CVE-2014-8892

5 documents5 sources

Severity

7.8HIGH

EPSS

1.6%

top 18.39%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Java SDK

Timeline

PublishedMar 6

Latest updateMay 14

Description

Unspecified vulnerability in the Java Virtual Machine (JVM) in IBM SDK, Java Technology Edition 5.0 before SR16-FP9, 6 before SR16-FP3, 6R1 before SR8-FP3, 7 before SR8-FP10, and 7R1 before SR2-FP10 allows remote attackers to bypass intended access permissions and obtain sensitive information via unspecified vectors related to the security manager.

CVSS vector

AV:N/AC:L/C:C/I:N/A:NExploitability: 10.0 | Impact: 6.9

Affected Packages1 packages

▶NVDibm/java_sdk6.0.0.0 — 6.0.16.3+4

🔴Vulnerability Details

GHSA

GHSA-qjg4-m6c6-gq85: Unspecified vulnerability in the Java Virtual Machine (JVM) in IBM SDK, Java Technology Edition 5↗2022-05-14

▶

CVEList

CVE-2014-8892: Unspecified vulnerability in the Java Virtual Machine (JVM) in IBM SDK, Java Technology Edition 5↗2015-03-06

▶

📋Vendor Advisories

Red Hat

JDK: unspecified partial Java sandbox bypass fixed in Feb 2015 update↗2015-02-04

▶

💬Community

Bugzilla

CVE-2014-8892 IBM JDK: unspecified partial Java sandbox bypass fixed in Feb 2015 update↗2015-02-04

▶