CVE-2013-2035
Published Aug 28, 2013
Last updated 10 years ago
Overview
- Description
- Race condition in hawtjni-runtime/src/main/java/org/fusesource/hawtjni/runtime/Library.java in HawtJNI before 1.8, when a custom library path is not specified, allows local users to execute arbitrary Java code by overwriting a temporary JAR file with a predictable name in /tmp.
- Source
- secalert@redhat.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4.4
- Impact score
- 6.4
- Exploitability score
- 3.4
- Vector string
- AV:L/AC:M/Au:N/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-94
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:hawtjni:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "769B44C8-CDCD-4C7D-8973-5C5DDAA9094F",
"versionEndIncluding": "1.7"
},
{
"criteria": "cpe:2.3:a:redhat:hawtjni:1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "25DBA7F9-4177-4AF8-AAD5-DC4027F020DC"
},
{
"criteria": "cpe:2.3:a:redhat:hawtjni:1.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2E4FD38A-4D4F-4369-B6E2-AD2E50A8F889"
},
{
"criteria": "cpe:2.3:a:redhat:hawtjni:1.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A1966148-E36A-427B-90FF-E7250C3D7645"
},
{
"criteria": "cpe:2.3:a:redhat:hawtjni:1.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F332821B-AFD7-41B1-AFE5-ECEE08C2D8BF"
},
{
"criteria": "cpe:2.3:a:redhat:hawtjni:1.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "83996644-8ED7-4678-8CB9-8CA3D4C40025"
},
{
"criteria": "cpe:2.3:a:redhat:hawtjni:1.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1D8632FC-0843-4C52-BB67-BD5181FF2293"
},
{
"criteria": "cpe:2.3:a:redhat:hawtjni:1.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "27A5B63E-1CD9-4D57-A46B-A196683604FD"
}
],
"operator": "OR"
}
]
}
]