CVE-2014-6506

Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 92%
Affected Products (NVD)
VendorProductVersion
oraclejdk
1.5.0
oraclejdk
1.6.0
oraclejdk
1.7.0
oraclejre
1.5.0
oraclejre
1.6.0
oraclejre
1.7.0
oraclejre
1.7.0
oraclejre
1.8.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
openjdk-8
sid
8u432-b06-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
openjdk-6
lucid
Fixed 6b33-1.13.5-1ubuntu0.10.04
released
precise
Fixed 6b33-1.13.5-1ubuntu0.12.04
released
trusty
Fixed 6b33-1.13.5-1ubuntu0.14.04
released
utopic
not-affected
openjdk-7
lucid
dne
precise
Fixed 7u71-2.5.3-0ubuntu0.12.04.1
released
trusty
Fixed 7u71-2.5.3-0ubuntu0.14.04.1
released
utopic
Fixed 7u71-2.5.3-0ubuntu1
released
openjdk-8
lucid
dne
precise
dne
trusty
dne
utopic
not-affected
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
java-1_7_0-openjdk
suse enterprise sap 12
1.7.0.71-6.2
fixed
suse enterprise sap 12 SP5
1.7.0.231-43.27.2
fixed
suse enterprise server 12
1.7.0.71-6.2
fixed
suse enterprise server 12 SP5
1.7.0.231-43.27.2
fixed
java-1_7_0-openjdk-demo
suse enterprise sap 12
1.7.0.71-6.2
fixed
suse enterprise sap 12 SP5
1.7.0.231-43.27.2
fixed
suse enterprise server 12
1.7.0.71-6.2
fixed
suse enterprise server 12 SP5
1.7.0.231-43.27.2
fixed
java-1_7_0-openjdk-devel
suse enterprise sap 12
1.7.0.71-6.2
fixed
suse enterprise sap 12 SP5
1.7.0.231-43.27.2
fixed
suse enterprise server 12
1.7.0.71-6.2
fixed
suse enterprise server 12 SP5
1.7.0.231-43.27.2
fixed
java-1_7_0-openjdk-headless
suse enterprise sap 12
1.7.0.71-6.2
fixed
suse enterprise sap 12 SP5
1.7.0.231-43.27.2
fixed
suse enterprise server 12
1.7.0.71-6.2
fixed
suse enterprise server 12 SP5
1.7.0.231-43.27.2
fixed
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
java-1.5.0-ibm
RHEL 6
1:1.5.0.16.8-1jpp.1.el6_6
fixed
java-1.5.0-ibm-demo
RHEL 6
1:1.5.0.16.8-1jpp.1.el6_6
fixed
java-1.5.0-ibm-devel
RHEL 6
1:1.5.0.16.8-1jpp.1.el6_6
fixed
java-1.5.0-ibm-javacomm
RHEL 6
1:1.5.0.16.8-1jpp.1.el6_6
fixed
java-1.5.0-ibm-jdbc
RHEL 6
1:1.5.0.16.8-1jpp.1.el6_6
fixed
java-1.5.0-ibm-plugin
RHEL 6
1:1.5.0.16.8-1jpp.1.el6_6
fixed
java-1.5.0-ibm-src
RHEL 6
1:1.5.0.16.8-1jpp.1.el6_6
fixed
java-1.6.0-ibm
RHEL 6
1:1.6.0.16.2-1jpp.1.el6_6
fixed
java-1.6.0-ibm-demo
RHEL 6
1:1.6.0.16.2-1jpp.1.el6_6
fixed
java-1.6.0-ibm-devel
RHEL 6
1:1.6.0.16.2-1jpp.1.el6_6
fixed
java-1.6.0-ibm-javacomm
RHEL 6
1:1.6.0.16.2-1jpp.1.el6_6
fixed
java-1.6.0-ibm-jdbc
RHEL 6
1:1.6.0.16.2-1jpp.1.el6_6
fixed
java-1.6.0-ibm-plugin
RHEL 6
1:1.6.0.16.2-1jpp.1.el6_6
fixed
java-1.6.0-ibm-src
RHEL 6
1:1.6.0.16.2-1jpp.1.el6_6
fixed
java-1.6.0-openjdk
RHEL 6
1:1.6.0.33-1.13.5.0.el6_6
fixed
RHEL 7
1:1.6.0.33-1.13.5.0.el7_0
fixed
java-1.6.0-openjdk-demo
RHEL 6
1:1.6.0.33-1.13.5.0.el6_6
fixed
RHEL 7
1:1.6.0.33-1.13.5.0.el7_0
fixed
java-1.6.0-openjdk-devel
RHEL 6
1:1.6.0.33-1.13.5.0.el6_6
fixed
RHEL 7
1:1.6.0.33-1.13.5.0.el7_0
fixed
java-1.6.0-openjdk-javadoc
RHEL 6
1:1.6.0.33-1.13.5.0.el6_6
fixed
RHEL 7
1:1.6.0.33-1.13.5.0.el7_0
fixed
java-1.6.0-openjdk-src
RHEL 6
1:1.6.0.33-1.13.5.0.el6_6
fixed
RHEL 7
1:1.6.0.33-1.13.5.0.el7_0
fixed
java-1.7.0-ibm
RHEL 6
1:1.7.0.8.0-1jpp.1.el6_6
fixed
java-1.7.0-ibm-demo
RHEL 6
1:1.7.0.8.0-1jpp.1.el6_6
fixed
java-1.7.0-ibm-devel
RHEL 6
1:1.7.0.8.0-1jpp.1.el6_6
fixed
java-1.7.0-ibm-jdbc
RHEL 6
1:1.7.0.8.0-1jpp.1.el6_6
fixed
java-1.7.0-ibm-plugin
RHEL 6
1:1.7.0.8.0-1jpp.1.el6_6
fixed
java-1.7.0-ibm-src
RHEL 6
1:1.7.0.8.0-1jpp.1.el6_6
fixed
java-1.7.0-openjdk
RHEL 6
1:1.7.0.71-2.5.3.1.el6
fixed
RHEL 7
1:1.7.0.71-2.5.3.1.el7_0
fixed
java-1.7.0-openjdk-accessibility
RHEL 7
1:1.7.0.71-2.5.3.1.el7_0
fixed
java-1.7.0-openjdk-demo
RHEL 6
1:1.7.0.71-2.5.3.1.el6
fixed
RHEL 7
1:1.7.0.71-2.5.3.1.el7_0
fixed
java-1.7.0-openjdk-devel
RHEL 6
1:1.7.0.71-2.5.3.1.el6
fixed
RHEL 7
1:1.7.0.71-2.5.3.1.el7_0
fixed
java-1.7.0-openjdk-headless
RHEL 7
1:1.7.0.71-2.5.3.1.el7_0
fixed
java-1.7.0-openjdk-javadoc
RHEL 6
1:1.7.0.71-2.5.3.1.el6
fixed
RHEL 7
1:1.7.0.71-2.5.3.1.el7_0
fixed
java-1.7.0-openjdk-src
RHEL 6
1:1.7.0.71-2.5.3.1.el6
fixed
RHEL 7
1:1.7.0.71-2.5.3.1.el7_0
fixed
java-1.7.1-ibm
RHEL 6
1:1.7.1.2.0-1jpp.3.el6_6
fixed
RHEL 7
1:1.7.1.2.0-1jpp.3.el7_0
fixed
java-1.7.1-ibm-demo
RHEL 6
1:1.7.1.2.0-1jpp.3.el6_6
fixed
RHEL 7
1:1.7.1.2.0-1jpp.3.el7_0
fixed
java-1.7.1-ibm-devel
RHEL 6
1:1.7.1.2.0-1jpp.3.el6_6
fixed
RHEL 7
1:1.7.1.2.0-1jpp.3.el7_0
fixed
java-1.7.1-ibm-jdbc
RHEL 6
1:1.7.1.2.0-1jpp.3.el6_6
fixed
RHEL 7
1:1.7.1.2.0-1jpp.3.el7_0
fixed
java-1.7.1-ibm-plugin
RHEL 6
1:1.7.1.2.0-1jpp.3.el6_6
fixed
RHEL 7
1:1.7.1.2.0-1jpp.3.el7_0
fixed
java-1.7.1-ibm-src
RHEL 6
1:1.7.1.2.0-1jpp.3.el6_6
fixed
RHEL 7
1:1.7.1.2.0-1jpp.3.el7_0
fixed
java-1.8.0-openjdk
RHEL 6
0:1.8.0.25-1.b17.el6
fixed
java-1.8.0-openjdk-demo
RHEL 6
0:1.8.0.25-1.b17.el6
fixed
java-1.8.0-openjdk-devel
RHEL 6
0:1.8.0.25-1.b17.el6
fixed
java-1.8.0-openjdk-headless
RHEL 6
0:1.8.0.25-1.b17.el6
fixed
java-1.8.0-openjdk-javadoc
RHEL 6
0:1.8.0.25-1.b17.el6
fixed
java-1.8.0-openjdk-src
RHEL 6
0:1.8.0.25-1.b17.el6
fixed
References
http://linux.oracle.com/errata/ELSA-2014-1633.html
http://linux.oracle.com/errata/ELSA-2014-1634.html
http://linux.oracle.com/errata/ELSA-2014-1636
http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00013.html
http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html
http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html
http://marc.info/?l=bugtraq&m=141775382904016&w=2
http://rhn.redhat.com/errata/RHSA-2014-1620.html
http://rhn.redhat.com/errata/RHSA-2014-1633.html
http://rhn.redhat.com/errata/RHSA-2014-1634.html
http://rhn.redhat.com/errata/RHSA-2014-1636.html
http://rhn.redhat.com/errata/RHSA-2014-1657.html
http://rhn.redhat.com/errata/RHSA-2014-1658.html
http://rhn.redhat.com/errata/RHSA-2014-1876.html
http://rhn.redhat.com/errata/RHSA-2014-1877.html
