PT-2014-5059 · Ibm+2 · Java Runtime Environment+3
Publicado
2014-10-26
·
Atualizado
2015-03-18
·
CVE-2014-3065
CVSS v2.0
6.9
Média
| Vetor | AV:L/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
IBM Java Runtime Environment (JRE) versions 7.0.0 through 7.1.2.0
IBM Java Runtime Environment (JRE) versions 7.0.0 through 7.0.8.0
IBM Java Runtime Environment (JRE) versions 6.0.0 through 6.1.8.2
IBM Java Runtime Environment (JRE) versions 6.0.0 through 6.0.16.2
IBM Java Runtime Environment (JRE) versions 5.0.0 through 5.0.16.8
Description
The issue allows local users to execute arbitrary code via vectors related to the shared classes cache. It is also related to the POODLE SSLv3 vulnerability and an additional unspecified vulnerability.
Recommendations
For versions 7.0.0 through 7.1.2.0, update to a version after 7.1.2.0.
For versions 7.0.0 through 7.0.8.0, update to a version after 7.0.8.0.
For versions 6.0.0 through 6.1.8.2, update to a version after 6.1.8.2.
For versions 6.0.0 through 6.0.16.2, update to a version after 6.0.16.2.
For versions 5.0.0 through 5.0.16.8, update to a version after 5.0.16.8.
Exploit
Correção
Code Injection
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Ibm Aix
Java Runtime Environment
Red Hat
Suse