Security Bulletin: Vulnerabilities in Rational Functional Tester versions 8.x due to security vulnerabilities in IBM JRE 7.0 Service Release 4 Fix Pack 1 or earlier, and non-IBM Java 7.0

Security Bulletin


Summary

Multiple security vulnerabilities exist in the Java Runtime Environments (JREs) IBM JRE 7.0 Service Release 4 Fix Pack 1 or earlier, and non-IBM Java 7.0 or earlier, that can affect the security of Rational Functional Tester.

Vulnerability Details

Subscribe to My Notifications to be notified of important product support alerts like this.
  • Follow this link for more information (requires login with your IBM ID)

CVEID: CVE-2013-2422

Description: Remote attackers can affect confidentiality, integrity, and availability via unknown vectors related to Libraries.

CVSS Base Score: 10
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/83570
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

CVEID: CVE-2013-1491

Description: Remote attackers can execute arbitrary code via vectors related to 2D.

CVSS Base Score: 9.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/82820
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

CVEID: CVE-2013-2420

Description: Remote attackers can affect confidentiality, integrity, and availability via unknown vectors related to 2D.

CVSS Base Score: 9.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/83560
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

CVEID: CVE-2013-2432

Description: Remote attackers can affect confidentiality, integrity, and availability via unknown vectors related to 2D. This vulnerability is different from CVE-2013-2394 and CVE-2013-1491.

CVSS Base Score: 10
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/83559
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

CVEID: CVE-2013-2425

Description: Remote attackers can affect confidentiality, integrity, and availability via unknown vectors related to Install.

CVSS Base Score: 10
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/83565
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

CVEID: CVE-2013-2434

Description: Remote attackers can affect confidentiality, integrity, and availability via unknown vectors related to 2D.

CVSS Base Score: 9.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/83558
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

CVEID: CVE-2013-1569

Description: Remote attackers can affect confidentiality, integrity, and availability via unknown vectors related to 2D.

CVSS Base Score: 9.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/83557
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

CVEID: CVE-2013-2384

Description: Remote attackers can affect confidentiality, integrity, and availability via unknown vectors related to 2D, This vulnerability is different from CVE-2013-1569, CVE-2013-2383, and CVE-2013-2420.

CVSS Base Score: 9.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb//83556
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

CVEID: CVE-2013-2383

Description: Remote attackers can affect confidentiality, integrity, and availability via unknown vectors related to 2D. This vulnerability is different from CVE-2013-1569, CVE-2013-2384, and CVE-2013-2420.

CVSS Base Score: 9.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/83555
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-1557

Description: Remote attackers can affect confidentiality, integrity, and availability via vectors related to RMI.

CVSS Base Score: 10
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/83572
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

CVEID: CVE-2013-1558

Description: Remote attackers can affect confidentiality, integrity, and availability via unknown vectors related to Beans.

CVSS Base Score: 10
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/83561
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

CVEID: CVE-2013-2440

Description: Remote attackers can affect confidentiality, integrity, and availability via unknown vectors related to Deployment. This vulnerability is different from CVE-2013-2435.

CVSS Base Score: 10
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/83562
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

CVEID: CVE-2013-1518

Description: Remote attackers can affect confidentiality, integrity, and availability via vectors related to JAXP.

CVSS Base Score: 10
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/83566
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

CVEID: CVE-2013-1488

Description: Remote attackers can execute arbitrary code via unspecified vectors involving reflection, Libraries, "improper toString calls," and the JDBC driver manager.

CVSS Base Score: 9.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/82821
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

CVEID: CVE-2013-2421

Description: Remote attackers can affect confidentiality, integrity, and availability via unknown vectors related to HotSpot.

CVSS Base Score: 9.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/83573
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

CVEID: CVE-2013-2426

Description: Remote attackers can affect confidentiality, integrity, and availability via unknown vectors related to Libraries.

CVSS Base Score: 9.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/83574
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

CVEID: CVE-2013-2436

Description: Remote attackers can affect confidentiality, integrity, and availability via unknown vectors related to Libraries. This vulnerability is different from CVE-2013-1488 and CVE-2013-2426.

CVSS Base Score: 9.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/83575
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

CVEID: CVE-2013-2429

Description: Remote attackers can affect confidentiality, integrity, and availability via unknown vectors related to ImageIO.

CVSS Base Score: 7.6
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/83578
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C

CVEID: CVE-2013-2430

Description: Remote attackers can affect confidentiality, integrity, and availability via unknown vectors related to ImageIO.

