Vulnerability-Lookup

CVE-2014-3065 (GCVE-0-2014-3065)

Vulnerability from cvelistv5 – Published: 2014-12-02 01:00 – Updated: 2024-08-06 10:35

Summary

Unspecified vulnerability in IBM Java Runtime Environment (JRE) 7 R1 before SR2 (7.1.2.0), 7 before SR8 (7.0.8.0), 6 R1 before SR8 FP2 (6.1.8.2), 6 before SR16 FP2 (6.0.16.2), and before SR16 FP8 (5.0.16.8) allows local users to execute arbitrary code via vectors related to the shared classes cache.

Severity ?

No CVSS data available.

CWE

Assigner

ibm

References

URL

Tags

	http://rhn.redhat.com/errata/RHSA-2014-1880.html	vendor-advisoryx_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2014-1877.html	vendor-advisoryx_refsource_REDHAT
	http://www-01.ibm.com/support/docview.wss?uid=swg…	vendor-advisoryx_refsource_AIXAPAR
	http://www-01.ibm.com/support/docview.wss?uid=swg…	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg…	vendor-advisoryx_refsource_AIXAPAR
	http://rhn.redhat.com/errata/RHSA-2014-1881.html	vendor-advisoryx_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://rhn.redhat.com/errata/RHSA-2014-1876.html	vendor-advisoryx_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2015-0264.html	vendor-advisoryx_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=1162554	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://rhn.redhat.com/errata/RHSA-2014-1882.html	vendor-advisoryx_refsource_REDHAT
	http://www.securityfocus.com/bid/71147	vdb-entryx_refsource_BID
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T10:35:55.374Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2014:1880",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-1880.html"
          },
          {
            "name": "RHSA-2014:1877",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-1877.html"
          },
          {
            "name": "IV66045",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV66045"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283"
          },
          {
            "name": "IV66044",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV66044"
          },
          {
            "name": "RHSA-2014:1881",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-1881.html"
          },
          {
            "name": "SUSE-SU-2014:1549",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html"
          },
          {
            "name": "SUSE-SU-2015:0376",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html"
          },
          {
            "name": "RHSA-2014:1876",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-1876.html"
          },
          {
            "name": "RHSA-2015:0264",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1162554"
          },
          {
            "name": "SUSE-SU-2015:0392",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"
          },
          {
            "name": "SUSE-SU-2014:1526",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html"
          },
          {
            "name": "SUSE-SU-2015:0345",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html"
          },
          {
            "name": "RHSA-2014:1882",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2014-1882.html"
          },
          {
            "name": "71147",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/71147"
          },
          {
            "name": "SUSE-SU-2015:0344",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-10-17T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in IBM Java Runtime Environment (JRE) 7 R1 before SR2 (7.1.2.0), 7 before SR8 (7.0.8.0), 6 R1 before SR8 FP2 (6.1.8.2), 6 before SR16 FP2 (6.0.16.2), and before SR16 FP8 (5.0.16.8) allows local users to execute arbitrary code via vectors related to the shared classes cache."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2015-03-16T16:57:00.000Z",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "RHSA-2014:1880",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-1880.html"
        },
        {
          "name": "RHSA-2014:1877",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-1877.html"
        },
        {
          "name": "IV66045",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV66045"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283"
        },
        {
          "name": "IV66044",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV66044"
        },
        {
          "name": "RHSA-2014:1881",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-1881.html"
        },
        {
          "name": "SUSE-SU-2014:1549",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html"
        },
        {
          "name": "SUSE-SU-2015:0376",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html"
        },
        {
          "name": "RHSA-2014:1876",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-1876.html"
        },
        {
          "name": "RHSA-2015:0264",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1162554"
        },
        {
          "name": "SUSE-SU-2015:0392",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"
        },
        {
          "name": "SUSE-SU-2014:1526",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html"
        },
        {
          "name": "SUSE-SU-2015:0345",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html"
        },
        {
          "name": "RHSA-2014:1882",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2014-1882.html"
        },
        {
          "name": "71147",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/71147"
        },
        {
          "name": "SUSE-SU-2015:0344",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2014-3065",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in IBM Java Runtime Environment (JRE) 7 R1 before SR2 (7.1.2.0), 7 before SR8 (7.0.8.0), 6 R1 before SR8 FP2 (6.1.8.2), 6 before SR16 FP2 (6.0.16.2), and before SR16 FP8 (5.0.16.8) allows local users to execute arbitrary code via vectors related to the shared classes cache."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2014:1880",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-1880.html"
            },
            {
              "name": "RHSA-2014:1877",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-1877.html"
            },
            {
              "name": "IV66045",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV66045"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283"
            },
            {
              "name": "IV66044",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV66044"
            },
            {
              "name": "RHSA-2014:1881",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-1881.html"
            },
            {
              "name": "SUSE-SU-2014:1549",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html"
            },
            {
              "name": "SUSE-SU-2015:0376",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html"
            },
            {
              "name": "RHSA-2014:1876",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-1876.html"
            },
            {
              "name": "RHSA-2015:0264",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1162554",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1162554"
            },
            {
              "name": "SUSE-SU-2015:0392",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"
            },
            {
              "name": "SUSE-SU-2014:1526",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html"
            },
            {
              "name": "SUSE-SU-2015:0345",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html"
            },
            {
              "name": "RHSA-2014:1882",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2014-1882.html"
            },
            {
              "name": "71147",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/71147"
            },
            {
              "name": "SUSE-SU-2015:0344",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2014-3065",
    "datePublished": "2014-12-02T01:00:00.000Z",
    "dateReserved": "2014-04-29T00:00:00.000Z",
    "dateUpdated": "2024-08-06T10:35:55.374Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

