CVE-2014-6458
published 2014-10-15CVE-2014-6458: Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows local users to affect confidentiality, integrity, and availability via unknown vectors…
medium6.9CVSS 3.1
AVLACMAuNCCICAC
Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | openjdk-8 | — | — |
| oracle | jdk | — | — |
| oracle | jre | — | — |
| oracle | jre | — | — |
| oracle | jre | — | — |
Red Hat
JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)
vendor_redhat·2014-10-14·CVSS 6.9
CVE-2014-6458 [MEDIUM] JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)
JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)
Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
Debian
CVE-2014-6458: openjdk-8 - Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows local us...
vendor_debian·2014·CVSS 6.9
CVE-2014-6458 [MEDIUM] CVE-2014-6458: openjdk-8 - Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows local us...
Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
Scope: local
sid: resolved
GHSA
GHSA-vv95-2f9w-r389: Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows local users to affect confidentiality, integrity, and availability via unknown
ghsa_unreviewed·2022-05-13
CVE-2014-6458 [MEDIUM] GHSA-vv95-2f9w-r389: Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows local users to affect confidentiality, integrity, and availability via unknown
Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2014-6458 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)
bugzilla·2014-10-14·CVSS 6.9
CVE-2014-6458 [MEDIUM] CVE-2014-6458 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)
CVE-2014-6458 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)
Oracle Java SE 6u85, 7u71 and 8u25 fixes an unspecified vulnerability in the Deployment component (CVE-2014-6458). Upstream has CVSSv2 scored this issue as: 6.9/AV:L/AC:M/Au:N/C:C/I:C/A:C
External Reference:
http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html#AppendixJAVA
Discussion:
This issue has been addressed in the following products:
Oracle Java for Red Hat Enterprise Linux 7
Oracle Java for Red Hat Enterprise Linux 6
Oracle Java for Red Hat Enterprise Linux 5
Via RHSA-2014:1658 https://rhn.redhat.com/errata/RHSA-2014-1658.html
---
This issue has been addressed in the following products:
Oracle Java for Red Hat Enterprise Linux 7
Oracle Java for Red Hat Enterp
Bugzilla
CVE-2013-6458 qemu: job usage issue in several APIs leading to libvirtd crash
bugzilla·2014-01-06·CVSS 6.8
CVE-2013-6458 [MEDIUM] CVE-2013-6458 qemu: job usage issue in several APIs leading to libvirtd crash
CVE-2013-6458 qemu: job usage issue in several APIs leading to libvirtd crash
A job usage issue in several APIs could allow an attacker who is able to establish a read-only connection to libvirtd to crash libvirtd.
Discussion:
Upstream fix:
http://libvirt.org/git/?p=libvirt.git;a=commit;h=db86da5ca2109e4006c286a09b6c75bfe10676ad
https://bugzilla.redhat.com/show_bug.cgi?id=1043069#c15 notes "I found similar patterns in several other APIs and fixed them by the following commits: v1.2.0-233-gb799259, v1.2.0-234-gf93d2ca, v1.2.0-235-gff5f30b, v1.2.0-236-g3b56425."
---
Created libvirt tracking bugs for this issue:
Affects: fedora-all [bug 1054206]
---
This issue has been addressed in following products:
Red Hat Enterprise Linux 6
Via RHSA-2014:0103 https://rhn.redhat.com/errata/RHSA
http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.htmlhttp://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.htmlhttp://marc.info/?l=bugtraq&m=141775382904016&w=2http://rhn.redhat.com/errata/RHSA-2014-1657.htmlhttp://rhn.redhat.com/errata/RHSA-2014-1658.htmlhttp://rhn.redhat.com/errata/RHSA-2014-1876.htmlhttp://rhn.redhat.com/errata/RHSA-2014-1877.htmlhttp://rhn.redhat.com/errata/RHSA-2014-1880.htmlhttp://rhn.redhat.com/errata/RHSA-2014-1882.htmlhttp://rhn.redhat.com/errata/RHSA-2015-0264.htmlhttp://secunia.com/advisories/61163http://secunia.com/advisories/61164http://secunia.com/advisories/61609http://secunia.com/advisories/61635http://security.gentoo.org/glsa/glsa-201502-12.xmlhttp://www-01.ibm.com/support/docview.wss?uid=swg21688283http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.htmlhttp://www.securityfocus.com/bid/70460http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.htmlhttp://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.htmlhttp://marc.info/?l=bugtraq&m=141775382904016&w=2http://rhn.redhat.com/errata/RHSA-2014-1657.htmlhttp://rhn.redhat.com/errata/RHSA-2014-1658.htmlhttp://rhn.redhat.com/errata/RHSA-2014-1876.htmlhttp://rhn.redhat.com/errata/RHSA-2014-1877.htmlhttp://rhn.redhat.com/errata/RHSA-2014-1880.htmlhttp://rhn.redhat.com/errata/RHSA-2014-1882.htmlhttp://rhn.redhat.com/errata/RHSA-2015-0264.htmlhttp://secunia.com/advisories/61163http://secunia.com/advisories/61164http://secunia.com/advisories/61609http://secunia.com/advisories/61635http://security.gentoo.org/glsa/glsa-201502-12.xmlhttp://www-01.ibm.com/support/docview.wss?uid=swg21688283http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.htmlhttp://www.securityfocus.com/bid/70460
2014-10-15
Published