CVE-2014-8892

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Unspecified vulnerability in the Java Virtual Machine (JVM) in IBM SDK, Java Technology Edition 5.0 before SR16-FP9, 6 before SR16-FP3, 6R1 before SR8-FP3, 7 before SR8-FP10, and 7R1 before SR2-FP10 allows remote attackers to bypass intended access permissions and obtain sensitive information via unspecified vectors related to the security manager.

References

http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00021.html

http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00022.html

http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00025.html

http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html

http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html

http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html

http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html

http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html

http://rhn.redhat.com/errata/RHSA-2015-0136.html

http://rhn.redhat.com/errata/RHSA-2015-0264.html

http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_February_2015

http://www.securityfocus.com/bid/73259

https://bugzilla.redhat.com/show_bug.cgi?id=1189145

https://www-304.ibm.com/support/docview.wss?uid=swg21695474

Details

Source: MITRE

Published: 2015-03-06

Updated: 2019-07-16

Risk Information

CVSS v2

Base Score: 7.8

Vector: AV:N/AC:L/Au:N/C:C/I:N/A:N

Impact Score: 6.9

Exploitability Score: 10

Severity: HIGH

Tenable Plugins

View all (10 total)

IDNameProductFamilySeverity
119960SUSE SLES12 Security Update : java-1_6_0-ibm (SUSE-SU-2015:0306-1)NessusSuSE Local Security Checks
critical
84260SUSE SLES12 Security Update : java-1_7_0-ibm (SUSE-SU-2015:1073-1) (Bar Mitzvah)NessusSuSE Local Security Checks
critical
81505RHEL 5 / 6 : Red Hat Satellite IBM Java Runtime (RHSA-2015:0264) (POODLE)NessusRed Hat Local Security Checks
low
81504RHEL 6 : Red Hat Satellite IBM Java Runtime (RHSA-2015:0263)NessusRed Hat Local Security Checks
critical
81436SuSE 11.3 Security Update : java-1_7_0-ibm (SAT Patch Number 10300)NessusSuSE Local Security Checks
critical
81435SuSE 11.3 Security Update : java-1_6_0-ibm (SAT Patch Number 10299)NessusSuSE Local Security Checks
critical
81204RHEL 5 / 6 : java-1.5.0-ibm (RHSA-2015:0136)NessusRed Hat Local Security Checks
critical
81203RHEL 5 / 6 : java-1.6.0-ibm (RHSA-2015:0135)NessusRed Hat Local Security Checks
critical
81202RHEL 5 : java-1.7.0-ibm (RHSA-2015:0134)NessusRed Hat Local Security Checks
critical
81201RHEL 6 / 7 : java-1.7.1-ibm (RHSA-2015:0133)NessusRed Hat Local Security Checks
critical