SECURITY (Doc Number=3373): UPDATE AIX Java Multiple Vulnerabilities (Oracle October 2013 CPU)

SECURITY (Doc Number=3373): UPDATE AIX Java Multiple Vulnerabilities (Oracle October 2013 CPU)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

IBM SECURITY ADVISORY

First Issued: Wed Dec 11 10:53:34 CST 2013
| Updated: Mon Feb 3 10:36:58 CST 2014
| Updated: Sections II and III modifications
| Updated: Includes VIOS

The most recent version of this document is available here:

https://aix.software.ibm.com/aix/efixes/security/java_advisory.asc
ftp://aix.software.ibm.com/aix/efixes/security/java_advisory.asc

===============================================================================
                           VULNERABILITY SUMMARY

VULNERABILITY:   Multiple vulnerabilities in current releases of the IBM® SDK,
				 Java Technology Edition.

PLATFORMS:       PowerSC and AIX 5.3, 6.1 and 7.1.
|                VIOS 2.2.x

SOLUTION:        Apply the fix as described below.

THREAT:          Varies threats described below.

CERT VU Number:  n/a
CVE Numbers:     CVE-2013-5456 CVE-2013-5457 CVE-2013-5458 CVE-2013-4041 
                 CVE-2013-5375 CVE-2013-5372 CVE-2013-5843 CVE-2013-5789 
                 CVE-2013-5830 CVE-2013-5829 CVE-2013-5787 CVE-2013-5788 
                 CVE-2013-5824 CVE-2013-5842 CVE-2013-5782 CVE-2013-5817 
                 CVE-2013-5809 CVE-2013-5814 CVE-2013-5832 CVE-2013-5850 
                 CVE-2013-5838 CVE-2013-5802 CVE-2013-5812 CVE-2013-5804 
                 CVE-2013-5783 CVE-2013-3829 CVE-2013-5823 CVE-2013-5831 
                 CVE-2013-5820 CVE-2013-5819 CVE-2013-5818 CVE-2013-5848 
                 CVE-2013-5776 CVE-2013-5774 CVE-2013-5825 CVE-2013-5840 
                 CVE-2013-5801 CVE-2013-5778 CVE-2013-5851 CVE-2013-5800 
                 CVE-2013-5784 CVE-2013-5849 CVE-2013-5790 CVE-2013-5780 
                 CVE-2013-5797 CVE-2013-5803 CVE-2013-5772 

|Reboot required?  NO
|Workarounds?      NO
                 
===============================================================================
                           DETAILED INFORMATION

I. DESCRIPTION

    There are a number of vulnerabilities in the IBM SDK, Java Technology
    Edition that affect various components. CVE-2013-5456, CVE-2013-5457 and
    CVE-2013-5458 allow code running under a security manager to escalate its
    privileges by modifying or removing the security manager. CVE-2013-4041 
    and CVE-2013-5375 allow code running under a security manager to access 
    restricted classes. These vulnerabilities could occur when untrusted code 
    is executed under a security manager, or when the IBM SDK, Java Technology
    Edition has been associated with a web browser for running applets and Web
    Start applications.

    CVE-2013-5372 is a denial of service vulnerability which could result in a 
    complete availability impact on the affected system.

    This bulletin also covers all applicable CVEs published by Oracle as part 
    of their October 2013 Java SE Critical Patch Update. For more information 
    please refer to Oracle's October 2013 Java SE CPU Advisory. 

II. CVSS

    CVEID: CVE-2013-5456
    CVSS Base Score: 9.3
    CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/88255 for the
current score
    CVSS Environmental Score*: Undefined
    CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

    CVEID: CVE-2013-5457
    CVSS Base Score: 9.3
    CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/88256 for the
current score
    CVSS Environmental Score*: Undefined
    CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

    CVEID: CVE-2013-5458
    CVSS Base Score: 9.3
    CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/88257 for the
current score
    CVSS Environmental Score*: Undefined
    CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

    CVEID: CVE-2013-4041
    CVSS Base Score: 6.8
    CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/86416 for the
current score
    CVSS Environmental Score*: Undefined
    CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:P/A:P)

    CVEID: CVE-2013-5375
    CVSS Base Score: 4.3
    CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/86901 for the
current score
    CVSS Environmental Score*: Undefined
    CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)

