Security Bulletin: Rational Host On-Demand clients affected by vulnerabilities in IBM JRE

Security Bulletin


Summary

IBM Rational Host On-Demand provides a Java JRE as part of its server package for clients to download and install on client machines. The vulnerabilities are only applicable to client-side Java deployments where untrusted code may be executed (such as Java applets running in a web browser). Server applications such as Host On-Demand server are not vulnerable.

Vulnerability Details

Subscribe to My Notifications to be notified of important product support alerts like this.
  • Follow this link for more information (requires login with your IBM ID)

CVE ID: CVE-2013-3012, CVE-2013-3011, CVE-2013-3010, CVE-2013-3009, CVE-2013-3008, CVE-2013-3007, CVE-2013-3006, CVE-2013-2455, CVE-2013-2436, CVE-2013-2467, CVE-2013-2466, CVE-2013-2468, CVE-2013-2462, CVE-2013-3743, CVE-2013-2400, CVE-2013-3744, CVE-2013-1571, CVE-2013-2437, CVE-2013-2443, CVE-2013-1500, CVE-2013-2442, CVE-2013-4002

Description: There are a number of vulnerabilities in the IBM JAVA SDK versions that affect various components, some of the issues need to be combined in sequence to achieve an exploit. This occurs when the affected JRE is installed as the system JRE.

This advisory is only applicable to client-side Java deployments where untrusted code may be executed (such as Java applets running in a web browser).

The vulnerabilities work by exploiting weaknesses in the internal implementation of various IBM SDK components. Some of the weaknesses need to be combined in sequence to achieve an exploit. All of the issues are only applicable to scenarios in which untrusted code is executed under a security manager. The exploits allow untrusted code to elevate its privileges by modifying or removing the security manager.
The most common vulnerable use case is a JRE running an untrusted Java applet or Java Web Start application. This occurs when the affected JRE is installed as the system JRE.


CVEID: CVE-2013-2436
CVSS Base Score: 9.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/83575
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-2455
CVSS Base Score: 5
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/84146
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)

CVEID: CVE-2013-3006
CVSS Base Score: 9.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/84147
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-3007
CVSS Base Score: 9.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/84148
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-3008
CVSS Base Score: 9.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/84149
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-3009
CVSS Base Score: 9.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/84150
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-3010
CVSS Base Score: 9.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/84151
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-3011
CVSS Base Score: 9.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/84152
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-3012
CVSS Base Score: 9.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/84153
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-2467
CVSS Base Score: 6.9
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/85043
CVSS Vector: (AV:L/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-2466
CVSS Base Score: 10
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/85035
CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C

CVEID: CVE-2013-2468
CVSS Base Score: 10
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/85034
CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-2462
CVSS Base Score: 9.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/85037
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-3743
CVSS Base Score: 9.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/85036
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

CVEID: CVE-2013-2400
CVSS Base Score: 5
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/85050
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)

CVEID: CVE-2013-3744
CVSS Base Score: 5
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/85051
CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)

CVEID: CVE-2013-1571
CVSS Base Score: 4.3
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/84715
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:P/A:N)

CVEID: CVE-2013-2437
CVSS Base Score: 5
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/85049
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N

CVEID: CVE-2013-2443
CVSS Base Score: 5
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/85054
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)

CVEID: CVE-2013-1500
CVSS Base Score: 3.6
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/85062
CVSS Vector: (AV:L/AC:L/Au:N/C:P/I:P/A:N)

CVEID: CVE-2013-2442
CVSS Base Score: 7.5
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/85041
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P)

CVEID: CVE-2013-4002
CVSS Base Score: 7.1
CVSS Temporal Score: See http://xforce.iss.net/xforce/xfdb/85260
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:C)

Affected Products

IBM JRE shipped with Host On-Demand 11.0.0. Through 11.0.8

Remediation/Fixes

Upgrade IBM JRE to 1.7 SR5 or later on the client machines or switch to the Oracle JRE.

Review technote 1317268: How to replace the IBM JRE on the Host On-Demand Server for more details.

Workarounds/Mitigations

Do not visit untrusted websites while the browser has a vulnerable JRE enabled.

References:

Complete CVSS Guide
On-line Calculator V2


ACKNOWLEDGEMENT:
None

Related information

IBM Secure Engineering Web Portal
IBM Product Security Incident Response Blog

Change History

* 18 July 2013: Original copy published

*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.

Note: According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an "industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response." IBM PROVIDES THE CVSS SCORES "AS IS" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.

Rate this page:

(0 users)Average rating

Add comments

Document information


More support for:

Rational Host On-Demand
General Information

Software version:

11.0, 11.0.1.0, 11.0.2.0, 11.0.3.0, 11.0.4.0, 11.0.5.0, 11.0.5.1, 11.0.6, 11.0.6.1, 11.0.7, 11.0.8

Operating system(s):

Windows

Reference #:

1644197

Modified date:

2013-07-18

Translate my page

Machine Translation

Content navigation