CVSS Base Score: 7.6
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/83577
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C

CVEID: CVE-2013-1563

Description: Remote attackers can affect confidentiality, integrity, and availability via unknown vectors related to Install.

CVSS Base Score: 7.6
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/83579
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C

CVEID: CVE-2013-2394

Description: Remote attackers can affect confidentiality, integrity, and availability via unknown vectors related to 2D. This vulnerability is different from CVE-2013-2432 and CVE-2013-1491.

CVSS Base Score: 9.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/83576
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

CVEID: CVE-2013-0401

Description: Remote attackers can execute arbitrary code via vectors related to AWT.

CVSS Base Score: 9.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/82823
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

CVEID: CVE-2013-2438

Description: Remote attackers can affect integrity via unknown vectors related to JavaFX.

CVSS Base Score: 5.0
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/83585
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

CVEID: CVE-2013-2424

Description: Remote attackers can affect confidentiality via vectors related to JMX.

CVSS Base Score: 5.0
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/83582
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

CVEID: CVE-2013-2419

Description: Remote attackers can affect availability via unknown vectors related to 2D.

CVSS Base Score: 9.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/83581
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

CVEID: CVE-2013-2417

Description: Remote attackers can affect availability via unknown vectors related to Networking.

CVSS Base Score: 5.0
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/83586
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

CVEID: CVE-2013-2418

Description: Local users can affect confidentiality, integrity, and availability via unknown vectors related to Deployment.

CVSS Base Score: 4.6
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/83587
CVSS Environmental Score*: Undefined
CVSS Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

CVEID: CVE-2013-1540

Description: Remote attackers can affect integrity via unknown vectors related to Deployment. This vulnerability is different from CVE-2013-2433.

CVSS Base Score: 4.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/83590
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

CVEID: CVE-2013-2423

Description: Remote attackers can affect integrity via unknown vectors related to HotSpot.

CVSS Base Score: 9.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/83591
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

CVEID: CVE-2013-2433

Description: Remote attackers can affect integrity via unknown vectors related to Deployment. This vulnerability is different from CVE-2013-1540.

CVSS Base Score: 4.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/83589
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

CVEID: CVE-2013-2416

Description: Remote attackers can affect integrity via unknown vectors related to Deployment.

CVSS Base Score: 4.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/83588
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

CVEID: CVE-2013-2415

Description: Local users can affect confidentiality via vectors related to JAX-WS.

CVSS Base Score: 2.1
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/83592
CVSS Environmental Score*: Undefined
CVSS Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N

CVEID: CVE-2013-3012

Description: Remote attackers can affect confidentiality, availability, and integrity via unknown vectors. This vulnerability is different from CVE-2013-3009 and CVE-2013-3011.

CVSS Base Score: 9.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/84153
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

CVEID: CVE-2013-3011

Description: Remote attackers can affect confidentiality, availability, and integrity via unknown vectors. This vulnerability is different from CVE-2013-3009 and CVE-2013-3012.

CVSS Base Score: 9.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/84152
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

CVEID: CVE-2013-3010

Description: Remote attackers can affect confidentiality, availability, and integrity via unknown vectors. This vulnerability is different from CVE-2013-3007.

CVSS Base Score: 9.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/84151
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

CVEID: CVE-2013-3009

Description: Remote attackers can affect confidentiality, availability, and integrity via unknown vectors. This vulnerability is different from CVE-2013-3011 and CVE-2013-3012.

CVSS Base Score: 9.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/84150
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

CVEID: CVE-2013-3008

Description: Remote attackers can affect confidentiality, availability, and integrity via unknown vectors. This vulnerability is different from CVE-2013-3006.

CVSS Base Score: 9.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/84149
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

CVEID: CVE-2013-3007

Description: Remote attackers to affect confidentiality, availability, and integrity via unknown vectors. This vulnerability is different from CVE-2013-3006.

CVSS Base Score: 9.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/84148
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

CVEID: CVE-2013-3006

Description: Remote attackers to affect confidentiality, availability, and integrity via unknown vectors. This vulnerability is different from CVE-2013-3008.

CVSS Base Score: 9.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/84147
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

CVEID: CVE-2013-2455

Description: Remote attackers can affect confidentiality via unknown vectors related to Libraries. This vulnerability is different from CVE-2013-2443 and CVE-2013-2452.

CVSS Base Score: 5.0
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/84146
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

CVEID: CVE-2013-2436

Description: Remote attackers can affect confidentiality, integrity, and availability via unknown vectors related to Libraries. This vulnerability is different from CVE-2013-1488 and CVE-2013-2426.

CVSS Base Score: 9.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/83575
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C


CVEID: CVE-2013-1571

Description: Remote attackers can affect integrity via unknown vectors related to Javadoc.

CVSS Base Score: 4.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/84715
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N


CVEID: CVE-2013-2468

Description: Remote attackers can affect confidentiality, integrity, and availability via unknown vectors related to Deployment. This vulnerability is different from CVE-2013-2442 and CVE-2013-2466.

CVSS Base Score: 10
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/85034
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C


CVEID: CVE-2013-2469

Description: Remote attackers can affect confidentiality, integrity, and availability via unknown vectors related to 2D.

CVSS Base Score: 10
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/85032
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C


CVEID: CVE-2013-2465

Description: Remote attackers can affect confidentiality, integrity, and availability via unknown vectors related to 2D.

CVSS Base Score: 10
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/85031
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C


CVEID: CVE-2013-2464

Description: Remote attackers can affect confidentiality, integrity, and availability via unknown vectors related to 2D. This vulnerability is different from CVE-2013-2463, CVE-2013-2465, CVE-2013-2469, CVE-2013-2470, CVE-2013-2471, CVE-2013-2472, and CVE-2013-2473.

CVSS Base Score: 10
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/85030
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C


CVEID: CVE-2013-2463

Description: Remote attackers can affect confidentiality, integrity, and availability via unknown vectors related to 2D.

CVSS Base Score: 10
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/85029
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C


CVEID: CVE-2013-2473

Description: Remote attackers can affect confidentiality, integrity, and availability via unknown vectors related to 2D.

CVSS Base Score: 10
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/85028
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C


CVEID: CVE-2013-2472

Description: Remote attackers can affect confidentiality, integrity, and availability via unknown vectors related to 2D.

CVSS Base Score: 10
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/85027
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C


CVEID: CVE-2013-2471

Description: Remote attackers can affect confidentiality, integrity, and availability via unknown vectors related to 2D.

CVSS Base Score: 10
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/85026
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C


CVEID: CVE-2013-2470

Description: Remote attackers can affect confidentiality, integrity, and availability via unknown vectors related to 2D.

CVSS Base Score: 10
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/85025
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C


CVEID: CVE-2013-2459

Description: Remote attackers can affect confidentiality, integrity, and availability via vectors related to AWT.

CVSS Base Score: 10
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/85033
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C


CVEID: CVE-2013-2466

Description: Remote attackers can affect confidentiality, integrity, and availability via unknown vectors related to Deployment. This vulnerability is different from CVE-2013-2442 and CVE-2013-2468.

CVSS Base Score: 10
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/85035
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C


CVEID: CVE-2013-2462

Description: Remote attackers can affect confidentiality, integrity, and availability via unknown vectors related to Deployment.

CVSS Base Score: 9.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/85037
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C


CVEID: CVE-2013-2460

Description: Remote attackers can affect confidentiality, integrity, and availability via unknown vectors related to Serviceability.

CVSS Base Score: 9.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/85038
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C


CVEID: CVE-2013-3743

Description: Remote attackers can affect confidentiality, integrity, and availability via vectors related to AWT.

CVSS Base Score: 9.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/85036
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C


CVEID: CVE-2013-2448

Description: Remote attackers can affect confidentiality, integrity, and availability via unknown vectors related to Sound.

CVSS Base Score: 7.6
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/85040
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C


CVEID: CVE-2013-2442

Description: Remote attackers can affect confidentiality, integrity, and availability via unknown vectors related to Deployment. This vulnerability is different from CVE-2013-2466 and CVE-2013-2468.

CVSS Base Score: 7.5
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/85041
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P


CVEID: CVE-2013-2454

Description: Remote attackers can affect confidentiality and integrity via vectors related to JDBC.

CVSS Base Score: 5.8
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/85045
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N


CVEID: CVE-2013-2458

Description: Remote attackers can affect confidentiality and integrity via unknown vectors related to Libraries.

CVSS Base Score: 5.8
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/85046
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N


CVEID: CVE-2013-3744

Description: Remote attackers can affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-2400.

CVSS Base Score: 5.0
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/85051
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N


CVEID: CVE-2013-2400

Description: Remote attackers can affect integrity via unknown vectors related to Deployment. This vulnerability is different from CVE-2013-3744.

CVSS Base Score: 5.0
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/85050
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N


CVEID: CVE-2013-2456

Description: Remote attackers can affect confidentiality via unknown vectors related to Serialization.