    CVEID: CVE-2013-5372
    CVSS Base Score: 4.3
    CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/86662 for the
current score
    CVSS Environmental Score*: Undefined
    CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:P)

    CVEID: CVE-2013-5843
    CVSS Base Score: 10
    CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/87971 for the
current score
    CVSS Environmental Score*: Undefined
    CVSS Vector: (AV/N:AC/L:Au/N:C/C:I/C:A/C)

    CVEID: CVE-2013-5789
    CVSS Base Score: 10
    CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/87968 for the
current score
    CVSS Environmental Score*: Undefined
    CVSS Vector: (AV/N:AC/L:Au/N:C/C:I/C:A/C)

    CVEID: CVE-2013-5830
    CVSS Base Score: 10
    CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/87961 for the
current score
    CVSS Environmental Score*: Undefined
    CVSS Vector: (AV/N:AC/L:Au/N:C/C:I/C:A/C)

    CVEID: CVE-2013-5829
    CVSS Base Score: 10
    CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/87963 for the
current score
    CVSS Environmental Score*: Undefined
    CVSS Vector: (AV/N:AC/L:Au/N:C/C:I/C:A/C)

    CVEID: CVE-2013-5787
    CVSS Base Score: 10
    CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/87967 for the
current score
    CVSS Environmental Score*: Undefined
    CVSS Vector: (AV/N:AC/L:Au/N:C/C:I/C:A/C)

    CVEID: CVE-2013-5788
    CVSS Base Score: 10
    CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/87966 for the
current score
    CVSS Environmental Score*: Undefined
    CVSS Vector: (AV/N:AC/L:Au/N:C/C:I/C:A/C)

    CVEID: CVE-2013-5824
    CVSS Base Score: 10
    CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/87965 for the
current score
    CVSS Environmental Score*: Undefined
    CVSS Vector: (AV/N:AC/L:Au/N:C/C:I/C:A/C)

    CVEID: CVE-2013-5842
    CVSS Base Score: 10
    CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/87970 for the
current score
    CVSS Environmental Score*: Undefined
    CVSS Vector: (AV/N:AC/L:Au/N:C/C:I/C:A/C)

    CVEID: CVE-2013-5782
    CVSS Base Score: 10
    CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/87960 for the
current score
    CVSS Environmental Score*: Undefined
    CVSS Vector: (AV/N:AC/L:Au/N:C/C:I/C:A/C)

    CVEID: CVE-2013-5817
    CVSS Base Score: 10
    CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/87969 for the
current score
    CVSS Environmental Score*: Undefined
    CVSS Vector: (AV/N:AC/L:Au/N:C/C:I/C:A/C)

    CVEID: CVE-2013-5809
    CVSS Base Score: 10
    CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/87962 for the
current score
    CVSS Environmental Score*: Undefined
    CVSS Vector: (AV/N:AC/L:Au/N:C/C:I/C:A/C)

    CVEID: CVE-2013-5814
    CVSS Base Score: 10
    CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/87964 for the
current score
    CVSS Environmental Score*: Undefined
    CVSS Vector: (AV/N:AC/L:Au/N:C/C:I/C:A/C)

    CVEID: CVE-2013-5832
    CVSS Base Score: 9.3
    CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/87972 for the
current score
    CVSS Environmental Score*: Undefined
    CVSS Vector: (AV/N:AC/M:Au/N:C/C:I/C:A/C)

    CVEID: CVE-2013-5850
    CVSS Base Score: 9.3
    CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/87973 for the
current score
    CVSS Environmental Score*: Undefined
    CVSS Vector: (AV/N:AC/M:Au/N:C/C:I/C:A/C)

    CVEID: CVE-2013-5838
    CVSS Base Score: 9.3
    CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/87974 for the
current score
    CVSS Environmental Score*: Undefined
    CVSS Vector: (AV/N:AC/M:Au/N:C/C:I/C:A/C)

    CVEID: CVE-2013-5802
    CVSS Base Score: 7.5
    CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/87982 for the
current score
    CVSS Environmental Score*: Undefined
    CVSS Vector: (AV/N:AC/L:Au/N:C/P:I/P:A/P)

