Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2014-6549

Опубликовано: 20 янв. 2015
Источник: redhat
CVSS2: 6.8
EPSS Низкий

Описание

Unspecified vulnerability in Oracle Java SE 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.

An improper permission check issue was discovered in the Libraries component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5java-1.6.0-openjdkNot affected
Red Hat Enterprise Linux 5java-1.6.0-sunNot affected
Red Hat Enterprise Linux 5java-1.7.0-openjdkNot affected
Red Hat Enterprise Linux 5java-1.7.0-oracleNot affected
Red Hat Enterprise Linux 6java-1.6.0-openjdkNot affected
Red Hat Enterprise Linux 6java-1.6.0-sunNot affected
Red Hat Enterprise Linux 6java-1.7.0-openjdkNot affected
Red Hat Enterprise Linux 6java-1.7.0-oracleNot affected
Red Hat Enterprise Linux 7java-1.6.0-openjdkNot affected
Red Hat Enterprise Linux 7java-1.6.0-sunNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Critical
https://bugzilla.redhat.com/show_bug.cgi?id=1183660OpenJDK: incorrect class loader permission check in ClassLoader getParent() (Libraries, 8055314)

EPSS

Процентиль: 77%
0.01071
Низкий

6.8 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2014-6549

ubuntu
больше 10 лет назад

Unspecified vulnerability in Oracle Java SE 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.

nvd логотип

CVE-2014-6549

nvd
больше 10 лет назад

Unspecified vulnerability in Oracle Java SE 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.

debian логотип

CVE-2014-6549

debian
больше 10 лет назад

Unspecified vulnerability in Oracle Java SE 8u25 allows remote attacke ...

github логотип

GHSA-x6cv-xr7v-j9fw

github
больше 3 лет назад

Unspecified vulnerability in Oracle Java SE 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.

oracle-oval логотип

ELSA-2015-0069

oracle-oval
больше 10 лет назад

ELSA-2015-0069: java-1.8.0-openjdk security update (IMPORTANT)

EPSS

Процентиль: 77%
0.01071
Низкий

6.8 Medium

CVSS2