PT-2014-1636 · Oracle+4 · Jdk+7

Published

2014-10-14

Updated

2022-05-13

CVE-2014-6515

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 6u81, 7u67, and 8u20 Oracle JDK (affected versions not specified) Oracle JRE (affected versions not specified)

Description The issue allows a remote attacker to compromise data integrity using a subcomponent of Deployment. It affects the Java SE platform, potentially allowing unauthorized access or modification of data. The estimated number of potentially affected devices worldwide is not specified. Details about real-world incidents where this issue was exploited are not provided.

Recommendations For Oracle Java SE versions 6u81, 7u67, and 8u20: update to a version that is not affected by this issue. For Oracle JDK: at the moment, there is no information about a newer version that contains a fix for this vulnerability. For Oracle JRE: at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-17

Related Identifiers

BDU:2015-00554

CVE-2014-6515

HPSBUX03218

RHSA-2014:1657

RHSA-2014:1658

RHSA-2014:1876

RHSA-2014:1877

RHSA-2014:1880

RHSA-2014:1882

RHSA-2014_1657

RHSA-2014_1658

RHSA-2014_1877

RHSA-2014_1880

RHSA-2014_1882

RHSA-2015:0264

Affected Products

Hp-Ux

Ibm Aix

Jdk

Jre

Java Platform

Java Se

Red Hat

Suse

PT-2014-1636 · Oracle+4 · Jdk+7

CVE-2014-6515

Weakness Enumeration

Related Identifiers

Affected Products

References · 110