CVE-2014-6549
published 2015-01-21CVE-2014-6549: Unspecified vulnerability in Oracle Java SE 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to…
critical10CVSS 3.1
AVNACLAuNCCICAC
Unspecified vulnerability in Oracle Java SE 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | openjdk-8 | < openjdk-8 8u40~b22-1 (sid) | openjdk-8 8u40~b22-1 (sid) |
| oracle | jdk | — | — |
| oracle | jre | — | — |
Red Hat
OpenJDK: incorrect class loader permission check in ClassLoader getParent() (Libraries, 8055314)
vendor_redhat·2015-01-20·CVSS 10.0
CVE-2014-6549 [CRITICAL] OpenJDK: incorrect class loader permission check in ClassLoader getParent() (Libraries, 8055314)
OpenJDK: incorrect class loader permission check in ClassLoader getParent() (Libraries, 8055314)
Unspecified vulnerability in Oracle Java SE 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
An improper permission check issue was discovered in the Libraries component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions.
Package: java-1.6.0-openjdk (Red Hat Enterprise Linux 5) - Not affected
Package: java-1.6.0-sun (Red Hat Enterprise Linux 5) - Not affected
Package: java-1.7.0-openjdk (Red Hat Enterprise Linux 5) - Not affected
Package: java-1.7.0-oracle (Red Hat Enterprise Linux 5) - Not affected
Package: java-1.6.0-openjdk (Red Hat Enterprise Linux 6
Debian
CVE-2014-6549: openjdk-8 - Unspecified vulnerability in Oracle Java SE 8u25 allows remote attackers to affe...
vendor_debian·2014·CVSS 10.0
CVE-2014-6549 [CRITICAL] CVE-2014-6549: openjdk-8 - Unspecified vulnerability in Oracle Java SE 8u25 allows remote attackers to affe...
Unspecified vulnerability in Oracle Java SE 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
Scope: local
sid: resolved (fixed in 8u40~b22-1)
GHSA
GHSA-x6cv-xr7v-j9fw: Unspecified vulnerability in Oracle Java SE 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors re
ghsa_unreviewed·2022-05-13
CVE-2014-6549 [HIGH] GHSA-x6cv-xr7v-j9fw: Unspecified vulnerability in Oracle Java SE 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors re
Unspecified vulnerability in Oracle Java SE 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
No detection rules found.
No public exploits indexed.
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.htmlhttp://rhn.redhat.com/errata/RHSA-2015-0080.htmlhttp://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.htmlhttp://www.securityfocus.com/bid/72137http://www.securitytracker.com/id/1031580https://security.gentoo.org/glsa/201507-14https://www-304.ibm.com/support/docview.wss?uid=swg21695474http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.htmlhttp://rhn.redhat.com/errata/RHSA-2015-0080.htmlhttp://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.htmlhttp://www.securityfocus.com/bid/72137http://www.securitytracker.com/id/1031580https://security.gentoo.org/glsa/201507-14https://www-304.ibm.com/support/docview.wss?uid=swg21695474
2015-01-21
Published