CVE-2014-6587

Current Description

Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.

Basic Data

PublishedJanuary 21, 2015
Last ModifiedDecember 22, 2016
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeNVD-CWE-noinfo
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:L/AC:L/Au:S/C:P/I:P/A:P
CVSS 2 - Access VectorLOCAL
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationSINGLE
CVSS 2 - Confidentiality ImpactPARTIAL
CVSS 2 - Availability ImpactPARTIAL
CVSS 2 - Base Score4.3
SeverityMEDIUM
Exploitability Score3.1
Impact Score6.4
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationOracleJdk1.6.0update_85******
    2.3ApplicationOracleJdk1.7.0update_72******
    2.3ApplicationOracleJdk1.8.0update_25******
    2.3ApplicationOracleJre1.6.0update_85******
    2.3ApplicationOracleJre1.7.0update_72******
    2.3ApplicationOracleJre1.8.0update_25******

Vulnerable Software List

VendorProductVersions
Oracle Jre 1.6.0, 1.7.0, 1.8.0
Oracle Jdk 1.6.0, 1.7.0, 1.8.0

References

NameSourceURLTags
HPSBUX03281http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581HP
openSUSE-SU-2015:0190http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.htmlSUSE
SUSE-SU-2015:0336http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.htmlSUSE
SUSE-SU-2015:0503http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.htmlSUSE
SSRT101951http://marc.info/?l=bugtraq&m=142496355704097&w=2HP
SSRT101968http://marc.info/?l=bugtraq&m=142607790919348&w=2HP
RHSA-2015:0068http://rhn.redhat.com/errata/RHSA-2015-0068.htmlREDHAT
RHSA-2015:0079http://rhn.redhat.com/errata/RHSA-2015-0079.htmlREDHAT
RHSA-2015:0080http://rhn.redhat.com/errata/RHSA-2015-0080.htmlREDHAT
RHSA-2015:0085http://rhn.redhat.com/errata/RHSA-2015-0085.htmlREDHAT
RHSA-2015:0086http://rhn.redhat.com/errata/RHSA-2015-0086.htmlREDHAT
RHSA-2015:0264http://rhn.redhat.com/errata/RHSA-2015-0264.htmlREDHAT
DSA-3144http://www.debian.org/security/2015/dsa-3144DEBIAN
DSA-3147http://www.debian.org/security/2015/dsa-3147DEBIAN
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.htmlhttp://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.htmlCONFIRMPATCH Vendor Advisory
72168http://www.securityfocus.com/bid/72168BID
1031580http://www.securitytracker.com/id/1031580SECTRACK
USN-2486-1http://www.ubuntu.com/usn/USN-2486-1UBUNTU
USN-2487-1http://www.ubuntu.com/usn/USN-2487-1UBUNTU
http://www.vmware.com/security/advisories/VMSA-2015-0003.htmlhttp://www.vmware.com/security/advisories/VMSA-2015-0003.htmlCONFIRM
GLSA-201507-14https://security.gentoo.org/glsa/201507-14GENTOO
GLSA-201603-14https://security.gentoo.org/glsa/201603-14GENTOO
https://www-304.ibm.com/support/docview.wss?uid=swg21695474https://www-304.ibm.com/support/docview.wss?uid=swg21695474CONFIRM