CVE-2006-0614 — JRE vulnerability

3 documents3 sources

Severity

6.4MEDIUMNVD

EPSS

7.0%

top 8.50%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

SUN JRE SUN SDK SUN JDK

Timeline

PublishedFeb 9

Latest updateMay 1

Description

Unspecified vulnerability in Sun Java JDK and JRE 5.0 Update 3 and earlier, SDK and JRE 1.3.x through 1.3.1_16 and 1.4.x through 1.4.2_08 allows remote attackers to bypass Java sandbox security and obtain privileges via unspecified vectors involving the reflection APIs, aka the "first issue."

CVSS vector

AV:N/AC:L/C:P/I:P/A:NExploitability: 10.0 | Impact: 4.9

Affected Packages3 packages

▶NVDsun/jre1.3.0 — 1.3.1_16+2

▶NVDsun/sdk1.3.0 — 1.3.1_16+1

▶NVDsun/jdk5.0

Patches

Patch: sunsolve.sun.com ↗Patch: sunsolve.sun.com ↗

🔴Vulnerability Details

GHSA

GHSA-5cw4-xh6q-297m: Unspecified vulnerability in Sun Java JDK and JRE 5↗2022-05-01

▶

CVEList

CVE-2006-0614: Unspecified vulnerability in Sun Java JDK and JRE 5↗2006-02-09

▶