PT-2015-3901 · Oracle+7 · Java Se Embedded+10

Ramon De C Valle

·

Publicado

2015-01-20

·

Atualizado

2024-06-15

·

CVE-2014-6593

CVSS v2.0

4.0

Média

VetorAV:N/AC:H/Au:N/C:P/I:P/A:N
Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 5.0u75, 6u85, 7u72, and 8u25 Oracle Java SE Embedded versions 7u71 and 8u6 JRockit versions 27.8.4 and 28.3.4
Description The issue affects confidentiality and integrity, allowing remote attackers to exploit it via vectors related to JSSE.
Recommendations For Oracle Java SE versions 5.0u75, 6u85, 7u72, and 8u25, update to a version that is not affected by this issue. For Oracle Java SE Embedded versions 7u71 and 8u6, update to a version that is not affected by this issue. For JRockit versions 27.8.4 and 28.3.4, update to a version that is not affected by this issue. As a temporary workaround, consider restricting access to JSSE-related functionality until a patch is available.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Identificadores relacionados

CESA-2015_0067
CESA-2015_0069
CESA-2015_0085
CVE-2014-6593
DLA-157-1
DSA-3144-1
DSA-3147-1
HPSBUX03273
HPSBUX03281
MGASA-2015-0037
OPENSUSE-SU-2015_0190-1
OPENSUSE-SU-2024:10534-1
RHSA-2015:0067
RHSA-2015:0068
RHSA-2015:0069
RHSA-2015:0079
RHSA-2015:0080
RHSA-2015:0085
RHSA-2015:0086
RHSA-2015:0133
RHSA-2015:0134
RHSA-2015:0135
RHSA-2015:0136
RHSA-2015:0263
RHSA-2015:0264
RHSA-2015_0067
RHSA-2015_0068
RHSA-2015_0069
RHSA-2015_0079
RHSA-2015_0080
RHSA-2015_0085
RHSA-2015_0086
RHSA-2015_0133
RHSA-2015_0135
RHSA-2015_0136
SUSE-SU-2015:0503-1
USN-2486-1
USN-2487-1

Produtos afetados

Centos
Hp-Ux
Ibm Aix
Jrockit
Java Platform
Java Se
Java Se Embedded
Red Hat
Suse
Ubuntu
Vmware Vcenter