Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBMEB3A4A20C4DFE5B47A1C4EEC58A68693027B5C7A19A76A6B6FAE9E3EFEBFC784
HistorySep 25, 2022 - 11:13 p.m.

Security Bulletin: The IBM Data Studio Help System may display debug information if an input parameter is out of range.

2022-09-2523:13:40
www.ibm.com
6
ibm data studio
eclipse 3.6
vulnerability
debug information
input parameter
out-of-range
microsoft windows
linux
upgrade
information center

EPSS

0.003

Percentile

69.1%

JSON

Abstract

IBM Data Studio version 3.1.1 and 3.2 include Eclipse 3.6 components that provide functionality to display the help. These components have a potential vulnerability where debug information may be displayed if an input parameter is out of range.

Content

VULNERABILITY DETAILS: CVE ID:****
CVE-2013-0599

CVSS:_ _
CVSS Base Score: 5.0
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/83613 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/AU:N/C:P/I:N/A:N)

AFFECTED PRODUCTS:
IBM Data Studio v3.1.1 and v3.2 running on Microsoft Windows or Linux operating systems.

REMEDIATION: Fix(es):
Upgrade to IBM Data Studio v4.1 at http://www.ibm.com/developerworks/downloads/im/data/

Workaround(s):
Use the publicly available Data Studio v4.1 Information Center at http://pic.dhe.ibm.com/infocenter/dstudio/v4r1/index.jsp

Mitigations(s):
None known.

REFERENCES:
ยท Complete CVSS Guide_ _
ยท On-line Calculator V2
ยท X-Force Vulnerability Database (83613)_ _
ยท CVE-2013-0599

RELATED INFORMATION:
IBM Secure Engineering Web Portal
IBM Product Security Incident Response Program

CHANGE HISTORY:
14 June 2013: Original publication

_*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Flash. _

_Note: _According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an โ€œindustry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.โ€ IBM PROVIDES THE CVSS SCORES โ€œAS ISโ€ WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.

[{โ€œProductโ€:{โ€œcodeโ€:โ€œSS62YDโ€,โ€œlabelโ€:โ€œIBM Data Studioโ€},โ€œBusiness Unitโ€:{โ€œcodeโ€:โ€œBU059โ€,โ€œlabelโ€:โ€œIBM Software w/o TPSโ€},โ€œComponentโ€:โ€œGeneralโ€,โ€œPlatformโ€:[{โ€œcodeโ€:โ€œPF016โ€,โ€œlabelโ€:โ€œLinuxโ€},{โ€œcodeโ€:โ€œPF033โ€,โ€œlabelโ€:โ€œWindowsโ€}],โ€œVersionโ€:โ€œ3.1.1;3.2โ€,โ€œEditionโ€:โ€œโ€,โ€œLine of Businessโ€:{โ€œcodeโ€:โ€œLOB10โ€,โ€œlabelโ€:โ€œData and AIโ€}}]

Related

ibm 14
prion 1
nvd 1
cvelist 1
cve 1
nessus 1
ibm
ibm
Security Bulletin: The embedded help system in IBM InfoSphere Streams contains a potential vulnerability (CVE-2013-0599)
2022-09-25 21:06:56
Security Bulletin: Vulnerability in Rational Rhapsody Help System (CVE-2013-0599) affecting Rational Rhapsody and Rational Rhapsody Design Manager
2022-05-27 20:55:12
Security Bulletin: Vulnerability in Rational Directory Server help files system with potential for debug info in error message (CVE-2013-0599)
2018-06-17 04:45:16
prion
prion
Code injection
2013-05-28 16:55:00
nvd
nvd
CVE-2013-0599
2013-05-28 16:55:01
cvelist
cvelist
CVE-2013-0599
2013-05-28 16:00:00
cve
cve
CVE-2013-0599
2013-05-28 16:55:01
nessus
nessus
IBM WebSphere Application Server 8.5 < Fix Pack 8.5.5.1 Multiple Vulnerabilities
2013-12-05 00:00:00

EPSS

0.003

Percentile

69.1%

JSON
Related for EB3A4A20C4DFE5B47A1C4EEC58A68693027B5C7A19A76A6B6FAE9E3EFEBFC784
ibm14prion1nvd1cvelist1cve1nessus1