CVE-2014-8891

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2014-8891
Unspecified vulnerability in the Java Virtual Machine (JVM) in IBM SDK, Java Technology Edition 5.0 before SR16-FP9, 6 before SR16-FP3, 6R1 before SR8-FP3, 7 before SR8-FP10, and 7R1 before SR2-FP10 allows remote attackers to escape the Java sandbox and execute arbitrary code via unspecified vectors related to the security manager.

10.0 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References
Link Resource
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00021.html Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00022.html Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00025.html Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html Mailing List Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-0136.html Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-0264.html Third Party Advisory
http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Security_Update_February_2015 Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1189142 Issue Tracking Third Party Advisory
https://www-304.ibm.com/support/docview.wss?uid=swg21695474 Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ibm:java_sdk:*:*:*:*:technology:*:*:*
cpe:2.3:a:ibm:java_sdk:*:*:*:*:technology:*:*:*
cpe:2.3:a:ibm:java_sdk:*:*:*:*:technology:*:*:*
cpe:2.3:a:ibm:java_sdk:*:*:*:*:technology:*:*:*
cpe:2.3:a:ibm:java_sdk:*:*:*:*:technology:*:*:*
History

No history.

Information

Published : 2015-03-06 23:59

Updated : 2024-02-28 12:20

NVD link : CVE-2014-8891

Mitre link : CVE-2014-8891

CVE.ORG link : CVE-2014-8891

JSON object : View

Products Affected

ibm

  • java_sdk
CWE
NVD-CWE-noinfo