CVSS Base Score: 5.0
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/85058
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N


CVEID: CVE-2013-2453

Description: Remote attackers can affect integrity via vectors related to JMX.

CVSS Base Score: 5.0
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/85053
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N


CVEID: CVE-2013-2457

Description: Remote attackers can affect integrity via vectors related to JMX.

CVSS Base Score: 5.0
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/85052
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N


CVEID: CVE-2013-2455

Description: Remote attackers can affect confidentiality via unknown vectors related to Libraries, a different vulnerability than CVE-2013-2443 and CVE-2013-2452.

CVSS Base Score: 5.0
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/84146
CVSS Environmental Score*: 3.7
CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N


CVEID: CVE-2013-2412

Description: Remote attackers can affect confidentiality via unknown vectors related to Serviceability.

CVSS Base Score: 5.0
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/85059
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N


CVEID: CVE-2013-2443

Description: Remote attackers can affect confidentiality via unknown vectors related to Libraries, a different vulnerability than CVE-2013-2452 and CVE-2013-2455.

CVSS Base Score: 5.0
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/85054
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N


CVEID: CVE-2013-2447

Description: Remote attackers can affect confidentiality via unknown vectors related to Networking.

CVSS Base Score: 5.0
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/85056
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N


CVEID: CVE-2013-2437

Description: Remote attackers can affect confidentiality via unknown vectors related to Deployment.

CVSS Base Score: 5.0
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/85049
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N


CVEID: CVE-2013-2444

Description: Remote attackers can affect availability via vectors related to AWT.

CVSS Base Score: 5.0
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/85047
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P


CVEID: CVE-2013-2452

Description: Remote attackers can affect confidentiality via unknown vectors related to Libraries, a different vulnerability than CVE-2013-2443 and CVE-2013-2455.

CVSS Base Score: 5.0
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/85055
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N


CVEID: CVE-2013-2446

Description: Remote attackers can affect confidentiality via vectors related to CORBA.

CVSS Base Score: 5.0
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/85048
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N


CVEID: CVE-2013-2450

Description: Remote attackers can affect availability via unknown vectors related to Serialization.

CVSS Base Score: 5.0
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/85057
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P


CVEID: CVE-2013-2449

Description: Remote attackers can affect confidentiality via unknown vectors related to Libraries.

CVSS Base Score: 4.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/85060
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N


CVEID: CVE-2013-2451

Description: Local users can affect confidentiality, integrity, and availability via unknown vectors related to Networking.

CVSS Base Score: 3.7
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/85061
CVSS Environmental Score*: Undefined
CVSS Vector: AV:L/AC:H/Au:N/C:P/I:P/A:P


CVEID: CVE-2013-1500

Description: Local users can affect confidentiality and integrity via unknown vectors related to 2D.

CVSS Base Score: 3.6
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/85062
CVSS Environmental Score*: Undefined
CVSS Vector: AV:L/AC:L/Au:N/C:P/I:P/A:N


CVEID: CVE-2013-4002

Description: Remote attackers can affect availability via unknown vectors.

CVSS Base Score: 7.1
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/85260
CVSS Environmental Score*: Undefined
CVSS Vector: AV:N/AC:M/Au:N/C:N/I:N/A:C

Affected Products and Versions

Versions 8.0 through 8.5 of Rational Functional Tester are affected.

Remediation/Fixes

Fixes are available in IBM JRE 7.0 Service Release 5 and in the latest Java 7.0 patches. You can download from the IBM Java website and configure RFT to use it.

Upgrade to Rational Functional Tester 8.5.1.1 which ships with IBM Java 7.0 Service Release 6 and addresses this security issue.

Workarounds and Mitigations

None

References

Related information

Acknowledgement

None

Change History

* 30 August 2013 - Original copy published

*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.

Disclaimer

According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an "industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.

Rate this page:

(0 users)Average rating

Document information


More support for:

Rational Functional Tester
General Information

Software version:

8.0, 8.0.0.1, 8.0.0.2, 8.0.0.3, 8.0.0.4, 8.1, 8.1.0.1, 8.1.0.2, 8.1.0.3, 8.1.1, 8.1.1.1, 8.1.1.2, 8.1.1.3, 8.2, 8.2.0.1, 8.2.0.2, 8.2.1, 8.2.1.1, 8.2.2, 8.2.2.1, 8.3, 8.3.0.1, 8.3.0.2, 8.5, 8.5.0.1, 8.5.1

Operating system(s):

Linux, Windows

Reference #:

1642768

Modified date:

2013-08-30

Translate my page

Machine Translation

Content navigation