http://rhn.redhat.com/errata/RHSA-2014-1880.html
http://rhn.redhat.com/errata/RHSA-2014-1881.html
http://rhn.redhat.com/errata/RHSA-2014-1882.html
http://rhn.redhat.com/errata/RHSA-2015-0264.html
http://secunia.com/advisories/60414
http://secunia.com/advisories/60416
http://secunia.com/advisories/60417
http://secunia.com/advisories/61018
http://secunia.com/advisories/61020
http://secunia.com/advisories/61143
http://secunia.com/advisories/61163
http://secunia.com/advisories/61164
http://secunia.com/advisories/61346
http://secunia.com/advisories/61609
http://secunia.com/advisories/61629
http://secunia.com/advisories/61928
http://security.gentoo.org/glsa/glsa-201502-12.xml
http://www-01.ibm.com/support/docview.wss?uid=swg21688283
http://www.debian.org/security/2014/dsa-3077
http://www.debian.org/security/2014/dsa-3080
http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
http://www.securityfocus.com/bid/70556
http://www.ubuntu.com/usn/USN-2386-1
http://www.ubuntu.com/usn/USN-2388-1
http://www.ubuntu.com/usn/USN-2388-2
http://linux.oracle.com/errata/ELSA-2014-1633.html
http://linux.oracle.com/errata/ELSA-2014-1634.html
http://linux.oracle.com/errata/ELSA-2014-1636
http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00013.html
http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html
http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html
http://marc.info/?l=bugtraq&m=141775382904016&w=2
http://rhn.redhat.com/errata/RHSA-2014-1620.html
http://rhn.redhat.com/errata/RHSA-2014-1633.html
http://rhn.redhat.com/errata/RHSA-2014-1634.html
http://rhn.redhat.com/errata/RHSA-2014-1636.html
http://rhn.redhat.com/errata/RHSA-2014-1657.html
http://rhn.redhat.com/errata/RHSA-2014-1658.html
http://rhn.redhat.com/errata/RHSA-2014-1876.html
http://rhn.redhat.com/errata/RHSA-2014-1877.html
http://rhn.redhat.com/errata/RHSA-2014-1880.html
http://rhn.redhat.com/errata/RHSA-2014-1881.html
http://rhn.redhat.com/errata/RHSA-2014-1882.html
http://rhn.redhat.com/errata/RHSA-2015-0264.html
http://secunia.com/advisories/60414
http://secunia.com/advisories/60416
http://secunia.com/advisories/60417
http://secunia.com/advisories/61018
http://secunia.com/advisories/61020
http://secunia.com/advisories/61143
http://secunia.com/advisories/61163
http://secunia.com/advisories/61164
http://secunia.com/advisories/61346
http://secunia.com/advisories/61609
http://secunia.com/advisories/61629
http://secunia.com/advisories/61928
http://security.gentoo.org/glsa/glsa-201502-12.xml
http://www-01.ibm.com/support/docview.wss?uid=swg21688283
http://www.debian.org/security/2014/dsa-3077
http://www.debian.org/security/2014/dsa-3080
http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
http://www.securityfocus.com/bid/70556
http://www.ubuntu.com/usn/USN-2386-1
http://www.ubuntu.com/usn/USN-2388-1
http://www.ubuntu.com/usn/USN-2388-2