CVE-2014-6591 — Out-of-bounds Read in Oracle JDK

CWE-125 — Out-of-bounds Read23 documents8 sources

Severity

2.6LOWNVD

OSV10.0OSV3.4

EPSS

2.3%

top 15.21%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Oracle JDK Oracle JRE

Timeline

PublishedJan 21

Latest updateMay 13

Description

Unspecified vulnerability in the Java SE component in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to 2D, a different vulnerability than CVE-2014-6585.

CVSS vector

AV:N/AC:H/C:P/I:N/A:NExploitability: 4.9 | Impact: 2.9

Affected Packages2 packages

▶NVDoracle/jdk4 versions+3

▶NVDoracle/jre4 versions+3

Patches

Patch: www.oracle.com ↗Patch: www.oracle.com ↗

🔴Vulnerability Details

GHSA

GHSA-mr97-jqw9-fp77: Unspecified vulnerability in Oracle Java SE 5↗2022-05-13

▶

GHSA

GHSA-7hw8-8c2x-83rg: Unspecified vulnerability in the Java SE component in Oracle Java SE 5↗2022-05-13

▶

OSV

icu vulnerabilities↗2015-03-05

▶

OSV

openjdk-7 vulnerabilities↗2015-01-28

▶

CVEList

CVE-2014-6585: Unspecified vulnerability in Oracle Java SE 5↗2015-01-21

▶

📋Vendor Advisories

Ubuntu

ICU vulnerabilities↗2015-03-10

▶

Ubuntu

ICU regression↗2015-03-06

▶

Ubuntu

ICU vulnerabilities↗2015-03-05

▶

Ubuntu

OpenJDK 7 vulnerabilities↗2015-01-28

▶

Ubuntu

OpenJDK 6 vulnerabilities↗2015-01-27

▶

💬Community

Bugzilla

CVE-2014-6591 CVE-2014-6585 mingw-icu: various flaws [fedora-all]↗2015-01-22

▶

Bugzilla

CVE-2014-6591 CVE-2014-6585 mingw-icu: various flaws [epel-7]↗2015-01-22

▶

Bugzilla

CVE-2014-6591 CVE-2014-6585 icu: various flaws [fedora-all]↗2015-01-22

▶

Bugzilla

CVE-2014-6591 ICU: font parsing OOB read (OpenJDK 2D, 8056276)↗2015-01-19

▶