GSD-2014-3065

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2014-3065

Aliases

CVE-2014-3065

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2014-3065",
    "description": "Unspecified vulnerability in IBM Java Runtime Environment (JRE) 7 R1 before SR2 (7.1.2.0), 7 before SR8 (7.0.8.0), 6 R1 before SR8 FP2 (6.1.8.2), 6 before SR16 FP2 (6.0.16.2), and before SR16 FP8 (5.0.16.8) allows local users to execute arbitrary code via vectors related to the shared classes cache.",
    "id": "GSD-2014-3065",
    "references": [
      "https://www.suse.com/security/cve/CVE-2014-3065.html",
      "https://access.redhat.com/errata/RHSA-2015:0264",
      "https://access.redhat.com/errata/RHSA-2014:1882",
      "https://access.redhat.com/errata/RHSA-2014:1881",
      "https://access.redhat.com/errata/RHSA-2014:1880",
      "https://access.redhat.com/errata/RHSA-2014:1877",
      "https://access.redhat.com/errata/RHSA-2014:1876"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2014-3065"
      ],
      "details": "Unspecified vulnerability in IBM Java Runtime Environment (JRE) 7 R1 before SR2 (7.1.2.0), 7 before SR8 (7.0.8.0), 6 R1 before SR8 FP2 (6.1.8.2), 6 before SR16 FP2 (6.0.16.2), and before SR16 FP8 (5.0.16.8) allows local users to execute arbitrary code via vectors related to the shared classes cache.",
      "id": "GSD-2014-3065",
      "modified": "2023-12-13T01:22:53.260684Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@us.ibm.com",
        "ID": "CVE-2014-3065",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Unspecified vulnerability in IBM Java Runtime Environment (JRE) 7 R1 before SR2 (7.1.2.0), 7 before SR8 (7.0.8.0), 6 R1 before SR8 FP2 (6.1.8.2), 6 before SR16 FP2 (6.0.16.2), and before SR16 FP8 (5.0.16.8) allows local users to execute arbitrary code via vectors related to the shared classes cache."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "RHSA-2014:1880",
            "refsource": "REDHAT",
            "url": "http://rhn.redhat.com/errata/RHSA-2014-1880.html"
          },
          {
            "name": "RHSA-2014:1877",
            "refsource": "REDHAT",
            "url": "http://rhn.redhat.com/errata/RHSA-2014-1877.html"
          },
          {
            "name": "IV66045",
            "refsource": "AIXAPAR",
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV66045"
          },
          {
            "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283",
            "refsource": "CONFIRM",
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283"
          },
          {
            "name": "IV66044",
            "refsource": "AIXAPAR",
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV66044"
          },
          {
            "name": "RHSA-2014:1881",
            "refsource": "REDHAT",
            "url": "http://rhn.redhat.com/errata/RHSA-2014-1881.html"
          },
          {
            "name": "SUSE-SU-2014:1549",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html"
          },
          {
            "name": "SUSE-SU-2015:0376",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html"
          },
          {
            "name": "RHSA-2014:1876",
            "refsource": "REDHAT",
            "url": "http://rhn.redhat.com/errata/RHSA-2014-1876.html"
          },
          {
            "name": "RHSA-2015:0264",
            "refsource": "REDHAT",
            "url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
          },
          {
            "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1162554",
            "refsource": "CONFIRM",
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1162554"
          },
          {
            "name": "SUSE-SU-2015:0392",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"
          },
          {
            "name": "SUSE-SU-2014:1526",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html"
          },
          {
            "name": "SUSE-SU-2015:0345",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html"
          },
          {
            "name": "RHSA-2014:1882",
            "refsource": "REDHAT",
            "url": "http://rhn.redhat.com/errata/RHSA-2014-1882.html"
          },
          {
            "name": "71147",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/71147"
          },
          {
            "name": "SUSE-SU-2015:0344",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:ibm:java:7.0.4.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:java:7.0.5.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:java:6.0.5.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:java:6.0.4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:java:6.0.12.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:java:6.0.11.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:java:5.0.16.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:java:5.0.16.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:java:5.0.15.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:java:5.0.12.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:java:5.0.12.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:java:7.0.4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:java:7.0.4.