Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2014-6504

Published: 15/10/2014 Updated: 13/05/2022
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Subscribe to Jdk

Vulnerability Summary

Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, and 7u67, and Java SE Embedded 7u60, allows remote malicious users to affect confidentiality via unknown vectors related to Hotspot.

Vulnerable Product Search on Vulmon Subscribe to Product

oracle jdk 1.5.0

oracle jre 1.5.0

oracle jre 1.7.0

oracle jre 1.6.0

oracle jdk 1.7.0

oracle jdk 1.6.0

Vendor Advisories

Ubuntu Security Notice: openjdk-6 vulnerabilities
Several security issues were fixed in OpenJDK 6 ...
Ubuntu Security Notice: openjdk-7 vulnerabilities
Several security issues were fixed in OpenJDK 7 ...
Ubuntu Security Notice: openjdk-7 vulnerabilities
Several security issues were fixed in OpenJDK 7 ...
Debian Security Advisories: DSA-3080-1 openjdk-7 -- security update
Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, information disclosure or denial of service For the stable distribution (wheezy), these problems have been fixed in version 7u71-253-2~deb7u1 For the upcoming stable distribution (jessie), these p ...
Debian Security Advisories: DSA-3077-1 openjdk-6 -- security update
Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, information disclosure or denial of service For the stable distribution (wheezy), these problems have been fixed in version 6b33-1135-2~deb7u1 We recommend that you upgrade your openjdk-6 packages ...
Red Hat: CVE-2014-6504
Unspecified vulnerability in Oracle Java SE 50u71, 6u81, and 7u67, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality via unknown vectors related to Hotspot ...
Amazon Linux AMI: ALAS-2014-430
Multiple flaws were discovered in the Libraries, 2D, and Hotspot components in OpenJDK An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions (CVE-2014-6506, CVE-2014-6531, CVE-2014-6502, CVE-2014-6511, CVE-2014-6504, CVE-2014-6519) It was discovered that the StAX XML parser in the JAXP component ...
Amazon Linux AMI: ALAS-2014-431
Multiple flaws were discovered in the Libraries, 2D, and Hotspot components in OpenJDK An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions (CVE-2014-6506, CVE-2014-6531, CVE-2014-6502, CVE-2014-6511, CVE-2014-6504, CVE-2014-6519) It was discovered that the StAX XML parser in the JAXP component ...
Amazon Linux AMI: ALAS-2014-432
It was discovered that the Libraries component in OpenJDK failed to properly handle ZIP archives that contain entries with a NUL byte used in the file names An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions (CVE-2014-6562) Multiple flaws were discovered in the Libraries, 2D, and Hotspot components in ...

References

NVD-CWE-noinfohttp://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.htmlhttp://secunia.com/advisories/60416http://secunia.com/advisories/60417http://rhn.redhat.com/errata/RHSA-2014-1658.htmlhttp://rhn.redhat.com/errata/RHSA-2014-1636.htmlhttp://secunia.com/advisories/60414http://rhn.redhat.com/errata/RHSA-2014-1634.htmlhttp://rhn.redhat.com/errata/RHSA-2014-1633.htmlhttp://www.ubuntu.com/usn/USN-2386-1http://rhn.redhat.com/errata/RHSA-2014-1620.htmlhttp://rhn.redhat.com/errata/RHSA-2014-1657.htmlhttp://www.securityfocus.com/bid/70564http://secunia.com/advisories/61143http://secunia.com/advisories/61629http://linux.oracle.com/errata/ELSA-2014-1634.htmlhttp://linux.oracle.com/errata/ELSA-2014-1633.htmlhttp://secunia.com/advisories/61020http://secunia.com/advisories/61018http://linux.oracle.com/errata/ELSA-2014-1636http://secunia.com/advisories/61164http://secunia.com/advisories/61346http://secunia.com/advisories/61609http://secunia.com/advisories/61163http://secunia.com/advisories/61928http://www.ubuntu.com/usn/USN-2388-1http://www.ubuntu.com/usn/USN-2388-2http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00013.htmlhttp://www.debian.org/security/2014/dsa-3077http://www.debian.org/security/2014/dsa-3080http://marc.info/?l=bugtraq&m=141775382904016&w=2http://security.gentoo.org/glsa/glsa-201502-12.xmlhttps://nvd.nist.govhttps://usn.ubuntu.com/2386-1/https://access.redhat.com/security/cve/cve-2014-6504
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
hardcodedarbitrary codeCVE-2024-2404CVE-2024-21111CVE-2024-28627CVE-2024-4073information disclosureCVE-2024-32780CVE-2024-4040
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook