Sandbox Restrictions Bypass

🗓️ 02 May 2019 04:52:33Reported by Veracode Vulnerability DatabaseType

veracode🔗 sca.analysiscenter.veracode.com👁 25 Views

openjdk sandbox restrictions bypass vulnerability affecting confidentiality, integrity, and availability via 2D vector

Reporter	Title	Published	Views	Family All 185
IBM Security Bulletins	Security Bulletin: Tivoli Storage Productivity Center - Oracle CPU February 2013, April 2013	19 Aug 202218:23	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Security Vulnerabilities in IBM Sterling Control Center	25 Sep 202223:09	–	ibm
IBM Security Bulletins	Security Bulletin: WebSphere Application Server updates to IBM SDK for Java Feb 2013 CPU	25 Sep 202220:45	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Rational Build Forge (CVE-2012-3213, CVE-2013-0419, CVE-2013-0423, CVE-2013-0424, CVE-2013-0425, CVE-2013-0426, CVE-2013-0427, CVE-2013-0428, CVE-2013-0433, CVE-2013-0434, CVE-2013-0435, CVE-2013-0437, C	17 Jun 201804:45	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in Rational Application Developer for WebSphere Software due to issues in IBM Java SDK (CVE-2013-0440, CVE-2013-0443, CVE-2013-0169)	5 Feb 202000:09	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Cognos Express (CVE-2013-5443, CVE-2013-5445, CVE-2013-5444, CVE-2013-2407, CVE-2013-2450, CVE-2013-0169, CVE-2013-1478, CVE-2013-1480)	10 Nov 202212:06	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Operational Decision Manager and WebSphere ILOG JRules: Multiple security vulnerabilities in IBM JRE 6.0	25 Sep 202223:13	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Smart Analytics System 5600 is affected by vulnerabilities in the IBM Java SDK	25 Sep 202221:06	–	ibm
IBM Security Bulletins	Security Bulletin: TADDM 7.2.1.4: Vulnerabilities in embedded JRE.	25 Sep 202221:06	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Tivoli System Automation for Integrated Operations Management 2.1.1 Vulnerability: Multiple security vulnerabilities in IBM JREs 6.0 and 7.0	25 Sep 202221:06	–	ibm

Vulners

Node

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.50.1.11.5.el6_3

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.36.b17.el6_0

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.49.1.11.4.el6_3

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.45.1.11.1.el6

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.31.b17.el6_0

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.39.1.9.7.el6

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.39.1.9.8.el6_1

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.39.b17.el6_0

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.21.b17.el6

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.40.1.9.10.el6_1

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.43.1.10.6.el6_2

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.42.1.10.4.el6_2

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.48.1.11.3.el6_2

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.41.1.10.4.el6

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.30.1.11.5.el5

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.18.b17.el5

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.2.b09.el5

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.25.1.10.6.el5_8

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.28.1.10.9.el5_8

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_0.30.b09.el5

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.22.1.9.8.el5_6

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.7.b09.el5

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.23.1.9.10.el5_7

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.20.b17.el5

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.11.b16.el5

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.27.1.10.8.el5_8

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_0.25.b09.el5

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.17.b17.el5

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.24.1.10.4.el5

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.28.1.10.10.el5_8

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.16.b17.el5

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.13.b16.el5

java-1.6.0-openjdk java-1.6.0-openjdkMatch1.6.0.0_1.21.b17.el5

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.3_2.1.el6.7

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.5_2.2.1.el6_3

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.9_2.3.4.el5_9.1

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.9_2.3.3.2.el6_3

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.9_2.3.3.el5.1

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.9_2.3.4.1.el6_3

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.9_2.3.3.el6_3.1

java-1.7.0-openjdk java-1.7.0-openjdkMatch1.7.0.5_2.2.1.el6_3.3

java-1.6.0-ibm java-1.6.0-ibmMatch1.6.0.9.1_1jpp.1.el6

java-1.6.0-ibm java-1.6.0-ibmMatch1.6.0.10.1_1jpp.5.el6_2

java-1.6.0-ibm java-1.6.0-ibmMatch1.6.0.10.1_1jpp.1.el5

java-1.6.0-ibm java-1.6.0-ibmMatch1.6.0.4_1jpp.1.el5

java-1.6.0-ibm java-1.6.0-ibmMatch1.6.0.8.1_1jpp.2.el5

java-1.6.0-ibm java-1.6.0-ibmMatch1.6.0.9.1_1jpp.1.el5

Source	Link
securityfocus	www.securityfocus.com/bid/57686
access	www.access.redhat.com/security/updates/classification/
icedtea	www.icedtea.classpath.org/hg/release/icedtea6-1.11/file/icedtea6-1.11.6/NEWS
rhn	www.rhn.redhat.com/errata/RHSA-2013-0245.html
security	www.security.gentoo.org/glsa/glsa-201406-32.xml
marc	www.marc.info/
marc	www.marc.info/
icedtea	www.icedtea.classpath.org/hg/release/icedtea7-forest-2.3/jdk/rev/d89bd26ac435
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
wiki	www.wiki.mageia.org/en/Support/Advisories/MGASA-2013-0056

13 May 2022 16:39Current

8.7High risk

Vulners AI Score8.7

CVSS 210

EPSS0.00745