    CVEID: CVE-2013-5812
    CVSS Base Score: 6.4
    CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/87985 for the
current score
    CVSS Environmental Score*: Undefined
    CVSS Vector: (AV/N:AC/L:Au/N:C/P:I/N:A/P)

    CVEID: CVE-2013-5804
    CVSS Base Score: 6.4
    CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/87984 for the
current score
    CVSS Environmental Score*: Undefined
    CVSS Vector: (AV/N:AC/L:Au/N:C/P:I/P:A/N)

    CVEID: CVE-2013-5783
    CVSS Base Score: 6.4
    CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/87987 for the
current score
    CVSS Environmental Score*: Undefined
    CVSS Vector: (AV/N:AC/L:Au/N:C/P:I/P:A/N)

    CVEID: CVE-2013-3829
    CVSS Base Score: 6.4
    CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/87986 for the
current score
    CVSS Environmental Score*: Undefined
    CVSS Vector: (AV/N:AC/L:Au/N:C/P:I/P:A/N)

    CVEID: CVE-2013-5823
    CVSS Base Score: 5
    CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/87989 for the
current score
    CVSS Environmental Score*: Undefined
    CVSS Vector: (AV/N:AC/L:Au/N:C/N:I/N:A/P)

    CVEID: CVE-2013-5831
    CVSS Base Score: 5
    CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/87995 for the
current score
    CVSS Environmental Score*: Undefined
    CVSS Vector: (AV/N:AC/L:Au/N:C/N:I/P:A/N)

    CVEID: CVE-2013-5820
    CVSS Base Score: 5
    CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/87996 for the
current score
    CVSS Environmental Score*: Undefined
    CVSS Vector: (AV/N:AC/L:Au/N:C/N:I/P:A/N)

    CVEID: CVE-2013-5819
    CVSS Base Score: 5
    CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/87994 for the
current score
    CVSS Environmental Score*: Undefined
    CVSS Vector: (AV/N:AC/L:Au/N:C/N:I/P:A/N)

    CVEID: CVE-2013-5818
    CVSS Base Score: 5
    CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/87993 for the
current score
    CVSS Environmental Score*: Undefined
    CVSS Vector: (AV/N:AC/L:Au/N:C/N:I/P:A/N)

    CVEID: CVE-2013-5848
    CVSS Base Score: 5
    CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/88000 for the
current score
    CVSS Environmental Score*: Undefined
    CVSS Vector: (AV/N:AC/L:Au/N:C/N:I/P:A/N)

    CVEID: CVE-2013-5776
    CVSS Base Score: 5
    CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/87992 for the
current score
    CVSS Environmental Score*: Undefined
    CVSS Vector: (AV/N:AC/L:Au/N:C/N:I/P:A/N)

    CVEID: CVE-2013-5774
    CVSS Base Score: 5
    CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/87999 for the
current score
    CVSS Environmental Score*: Undefined
    CVSS Vector: (AV/N:AC/L:Au/N:C/N:I/P:A/N)

    CVEID: CVE-2013-5825
    CVSS Base Score: 5
    CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/87988 for the
current score
    CVSS Environmental Score*: Undefined
    CVSS Vector: (AV/N:AC/L:Au/N:C/N:I/N:A/P)

    CVEID: CVE-2013-5840
    CVSS Base Score: 5
    CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/87998 for the
current score
    CVSS Environmental Score*: Undefined
    CVSS Vector: (AV/N:AC/L:Au/N:C/P:I/N:A/N)

    CVEID: CVE-2013-5801
    CVSS Base Score: 5
    CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/87991 for the
current score
    CVSS Environmental Score*: Undefined
    CVSS Vector: (AV/N:AC/L:Au/N:C/P:I/N:A/N)

    CVEID: CVE-2013-5778
    CVSS Base Score: 5
    CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/87990 for the
current score
    CVSS Environmental Score*: Undefined
    CVSS Vector: (AV/N:AC/L:Au/N:C/P:I/N:A/N)

    CVEID: CVE-2013-5851
    CVSS Base Score: 5
    CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/87997 for the
current score
    CVSS Environmental Score*: Undefined
    CVSS Vector: (AV/N:AC/L:Au/N:C/P:I/N:A/N)

