Published: 13/02/2015 Updated: 30/10/2018

CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9

VMScore: 410

Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

Jython 2.2.1 uses the current umask to set the privileges of the class cache files, which allows local users to bypass intended access restrictions via unspecified vectors.

Vulnerable Product	Search on Vulmon	Subscribe to Product
opensuse opensuse 13.1
opensuse opensuse 13.2
jython project jython 2.2.1

Debian Bug report logs - #777079 jython: CVE-2013-2027 Package: src:jython; Maintainer for src:jython is Debian Java Maintainers <pkg-java-maintainers@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 4 Feb 2015 20:12:01 UTC Severity: important Tags: security, upstream Found ...

Jython 221 uses the current umask to set the privileges of the class cache files, which allows local users to bypass intended access restrictions via unspecified vectors ...

CWE-264 https://bugzilla.redhat.com/show_bug.cgi?id=947949 http://lists.opensuse.org/opensuse-updates/2015-02/msg00055.html http://www.mandriva.com/security/advisories?name=MDVSA-2015:158 http://advisories.mageia.org/MGASA-2015-0096.html http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777079 https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2013-2027

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2013-2027

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect