-2019-11771)	31 Mar 202022:00	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM OS Images for Red Hat Linux Systems (July2019 updates)	30 Oct 201917:45	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Host On-Demand	10 Jan 202008:51	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli Business Service Manager	20 Dec 201908:47	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Performance Tester	2 Mar 202018:30	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple IBM Runtime Environments Java Technology Edition vulnerabilities affect IBM Transformation Extender	24 Jul 202018:36	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java SDK affecting Rational Synergy	22 Dec 202018:18	–	ibm
IBM Security Bulletins	Security Bulletin: Security Vulnerabilities have been identified in IBM Java Runtime as shipped with Tivoli Federated Identity Manager	17 Dec 202418:26	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect WebSphere Message Broker V8.	16 Mar 202005:42	–	ibm

OS	OS Version	Architecture	Package	Package Version	Filename
SUSE Linux Enterprise Server	11.3	any	java-1_7_0-ibm	1.7.0_sr10.50-65.42.1	java-1_7_0-ibm-1.7.0_sr10.50-65.42.1.noarch.rpm
SUSE Linux Enterprise Server	11.3	any	java-1_7_0-ibm-alsa	1.7.0_sr10.50-65.42.1	java-1_7_0-ibm-alsa-1.7.0_sr10.50-65.42.1.noarch.rpm
SUSE Linux Enterprise Server	11.3	any	java-1_7_0-ibm-jdbc	1.7.0_sr10.50-65.42.1	java-1_7_0-ibm-jdbc-1.7.0_sr10.50-65.42.1.noarch.rpm
SUSE Linux Enterprise Server	11.3	any	java-1_7_0-ibm-plugin	1.7.0_sr10.50-65.42.1	java-1_7_0-ibm-plugin-1.7.0_sr10.50-65.42.1.noarch.rpm
SUSE Linux Enterprise Server	11.4	any	java-1_7_1-ibm	1.7.1_sr4.50-26.44.1	java-1_7_1-ibm-1.7.1_sr4.50-26.44.1.noarch.rpm
SUSE Linux Enterprise Server	12.1	any	java-1_7_1-ibm	1.7.1_sr4.50-38.41.1	java-1_7_1-ibm-1.7.1_sr4.50-38.41.1.noarch.rpm
SUSE Linux Enterprise Server	12.2	any	java-1_7_1-ibm	1.7.1_sr4.50-38.41.1	java-1_7_1-ibm-1.7.1_sr4.50-38.41.1.noarch.rpm
SUSE Linux Enterprise Server	12.3	any	java-1_7_1-ibm	1.7.1_sr4.50-38.41.1	java-1_7_1-ibm-1.7.1_sr4.50-38.41.1.noarch.rpm
SUSE Linux Enterprise Server	12.4	any	java-1_7_1-ibm	1.7.1_sr4.50-38.41.1	java-1_7_1-ibm-1.7.1_sr4.50-38.41.1.noarch.rpm
SUSE Linux Enterprise Server	12.5	any	java-1_7_1-ibm	1.7.1_sr4.50-38.41.1	java-1_7_1-ibm-1.7.1_sr4.50-38.41.1.noarch.rpm

Source	Link
suse	www.suse.com/security/cve/CVE-2019-4473
suse	www.suse.com/support/security/rating/
bugzilla	www.bugzilla.suse.com/1147021
lists	www.lists.suse.com/pipermail/sle-security-updates/2019-September/005877.html
lists	www.lists.suse.com/pipermail/sle-security-updates/2019-October/005987.html
suse	www.suse.com/support/update/announcement/2019/suse-su-20192291-1.html
lists	www.lists.suse.com/pipermail/sle-security-updates/2019-September/005896.html
suse	www.suse.com/support/update/announcement/2019/suse-su-20192371-1.html

11 Sep 2025 23:39Current

9.5High risk

Vulners AI Score9.5

CVSS 37.8

EPSS0.0045

SUSE vulnerability Java platform absolute path issue code injection privilege escalation local user impact