CVE-2014-6587: Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows local users to affect confidentiality, integrity, and availability via unknown vectors…

CVE-2014-6587 [MEDIUM] GHSA-6v6g-fc35-c9jw: Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows local users to affect confidentiality, integrity, and availability via unknown Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.

CVE-2014-3566 [LOW] openjdk-7 vulnerabilities openjdk-7 vulnerabilities Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. (CVE-2014-3566, CVE-2014-6587, CVE-2014-6601, CVE-2015-0395, CVE-2015-0408, CVE-2015-0412) Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure. An attacker could exploit these to expose sensitive data over the network. (CVE-2014-6585, CVE-2014-6591, CVE-2015-0400, CVE-2015-0407) A vulnerability was discovered in the OpenJDK JRE related to information disclosure and integrity. An attacker could exploit this to expose sensitive data over the network. (CVE-2014-6593) A vulnerability was discovere

CVE-2014-6587 [MEDIUM] CVE-2014-6587: Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows local users to affect confidentiality, integrity, and availability via unknown Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.

CVE-2014-3566 [LOW] OpenJDK 7 vulnerabilities Title: OpenJDK 7 vulnerabilities Summary: Several security issues were fixed in OpenJDK 7. Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. (CVE-2014-3566, CVE-2014-6587, CVE-2014-6601, CVE-2015-0395, CVE-2015-0408, CVE-2015-0412) Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure. An attacker could exploit these to expose sensitive data over the network. (CVE-2014-6585, CVE-2014-6591, CVE-2015-0400, CVE-2015-0407) A vulnerability was discovered in the OpenJDK JRE related to information disclosure and integrity. An attacker could exploit this to expose sensitive dat

CVE-2014-3566 [LOW] OpenJDK 6 vulnerabilities Title: OpenJDK 6 vulnerabilities Summary: Several security issues were fixed in OpenJDK 6. Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. (CVE-2014-3566, CVE-2014-6587, CVE-2014-6601, CVE-2015-0395, CVE-2015-0408, CVE-2015-0412) Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure. An attacker could exploit these to expose sensitive data over the network. (CVE-2014-6585, CVE-2014-6591, CVE-2015-0400, CVE-2015-0407) A vulnerability was discovered in the OpenJDK JRE related to information disclosure and integrity. An attacker could exploit this to expose sensitive dat

CVE-2014-6587 [MEDIUM] CWE-476 OpenJDK: MulticastSocket NULL pointer dereference (Libraries, 8056264) OpenJDK: MulticastSocket NULL pointer dereference (Libraries, 8056264) Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. A NULL pointer dereference flaw was found in the MulticastSocket implementation in the Libraries component of OpenJDK. An untrusted Java application or applet could possibly use this flaw to bypass certain Java sandbox restrictions. Package: java-1.8.0-openjdk (Red Hat Enterprise Linux 7) - Not affected Package: java-1.8.0-oracle (Red Hat Enterprise Linux 7) - Not affected

CVE-2014-6587 [MEDIUM] CVE-2014-6587: openjdk-8 - Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows local us... Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. Scope: local sid: resolved (fixed in 8u40~b22-1)

CVE-2014-6587 [MEDIUM] CVE-2014-6587 OpenJDK: MulticastSocket NULL pointer dereference (Libraries, 8056264) CVE-2014-6587 OpenJDK: MulticastSocket NULL pointer dereference (Libraries, 8056264) A NULL pointer deference flaw was found in the MulticastSocket implementation in the Libraries component of OpenJDK. A NULL network interface name could trigger a NULL pointer dereference in the OpenJDK native networking code. An untrusted Java application or applet could possibly use this flaw to bypass certain Java sandbox restrictions. Discussion: Public now via Oracle Critical Patch Update - January 2015. Fixed in Oracle Java SE 6u91, 7u75, and 8u31. External References: http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixJAVA --- This issue has been addressed in the following products: Red Hat Enterprise Linux 5 Via RHSA-2015:0068 https://rhn.redhat.com/errata/RH