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:java:6.0.7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:java:6.0.6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:java:6.0.13.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:java:6.0.13.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:java:5.0.16.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:java:5.0.16.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:java:5.0.12.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:java:5.0.12.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:java:7.0.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:java:7.0.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:java:6.0.9.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:java:6.0.9.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:java:6.0.9.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:java:6.0.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:java:6.0.2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:java:6.0.10.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:java:6.0.10.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:java:5.0.14.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:java:5.0.13.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:java:5.0.11.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:java:5.0.11.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:java:7.0.2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:java:7.0.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:java:6.0.8.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:java:6.0.8.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:java:6.0.14.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:java:6.0.13.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:java:6.0.1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:java:6.0.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:java:5.0.12.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:java:5.0.12.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:java:5.0.11.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:ibm:java:5.0.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2014-3065"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in IBM Java Runtime Environment (JRE) 7 R1 before SR2 (7.1.2.0), 7 before SR8 (7.0.8.0), 6 R1 before SR8 FP2 (6.1.8.2), 6 before SR16 FP2 (6.0.16.2), and before SR16 FP8 (5.0.16.8) allows local users to execute arbitrary code via vectors related to the shared classes cache."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-94"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "71147",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/71147"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283"
            },
            {
              "name": "IV66044",
              "refsource": "AIXAPAR",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV66044"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1162554",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1162554"
            },
            {
              "name": "IV66045",
              "refsource": "AIXAPAR",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV66045"
            },
            {
              "name": "RHSA-2014:1882",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://rhn.redhat.com/errata/RHSA-2014-1882.html"
            },
            {
              "name": "RHSA-2014:1877",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://rhn.redhat.com/errata/RHSA-2014-1877.html"
            },
            {
              "name": "RHSA-2014:1876",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://rhn.redhat.com/errata/RHSA-2014-1876.html"
            },
            {
              "name": "RHSA-2014:1881",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://rhn.redhat.com/errata/RHSA-2014-1881.html"
            },
            {
              "name": "RHSA-2014:1880",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://rhn.redhat.com/errata/RHSA-2014-1880.html"
            },
            {
              "name": "SUSE-SU-2014:1549",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html"
            },
            {
              "name": "SUSE-SU-2014:1526",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html"
            },
            {
              "name": "SUSE-SU-2015:0344",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"
            },
            {
              "name": "SUSE-SU-2015:0392",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"
            },
            {
              "name": "SUSE-SU-2015:0345",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html"
            },
            {
              "name": "SUSE-SU-2015:0376",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html"
            },
            {
              "name": "RHSA-2015:0264",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 6.9,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 3.4,
          "impactScore": 10.0,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2015-03-18T02:00Z",
      "publishedDate": "2014-12-02T01:59Z"
    }
  }
}

GHSA-7F48-7WHF-6C52

Vulnerability from github – Published: 2022-05-17 04:14 – Updated: 2022-05-17 04:14

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2014-3065"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-94"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2014-12-02T01:59:00Z",
    "severity": "MODERATE"
  },
  "details": "Unspecified vulnerability in IBM Java Runtime Environment (JRE) 7 R1 before SR2 (7.1.2.0), 7 before SR8 (7.0.8.0), 6 R1 before SR8 FP2 (6.1.8.2), 6 before SR16 FP2 (6.0.16.2), and before SR16 FP8 (5.0.16.8) allows local users to execute arbitrary code via vectors related to the shared classes cache.",
  "id": "GHSA-7f48-7whf-6c52",
  "modified": "2022-05-17T04:14:52Z",
  "published": "2022-05-17T04:14:52Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3065"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1162554"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1876.html"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1877.html"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1880.html"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1881.html"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1882.html"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
    },
    {
      "type": "WEB",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV66044"
    },
    {
      "type": "WEB",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV66045"
    },
    {
      "type": "WEB",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/71147"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

FKIE_CVE-2014-3065

Vulnerability from fkie_nvd - Published: 2014-12-02 01:59 - Updated: 2025-04-12 10:46

Severity ?

Summary

References

URL	Tags
psirt@us.ibm.com	http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html
psirt@us.ibm.com	http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html
psirt@us.ibm.com	http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html
psirt@us.ibm.com	http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html
psirt@us.ibm.com	http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html
psirt@us.ibm.com	http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html
psirt@us.ibm.com	http://rhn.redhat.com/errata/RHSA-2014-1876.html
psirt@us.ibm.com	http://rhn.redhat.com/errata/RHSA-2014-1877.html
psirt@us.ibm.com	http://rhn.redhat.com/errata/RHSA-2014-1880.html
psirt@us.ibm.com	http://rhn.redhat.com/errata/RHSA-2014-1881.html
psirt@us.ibm.com	http://rhn.redhat.com/errata/RHSA-2014-1882.html
psirt@us.ibm.com	http://rhn.redhat.com/errata/RHSA-2015-0264.html
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg1IV66044	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg1IV66045	Vendor Advisory
psirt@us.ibm.com	http://www-01.ibm.com/support/docview.wss?uid=swg21688283	Vendor Advisory
psirt@us.ibm.com	http://www.securityfocus.com/bid/71147
psirt@us.ibm.com	https://bugzilla.redhat.com/show_bug.cgi?id=1162554
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2014-1876.html
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2014-1877.html
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2014-1880.html
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2014-1881.html
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2014-1882.html
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2015-0264.html
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg1IV66044	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg1IV66045	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21688283	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/71147
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=1162554

