PT-2014-1630 · Oracle+6 · Oracle Java Se Embedded+8

Publicado

2014-10-14

·

Atualizado

2024-06-15

·

CVE-2014-6502

CVSS v2.0

2.6

Baixa

VetorAV:N/AC:H/Au:N/C:N/I:P/A:N
Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 5.0u71, 6u81, 7u67, and 8u20 Oracle Java SE Embedded version 7u60
Description The issue allows remote attackers to affect data integrity via unknown vectors related to Libraries. It enables a remote attacker to compromise data integrity.
Recommendations For Oracle Java SE versions 5.0u71, 6u81, 7u67, and 8u20, update to a version that is not affected by this issue. For Oracle Java SE Embedded version 7u60, update to a version that is not affected by this issue. As a temporary workaround, consider restricting access to the Libraries component until a patch is available.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-17

Identificadores relacionados

BDU:2015-00548
BDU:2015-00589
CESA-2014_1620
CESA-2014_1634
CESA-2014_1636
CVE-2014-6502
DLA-96-1
DSA-3077-1
DSA-3080-1
HPSBUX03218
MGASA-2014-0422
OPENSUSE-SU-2024:10534-1
RHSA-2014:1620
RHSA-2014:1633
RHSA-2014:1634
RHSA-2014:1636
RHSA-2014:1657
RHSA-2014:1658
RHSA-2014:1876
RHSA-2014:1877
RHSA-2014:1880
RHSA-2014:1881
RHSA-2014:1882
RHSA-2014_1620
RHSA-2014_1633
RHSA-2014_1634
RHSA-2014_1636
RHSA-2014_1657
RHSA-2014_1658
RHSA-2014_1877
RHSA-2014_1880
RHSA-2014_1881
RHSA-2014_1882
RHSA-2015:0264
USN-2386-1
USN-2388-1
USN-2388-2

Produtos afetados

Centos
Hp-Ux
Ibm Aix
Java Platform
Oracle Java Se
Oracle Java Se Embedded
Red Hat
Suse
Ubuntu