Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-2027

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2013-2027
Last Modified 09 Apr 2015 09:59:01
Published 13 Feb 2015 10:59:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2013-2027

Summary

Jython 2.2.1 uses the current umask to set the privileges of the class cache files, which allows local users to bypass intended access restrictions via unspecified vectors.

Vulnerable Systems

Operating System

  • Novell Opensuse 13.1

  • Novell Opensuse 13.2

Application

  • Jython Project Jython 2.2.1


References

MISC - https://bugzilla.redhat.com/show_bug.cgi?id=947949

SUSE - openSUSE-SU-2015:0269

MANDRIVA - MDVSA-2015:158

CONFIRM - http://advisories.mageia.org/MGASA-2015-0096.html


Last Updated: 27 May 2016 11:08:20