Impacted products

Vendor	Product	Version
ibm	java	5.0.0.0
ibm	java	5.0.11.0
ibm	java	5.0.11.1
ibm	java	5.0.11.2
ibm	java	5.0.12.0
ibm	java	5.0.12.1
ibm	java	5.0.12.2
ibm	java	5.0.12.3
ibm	java	5.0.12.4
ibm	java	5.0.12.5
ibm	java	5.0.13.0
ibm	java	5.0.14.0
ibm	java	5.0.15.0
ibm	java	5.0.16.0
ibm	java	5.0.16.1
ibm	java	5.0.16.2
ibm	java	5.0.16.3
ibm	java	6.0.0.0
ibm	java	6.0.1.0
ibm	java	6.0.2.0
ibm	java	6.0.3.0
ibm	java	6.0.4.0
ibm	java	6.0.5.0
ibm	java	6.0.6.0
ibm	java	6.0.7.0
ibm	java	6.0.8.0
ibm	java	6.0.8.1
ibm	java	6.0.9.0
ibm	java	6.0.9.1
ibm	java	6.0.9.2
ibm	java	6.0.10.0
ibm	java	6.0.10.1
ibm	java	6.0.11.0
ibm	java	6.0.12.0
ibm	java	6.0.13.0
ibm	java	6.0.13.1
ibm	java	6.0.13.2
ibm	java	6.0.14.0
ibm	java	7.0.0.0
ibm	java	7.0.1.0
ibm	java	7.0.2.0
ibm	java	7.0.3.0
ibm	java	7.0.4.0
ibm	java	7.0.4.1
ibm	java	7.0.4.2
ibm	java	7.0.5.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:java:5.0.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "03D3F84F-3F6E-4DF1-B162-152293D951EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:5.0.11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A18121C3-F3F1-4EC7-A64E-3F6A0C9788C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:5.0.11.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BAD59912-7325-4AE1-ACCF-D4F804AF3947",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:5.0.11.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "62783157-E3B6-4A23-8D2F-1FBD0762E9A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:5.0.12.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "14CC0D53-8AB8-4D44-82BB-0E6A974C36AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:5.0.12.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91A3129F-17A6-4F32-BD5D-34E4A1D1A840",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:5.0.12.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2845FF4-2620-4B8D-96CF-CC26B3DEA3C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:5.0.12.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC7CD279-54B6-4F6B-AE14-299FB319C690",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:5.0.12.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "0EA269CA-4676-4008-89EF-20FAB89886A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:5.0.12.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D22105B6-1378-4E1C-B28A-FCAE00A2D5CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:5.0.13.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "601762D3-1188-4945-931D-EB8DAC2847A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:5.0.14.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA4A30A6-498C-46B8-8EFC-45EB13354EAF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:5.0.15.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "414CC00A-C797-4C34-8709-75DC061DCDE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:5.0.16.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4401B967-0550-44F1-8753-9632120D2A44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:5.0.16.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4961693D-F56C-46CD-B721-6A15E2837C17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:5.0.16.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA4FBB66-CF6A-42D2-B122-1861F4139E75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:5.0.16.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E4B1DD6-3056-4FA8-8203-CCD8036FBD4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:6.0.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "14AD4A87-382A-41F0-96D8-0F0A9B738773",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:6.0.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "33701DDF-6882-41D3-A11B-A1F4585A77A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:6.0.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "25C58BBA-06AC-40CD-A906-FD1B3B0AAB69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:6.0.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "76C5B430-EE11-4674-B4B0-895D66E3B32F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:6.0.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1837D84-6B4F-40D8-9A3F-71C328F659BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:6.0.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D20A369B-2168-4883-A84C-BB48A71AFB33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:6.0.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3628AAB4-E524-46E5-AAF4-1980256F13CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:6.0.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "30DC9FE3-CDE9-4F83-989B-4E431BA18B56",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:6.0.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C17B1C6B-04CE-49FB-B9BD-98ECD626B26F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:6.0.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "81F529EB-2BCA-4E3E-93E4-2A9880CDA367",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:6.0.9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DEAC3D6-F9F8-4F82-9BF1-FF0EC07A3274",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:6.0.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7694638C-CDAC-44DF-B9F9-F7237CD98017",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:6.0.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "23903A3C-1760-4836-BAE6-BDD32CBB4CBD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:6.0.10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2477E033-D26B-4D71-839B-5FE4B0927559",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:6.0.10.