    CVEID: CVE-2013-5800
    CVSS Base Score: 4.3
    CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/88002 for the
current score
    CVSS Environmental Score*: Undefined
    CVSS Vector: (AV/N:AC/M:Au/N:C/P:I/N:A/N)

    CVEID: CVE-2013-5784
    CVSS Base Score: 4.3
    CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/88005 for the
current score
    CVSS Environmental Score*: Undefined
    CVSS Vector: (AV/N:AC/M:Au/N:C/N:I/P:A/N)
    
    CVEID: CVE-2013-5849
    CVSS Base Score: 4.3
    CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/88003 for the
current score
    CVSS Environmental Score*: Undefined
    CVSS Vector: (AV/N:AC/M:Au/N:C/P:I/N:A/N)

    CVEID: CVE-2013-5790
    CVSS Base Score: 4.3
    CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/88004 for the
current score
    CVSS Environmental Score*: Undefined
    CVSS Vector: (AV/N:AC/M:Au/N:C/P:I/N:A/N)

    CVEID: CVE-2013-5780
    CVSS Base Score: 4.3
    CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/88001 for the
current score
    CVSS Environmental Score*: Undefined
    CVSS Vector: (AV/N:AC/M:Au/N:C/P:I/N:A/N)

    CVEID: CVE-2013-5797
    CVSS Base Score: 3.5
    CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/88006 for the
current score
    CVSS Environmental Score*: Undefined
    CVSS Vector: (AV/N:AC/M:Au/S:C/N:I/P:A/N)

    CVEID: CVE-2013-5803
    CVSS Base Score: 2.6
    CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/88008 for the
current score
    CVSS Environmental Score*: Undefined
    CVSS Vector: (AV/N:AC/H:Au/N:C/N:I/N:A/P)

    CVEID: CVE-2013-5772
    CVSS Base Score: 2.6
    CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/88007 for the
current score
    CVSS Environmental Score*: Undefined
    CVSS Vector: (AV/N:AC/H:Au/N:C/N:I/P:A/N) 

| III. PLATFORM VULNERABILITY ASSESSMENT

|    To determine if your system is vulnerable, run the following commands for
the Java version
|    on your system:

|    # lslpp -l | grep Java | grep sdk
|    # lslpp -l | grep Java | grep jre

|   The following fileset levels (VRMF) are vulnerable, if the respective Java
version is installed:
|   For Java5: Less than 5.0.0.560
|   For Java6: Less than 6.0.0.435
|   For Java7: Less than 7.0.0.110

|   Java7 Release 1: 7.1.0.000 is NOT vulnerable

IV. FIXES

    AFFECTED PRODUCTS AND VERSIONS:
    AIX 5.3
    AIX 6.1
    AIX 7.1
    PowerSC 
|   VIOS 2.2.x

    REMEDIATION:
    IBM SDK, Java 2 Technology Edition, Version 5.0 Service Refresh 16 Fix Pack
4 and later
    32-bit: https://www14.software.ibm.com/webapp/iwm/web/
preLogin.do?source=dka&S_PKG=aix32j5b&S_TACT=105AGX05&S_CMP=JDK
    64-bit: https://www14.software.ibm.com/webapp/iwm/web/
preLogin.do?source=dka&S_PKG=aix64j5b&S_TACT=105AGX05&S_CMP=JDK

    IBM SDK, Java Technology Edition, Version 6 Service Refresh 15 and later
    32-bit: https://www14.software.ibm.com/webapp/iwm/web/
preLogin.do?source=dka&S_PKG=aix32j6b&S_TACT=105AGX05&S_CMP=JDK
    64-bit: https://www14.software.ibm.com/webapp/iwm/web/
preLogin.do?source=dka&S_PKG=aix64j6b&S_TACT=105AGX05&S_CMP=JDK

    IBM SDK, Java Technology Edition, Version 7 Service Refresh 6 and later
    32-bit: https://www14.software.ibm.com/webapp/iwm/web/
preLogin.do?source=dka&S_PKG=aix32j7b&S_TACT=105AGX05&S_CMP=JDK
    64-bit: https://www14.software.ibm.com/webapp/iwm/web/
preLogin.do?source=dka&S_PKG=aix64j7b&S_TACT=105AGX05&S_CMP=JDK

