Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2013-3009

The com.ibm.CORBA.iiop.ClientDelegate class in IBM Java 1.4.2 before 1.4.2 SR13-FP18, 5.0 before 5.0 SR16-FP3, 6 before 6 SR14, 6.0.1 before 6.0.1 SR6, and 7 before 7 SR5 improperly exposes the invoke method of the java.lang.reflect.Method class, which allows remote attackers to call setSecurityManager and bypass a sandbox protection mechanism via vectors related to the AccessController doPrivileged block.

  • Published: Jul 23, 2013
  • Updated: Apr 13, 2023
  • CVE: CVE-2013-3009
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 9.3
  • AV:N/AC:M/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Software From Fixed in
ibm / java 1.4.2.13.16 1.4.2.13.16.x
ibm / java 1.4.2.13.14 1.4.2.13.14.x
ibm / java 1.4.2 1.4.2.x
ibm / java 1.4.2.13.5 1.4.2.13.5.x
ibm / java 1.4.2.13.13 1.4.2.13.13.x
ibm / java 1.4.2.13.4 1.4.2.13.4.x
ibm / java 1.4.2.13.11 1.4.2.13.11.x
ibm / java 1.4.2.13.9 1.4.2.13.9.x
ibm / java 1.4.2.13.15 1.4.2.13.15.x
ibm / java 1.4.2.13.2 1.4.2.13.2.x
ibm / java 1.4.2.13.7 1.4.2.13.7.x
ibm / java 1.4.2.13 1.4.2.13.x
ibm / java 1.4.2.13.6 1.4.2.13.6.x
ibm / java 1.4.2.13.10 1.4.2.13.10.x
ibm / java 1.4.2.13.1 1.4.2.13.1.x
ibm / java 1.4.2.13.12 1.4.2.13.12.x
ibm / java 1.4.2.13.8 1.4.2.13.8.x
ibm / java 1.4.2.13.17 1.4.2.13.17.x
ibm / java 1.4.2.13.3 1.4.2.13.3.x
ibm / java 7.0.0.0 7.0.0.0.x
ibm / java 7.0.2.0 7.0.2.0.x
ibm / java 7.0.4.2 7.0.4.2.x
ibm / java 7.0.1.0 7.0.1.0.x
ibm / java 7.0.4.1 7.0.4.1.x
ibm / java 7.0.3.0 7.0.3.0.x
ibm / java 7.0.4.0 7.0.4.0.x
ibm / java 6.0.3.0 6.0.3.0.x
ibm / java 6.0.9.0 6.0.9.0.x
ibm / java 6.0.13.0 6.0.13.0.x
ibm / java 6.0.10.1 6.0.10.1.x
ibm / java 6.0.10.0 6.0.10.0.x
ibm / java 6.0.13.2 6.0.13.2.x
ibm / java 6.0.6.0 6.0.6.0.x
ibm / java 6.0.1.0 6.0.1.0.x
ibm / java 6.0.9.1 6.0.9.1.x
ibm / java 6.0.12.0 6.0.12.0.x
ibm / java 6.0.8.1 6.0.8.1.x
ibm / java 6.0.11.0 6.0.11.0.x
ibm / java 6.0.5.0 6.0.5.0.x
ibm / java 6.0.7.0 6.0.7.0.x
ibm / java 6.0.2.0 6.0.2.0.x
ibm / java 6.0.13.1 6.0.13.1.x
ibm / java 6.0.4.0 6.0.4.0.x
ibm / java 6.0.9.2 6.0.9.2.x
ibm / java 6.0.8.0 6.0.8.0.x
ibm / java 6.0.0.0 6.0.0.0.x
ibm / java 5.0.12.2 5.0.12.2.x
ibm / java 5.0.12.3 5.0.12.3.x
ibm / java 5.0.0.0 5.0.0.0.x
ibm / java 5.0.14.0 5.0.14.0.x
ibm / java 5.0.11.0 5.0.11.0.x
ibm / java 5.0.16.0 5.0.16.0.x
ibm / java 5.0.12.1 5.0.12.1.x
ibm / java 5.0.13.0 5.0.13.0.x
ibm / java 5.0.16.2 5.0.16.2.x
ibm / java 5.0.12.4 5.0.12.4.x
ibm / java 5.0.11.2 5.0.11.2.x
ibm / java 5.0.11.1 5.0.11.1.x
ibm / java 5.0.16.1 5.0.16.1.x
ibm / java 5.0.12.0 5.0.12.0.x
ibm / java 5.0.12.5 5.0.12.5.x
ibm / java 5.0.15.0 5.0.15.0.x