CVE-2013-2415

🗓️ 17 Apr 2013 00:00:00Reported by ubuntu.comType

Unspecified vulnerability in the Java Runtime Environment component allows local users to affect confidentiality via JAX-WS vectors, related to "processing of MTOM attachments" and weak permissions for temporary files

Reporter	Title	Published	Views	Family All 132
IBM Security Bulletins	Security Bulletin: WebSphere Application Server - IBM SDK for Java April 2013 CPU	26 Sep 202205:45	–	ibm
IBM Security Bulletins	Security Bulletin: WebSphere Application Server Community Edition 3.0.0.3 Oracle CPU April 2013	25 Sep 202221:06	–	ibm
IBM Security Bulletins	Security Bulletin: Tivoli Storage Productivity Center - Oracle CPU February 2013, April 2013	19 Aug 202218:23	–	ibm
IBM Security Bulletins	Security Bulletin: IBM WebSphere Lombardi Edition – Information regarding security vulnerability in IBM SDK for Java that shipped with IBM WebSphere Application Server and addressed by Oracle CPU April 2013 (CVE-2013-0169)	25 Sep 202221:06	–	ibm
IBM Security Bulletins	Security Bulletin: IBM WebSphere Business Services Fabric – Information regarding a security vulnerability in IBM SDK for Java that shipped with IBM WebSphere Application Server and addressed by Oracle CPU April 2013 (CVE-2013-0169)	25 Sep 202221:06	–	ibm
IBM Security Bulletins	Security Bulletin: Information regarding security vulnerability in IBM SDK for Java that is shipped with IBM WebSphere Application Server and addressed by Oracle CPU April 2013 (CVE-2013-0169)	25 Sep 202221:06	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities exist in WebSphere Transformation Extender (CVE-2013-5802 CVE-2013-4002 CVE-2013-5825 CVE-2013-5372 CVE-2013-0599 CVE-2013-0464 CVE-2013-0467 CVE-2013-2962 CVE-2013-2415)	16 Jun 201819:34	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Intelligent Operations Center 1.5 WebSphere Application Server - Oracle Java CPU April 2013	25 Sep 202221:06	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in Rational Functional Tester versions 8.x due to security vulnerabilities in IBM JRE 7.0 Service Release 4 Fix Pack 1 or earlier, and non-IBM Java 7.0	29 Sep 201820:06	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Operational Decision Manager and WebSphere ILOG JRules: Multiple security vulnerabilities in IBM JRE	25 Sep 202221:06	–	ibm

OS	OS Version	Architecture	Package	Package Version	Filename
Ubuntu	10.04	any	openjdk-6	6b27-1.12.5-0ubuntu0.10.04.1	openjdk-6_6b27-1.12.5-0ubuntu0.10.04.1_any.deb
Ubuntu	11.10	any	openjdk-6	6b27-1.12.5-0ubuntu0.11.10.1	openjdk-6_6b27-1.12.5-0ubuntu0.11.10.1_any.deb
Ubuntu	12.04	any	openjdk-6	6b27-1.12.5-0ubuntu0.12.04.1	openjdk-6_6b27-1.12.5-0ubuntu0.12.04.1_any.deb
Ubuntu	12.10	any	openjdk-6	6b27-1.12.5-0ubuntu0.12.10.1	openjdk-6_6b27-1.12.5-0ubuntu0.12.10.1_any.deb
Ubuntu	13.04	any	openjdk-6	6b27-1.12.5-1ubuntu1	openjdk-6_6b27-1.12.5-1ubuntu1_any.deb
Ubuntu	11.10	any	openjdk-7	7u21-2.3.9-0ubuntu0.11.10.1	openjdk-7_7u21-2.3.9-0ubuntu0.11.10.1_any.deb
Ubuntu	12.04	any	openjdk-7	7u21-2.3.9-0ubuntu0.12.04.1	openjdk-7_7u21-2.3.9-0ubuntu0.12.04.1_any.deb
Ubuntu	12.10	any	openjdk-7	7u21-2.3.9-0ubuntu0.12.10.1	openjdk-7_7u21-2.3.9-0ubuntu0.12.10.1_any.deb
Ubuntu	13.04	any	openjdk-7	7u21-2.3.9-1ubuntu1	openjdk-7_7u21-2.3.9-1ubuntu1_any.deb

Source	Link
oracle	www.oracle.com/technetwork/topics/security/javacpuapr2013-1928497.html
ubuntu	www.ubuntu.com/security/notices/USN-1806-1
ubuntu	www.ubuntu.com/security/notices/USN-1819-1
cve	www.cve.org/CVERecord

24 Jul 2024 15:57Current

6.8Medium risk

Vulners AI Score6.8

CVSS 22.1

EPSS0.00083