    To learn more about AIX support levels and Java service releases, see the
following:
    http://www.ibm.com/developerworks/java/jdk/aix/service.html#levels

V. WORKAROUNDS

    None

VI. CONTACT INFORMATION

    If you would like to receive AIX Security Advisories via email,
    please visit:

         http://www14.software.ibm.com/webapp/set2/subscriptions/onvdq 

    Comments regarding the content of this announcement can be
    directed to:

        security-alert@austin.ibm.com

    To request the PGP public key that can be used to communicate
    securely with the AIX Security Team you can either:

        A. Send an email with "get key" in the subject line to:

            security-alert@austin.ibm.com

        B. Download the key from a PGP Public Key Server. The key ID is:

            0x28BFAA12

    Please contact your local IBM AIX support center for any
    assistance.

    eServer is a trademark of International Business Machines
    Corporation.  IBM, AIX and pSeries are registered trademarks of
    International Business Machines Corporation.  All other trademarks
    are property of their respective holders.

VII. REFERENCES:

    Complete CVSS Guide: http://www.first.org/cvss/cvss-guide.html
    On-line Calculator V2:
http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2
    CVE-2013-5456: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5456
    CVE-2013-5457: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5457
    CVE-2013-5458: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5458 
    CVE-2013-4041: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4041 
    CVE-2013-5375: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5375
    CVE-2013-5372: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5372
    CVE-2013-5843: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5843
    CVE-2013-5789: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5789
    CVE-2013-5830: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5830
    CVE-2013-5829: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5829 
    CVE-2013-5787: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5787
    CVE-2013-5788: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5788
    CVE-2013-5824: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5824
    CVE-2013-5842: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5842
    CVE-2013-5782: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5782
    CVE-2013-5817: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5817
    CVE-2013-5809: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5809
    CVE-2013-5814: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5814
    CVE-2013-5832: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5832
    CVE-2013-5850: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5850
    CVE-2013-5838: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5838
    CVE-2013-5802: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5802
    CVE-2013-5812: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5812
    CVE-2013-5804: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5804
    CVE-2013-5783: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5783
    CVE-2013-3829: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3829
    CVE-2013-5823: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5823
    CVE-2013-5831: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5831
    CVE-2013-5820: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5820
    CVE-2013-5819: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5819
    CVE-2013-5818: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5818
    CVE-2013-5848: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5848
    CVE-2013-5776: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5776
    CVE-2013-5774: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5774
    CVE-2013-5825: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5825
    CVE-2013-5840: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5840
    CVE-2013-5801: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5801
    CVE-2013-5778: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5778
    CVE-2013-5851: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5851
    CVE-2013-5800: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5800
    CVE-2013-5784: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5784
    CVE-2013-5849: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5849
    CVE-2013-5790: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5790
    CVE-2013-5780: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5780
    CVE-2013-5797: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5797
    CVE-2013-5803: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5803
    CVE-2013-5772: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5772

    *The CVSS Environment Score is customer environment specific and will
    ultimately impact the Overall CVSS Score. Customers can evaluate the
    impact of this vulnerability in their environments by accessing the links
    in the Reference section of this Flash.

    Note: According to the Forum of Incident Response and Security Teams
    (FIRST), the Common Vulnerability Scoring System (CVSS) is an "industry
    open standard designed to convey vulnerability severity and help to
    determine urgency and priority of response." IBM PROVIDES THE CVSS SCORES
    "AS IS" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF
    MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE
    RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY
    VULNERABILITY.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (AIX)

iEYEARECAAYFAlLvxe4ACgkQ4fmd+Ci/qhIyJwCghirbKIbzL2db7Xa9FO8OqgQE
6OsAni19Xm6ZmA0RHMjPG46p/4wk8p8D
=rWHF
-----END PGP SIGNATURE-----
Doc number: 3373 Published date: 20140203

Rate this page:

(0 users)Average rating

Document information


More support for:

AIX family

Operating system(s):

aix tools

Reference #:

SSRVPOAIX61SECURITY1
40203-1133

Modified date:

2014-02-03

Translate my page

Machine Translation

Content navigation