CVE-2013-2035

Published Aug 28, 2013

Last updated 10 years ago

CVSS info 4.4

Overview

Description: Race condition in hawtjni-runtime/src/main/java/org/fusesource/hawtjni/runtime/Library.java in HawtJNI before 1.8, when a custom library path is not specified, allows local users to execute arbitrary Java code by overwriting a temporary JAR file with a predictable name in /tmp.
Source: secalert@redhat.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.4
Impact score: 6.4
Exploitability score: 3.4
Vector string: AV:L/AC:M/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-94

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:redhat:hawtjni:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "769B44C8-CDCD-4C7D-8973-5C5DDAA9094F",
            "versionEndIncluding": "1.7"
          },
          {
            "criteria": "cpe:2.3:a:redhat:hawtjni:1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "25DBA7F9-4177-4AF8-AAD5-DC4027F020DC"
          },
          {
            "criteria": "cpe:2.3:a:redhat:hawtjni:1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2E4FD38A-4D4F-4369-B6E2-AD2E50A8F889"
          },
          {
            "criteria": "cpe:2.3:a:redhat:hawtjni:1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A1966148-E36A-427B-90FF-E7250C3D7645"
          },
          {
            "criteria": "cpe:2.3:a:redhat:hawtjni:1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F332821B-AFD7-41B1-AFE5-ECEE08C2D8BF"
          },
          {
            "criteria": "cpe:2.3:a:redhat:hawtjni:1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "83996644-8ED7-4678-8CB9-8CA3D4C40025"
          },
          {
            "criteria": "cpe:2.3:a:redhat:hawtjni:1.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1D8632FC-0843-4C52-BB67-BD5181FF2293"
          },
          {
            "criteria": "cpe:2.3:a:redhat:hawtjni:1.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "27A5B63E-1CD9-4D57-A46B-A196683604FD"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References