PT-2014-1637 · Oracle+4 · Java Se+5

Publicado

2014-10-14

·

Atualizado

2022-05-13

·

CVE-2014-6458

CVSS v2.0

6.9

Média

VetorAV:L/AC:M/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 6u81, 7u67, and 8u20
Description The issue allows local users to affect confidentiality, integrity, and availability via unknown vectors related to the Deployment component. This can lead to a disruption in data confidentiality, integrity, and availability.
Recommendations For Oracle Java SE version 6u81, update to a version that includes the fix for this issue. For Oracle Java SE version 7u67, update to a version that includes the fix for this issue. For Oracle Java SE version 8u20, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting access to the Deployment component until a patch is available.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-17

Identificadores relacionados

BDU:2015-00555
CVE-2014-6458
HPSBUX03218
RHSA-2014:1657
RHSA-2014:1658
RHSA-2014:1876
RHSA-2014:1877
RHSA-2014:1880
RHSA-2014:1882
RHSA-2014_1657
RHSA-2014_1658
RHSA-2014_1877
RHSA-2014_1880
RHSA-2014_1882
RHSA-2015:0264

Produtos afetados

Hp-Ux
Ibm Aix
Java Platform
Java Se
Red Hat
Suse