CVE-2014-3065

EUVD-2014-3086
Unspecified vulnerability in IBM Java Runtime Environment (JRE) 7 R1 before SR2 (7.1.2.0), 7 before SR8 (7.0.8.0), 6 R1 before SR8 FP2 (6.1.8.2), 6 before SR16 FP2 (6.0.16.2), and before SR16 FP8 (5.0.16.8) allows local users to execute arbitrary code via vectors related to the shared classes cache.
Code Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.9 UNKNOWN
LOCAL
MEDIUM
AV:L/AC:M/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 26%
Affected Products (NVD)
VendorProductVersion
ibmjava
5.0.0.0
ibmjava
5.0.11.0
ibmjava
5.0.11.1
ibmjava
5.0.11.2
ibmjava
5.0.12.0
ibmjava
5.0.12.1
ibmjava
5.0.12.2
ibmjava
5.0.12.3
ibmjava
5.0.12.4
ibmjava
5.0.12.5
ibmjava
5.0.13.0
ibmjava
5.0.14.0
ibmjava
5.0.15.0
ibmjava
5.0.16.0
ibmjava
5.0.16.1
ibmjava
5.0.16.2
ibmjava
5.0.16.3
ibmjava
6.0.0.0
ibmjava
6.0.1.0
ibmjava
6.0.2.0
ibmjava
6.0.3.0
ibmjava
6.0.4.0
ibmjava
6.0.5.0
ibmjava
6.0.6.0
ibmjava
6.0.7.0
ibmjava
6.0.8.0
ibmjava
6.0.8.1
ibmjava
6.0.9.0
ibmjava
6.0.9.1
ibmjava
6.0.9.2
ibmjava
6.0.10.0
ibmjava
6.0.10.1
ibmjava
6.0.11.0
ibmjava
6.0.12.0
ibmjava
6.0.13.0
ibmjava
6.0.13.1
ibmjava
6.0.13.2
ibmjava
6.0.14.0
ibmjava
7.0.0.0
ibmjava
7.0.1.0
ibmjava
7.0.2.0
ibmjava
7.0.3.0
ibmjava
7.0.4.0
ibmjava
7.0.4.1
ibmjava
7.0.4.2
ibmjava
7.0.5.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html
http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html
http://rhn.redhat.com/errata/RHSA-2014-1876.html
http://rhn.redhat.com/errata/RHSA-2014-1877.html
http://rhn.redhat.com/errata/RHSA-2014-1880.html
http://rhn.redhat.com/errata/RHSA-2014-1881.html
http://rhn.redhat.com/errata/RHSA-2014-1882.html
http://rhn.redhat.com/errata/RHSA-2015-0264.html
http://www-01.ibm.com/support/docview.wss?uid=swg1IV66044
http://www-01.ibm.com/support/docview.wss?uid=swg1IV66045
http://www-01.ibm.com/support/docview.wss?uid=swg21688283
http://www.securityfocus.com/bid/71147
https://bugzilla.redhat.com/show_bug.cgi?id=1162554
http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html
http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html
http://rhn.redhat.com/errata/RHSA-2014-1876.html
http://rhn.redhat.com/errata/RHSA-2014-1877.html
http://rhn.redhat.com/errata/RHSA-2014-1880.html
http://rhn.redhat.com/errata/RHSA-2014-1881.html
http://rhn.redhat.com/errata/RHSA-2014-1882.html
http://rhn.redhat.com/errata/RHSA-2015-0264.html
http://www-01.ibm.com/support/docview.wss?uid=swg1IV66044
http://www-01.ibm.com/support/docview.wss?uid=swg1IV66045
http://www-01.ibm.com/support/docview.wss?uid=swg21688283
http://www.securityfocus.com/bid/71147
https://bugzilla.redhat.com/show_bug.cgi?id=1162554