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1CAB7BF-265E-411D-A584-E78DE171F065",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:6.0.11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E45F670-232F-4CE5-8926-6463E5619506",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:6.0.12.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B70E6E3-15B3-4D48-AE49-B9184A58EECE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:6.0.13.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D5BCE3FD-B89B-4141-8103-9DB941AD60D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:6.0.13.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "8EADFB3B-738F-4919-B165-9ECEED46EA6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:6.0.13.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B23A5431-E599-4848-AB83-B299898F5EF0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:6.0.14.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "5FAE5E9B-3CF5-40E5-A551-1AFD6BD07A2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:7.0.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A8BF650-B8F5-467E-8DBF-81788B55F345",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:7.0.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1752A831-916F-4A7D-8AAE-1CEFACC51F91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:7.0.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C9744C4-76BE-428B-AFF2-5BCE00A58322",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:7.0.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "48B1DE45-90F9-416B-9087-8AEF5B0A3C46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:7.0.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EF6A045-0DF6-463B-A0DB-6C31D8C2984C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:7.0.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A731493C-9B46-4105-9902-B15BA0E0FB11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:7.0.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "49454369-A494-4EAA-88D5-181570DEBB4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:java:7.0.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C76B9DFD-7259-423A-8CFC-A898E74897AE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in IBM Java Runtime Environment (JRE) 7 R1 before SR2 (7.1.2.0), 7 before SR8 (7.0.8.0), 6 R1 before SR8 FP2 (6.1.8.2), 6 before SR16 FP2 (6.0.16.2), and before SR16 FP8 (5.0.16.8) allows local users to execute arbitrary code via vectors related to the shared classes cache."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en IBM Java Runtime Environment (JRE) 7 R1 anterior a SR2 (7.1.2.0), 7 anterior a SR8 (7.0.8.0), 6 R1 anterior a SR8 FP2 (6.1.8.2), 6 anterior a SR16 FP2 (6.0.16.2), y anterior a SR16 FP8 (5.0.16.8) permite a usuarios locales ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores relacionados con el cach\u00e9 de clases compartidas."
    }
  ],
  "id": "CVE-2014-3065",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.9,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.4,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-12-02T01:59:01.467",
  "references": [
    {
      "source": "psirt@us.ibm.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1876.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1877.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1880.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1881.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1882.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV66044"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV66045"
    },
    {
      "source": "psirt@us.ibm.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "http://www.securityfocus.com/bid/71147"
    },
    {
      "source": "psirt@us.ibm.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1162554"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1876.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1877.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1880.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1881.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2014-1882.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV66044"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV66045"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/71147"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1162554"
    }
  ],
  "sourceIdentifier": "psirt@us.ibm.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-94"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CERTFR-2014-AVI-525

Vulnerability from certfr_avis - Published: 2014-12-11 - Updated: 2014-12-11

De multiples vulnérabilités ont été corrigées dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, un contournement de la politique de sécurité et une atteinte à la confidentialité des données.

Contournement provisoire

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
IBM	N/A	IBM Rational ClearQuest 8.x
IBM	N/A	IBM Rational ClearCase 8.x
IBM	WebSphere	IBM WebSphere Message Broker 7.x
IBM	N/A	IBM Rational RequisitePro 7.x
IBM	N/A	IBM Rational ClearCase 7.x
IBM	N/A	IBM Integration Bus 9.x
IBM	N/A	IBM Cognos Business Intelligence 10.x
IBM	WebSphere	IBM WebSphere Portal 8.x
IBM	WebSphere	IBM WebSphere Message Broker 8.x
IBM	N/A	IBM Rational ClearQuest 7.x

References

Title

Publication Time

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2014-3065 (GCVE-0-2014-3065)

GSD-2014-3065

GHSA-7F48-7WHF-6C52

FKIE_CVE-2014-3065

CERTFR-2014-AVI-525

Contournement provisoire

Tags

Sightings

Nomenclature