Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2014-3065
HistoryDec 02, 2014 - 1:59 a.m.

CVE-2014-3065

2014-12-0201:59:01
CWE-94
[email protected]
web.nvd.nist.gov
31
2
ibm
java
runtime environment
jre
vulnerability
arbitrary code execution
nvd
cve-2014-3065

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

4.6 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

10.3%

JSON

Unspecified vulnerability in IBM Java Runtime Environment (JRE) 7 R1 before SR2 (7.1.2.0), 7 before SR8 (7.0.8.0), 6 R1 before SR8 FP2 (6.1.8.2), 6 before SR16 FP2 (6.0.16.2), and before SR16 FP8 (5.0.16.8) allows local users to execute arbitrary code via vectors related to the shared classes cache.

Affected configurations

NVD
Node
ibmjavaMatch5.0.0.0
OR
ibmjavaMatch5.0.11.0
OR
ibmjavaMatch5.0.11.1
OR
ibmjavaMatch5.0.11.2
OR
ibmjavaMatch5.0.12.0
OR
ibmjavaMatch5.0.12.1
OR
ibmjavaMatch5.0.12.2
OR
ibmjavaMatch5.0.12.3
OR
ibmjavaMatch5.0.12.4
OR
ibmjavaMatch5.0.12.5
OR
ibmjavaMatch5.0.13.0
OR
ibmjavaMatch5.0.14.0
OR
ibmjavaMatch5.0.15.0
OR
ibmjavaMatch5.0.16.0
OR
ibmjavaMatch5.0.16.1
OR
ibmjavaMatch5.0.16.2
OR
ibmjavaMatch5.0.16.3
OR
ibmjavaMatch6.0.0.0
OR
ibmjavaMatch6.0.1.0
OR
ibmjavaMatch6.0.2.0
OR
ibmjavaMatch6.0.3.0
OR
ibmjavaMatch6.0.4.0
OR
ibmjavaMatch6.0.5.0
OR
ibmjavaMatch6.0.6.0
OR
ibmjavaMatch6.0.7.0
OR
ibmjavaMatch6.0.8.0
OR
ibmjavaMatch6.0.8.1
OR
ibmjavaMatch6.0.9.0
OR
ibmjavaMatch6.0.9.1
OR
ibmjavaMatch6.0.9.2
OR
ibmjavaMatch6.0.10.0
OR
ibmjavaMatch6.0.10.1
OR
ibmjavaMatch6.0.11.0
OR
ibmjavaMatch6.0.12.0
OR
ibmjavaMatch6.0.13.0
OR
ibmjavaMatch6.0.13.1
OR
ibmjavaMatch6.0.13.2
OR
ibmjavaMatch6.0.14.0
OR
ibmjavaMatch7.0.0.0
OR
ibmjavaMatch7.0.1.0
OR
ibmjavaMatch7.0.2.0
OR
ibmjavaMatch7.0.3.0
OR
ibmjavaMatch7.0.4.0
OR
ibmjavaMatch7.0.4.1
OR
ibmjavaMatch7.0.4.2
OR
ibmjavaMatch7.0.5.0

References

Social References

More

Related

cvelist 1
veracode 1
nvd 1
prion 1
ibm 22
nessus 10
redhat 6
openvas 11
suse 7
aix 1
cvelist
cvelist
CVE-2014-3065
2014-12-02 01:00:00
veracode
veracode
Arbitrary Code Execution
2019-01-15 09:03:04
nvd
nvd
CVE-2014-3065
2014-12-02 01:59:01
prion
prion
Design/Logic Flaw
2014-12-02 01:59:00
ibm
ibm
Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Data Studio Web Console. (CVE-2014-6457, CVE-2014-3065)
2018-06-16 13:08:09
Security Bulletin: IBM QRadar SIEM and IBM QRadar Risk Manager can be affected by Multiple Vulnerabilities in the IBM Java Runtime Environment (CVE-2014-3065, CVE-2014-6512)
2022-02-23 17:02:11
Security Bulletin: Tivoli Netcool Service Quality Manager is affected by the vulnerabilities in the IBM JRE and Tivoli Directory Server
2018-06-17 14:54:35
nessus
nessus
RHEL 5 / 6 : java-1.5.0-ibm (RHSA-2014:1881) (POODLE)
2014-11-21 00:00:00
RHEL 5 / 6 : java-1.6.0-ibm (RHSA-2014:1877) (POODLE)
2014-11-20 00:00:00
SUSE SLES12 Security Update : java-1_6_0-ibm (SUSE-SU-2014:1541-1) (POODLE)
2019-01-02 00:00:00
redhat
redhat
(RHSA-2014:1881) Important: java-1.5.0-ibm security update
2014-11-20 00:00:00
(RHSA-2014:1877) Critical: java-1.6.0-ibm security update
2014-11-19 00:00:00
(RHSA-2014:1882) Critical: java-1.7.0-ibm security update
2014-11-20 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2015:0376-1)
2021-06-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2014:1549-1)
2021-04-19 00:00:00
SUSE: Security Advisory (SUSE-SU-2014:1526-1)
2021-06-09 00:00:00
suse
suse
Security update for java-1_5_0-ibm (important)
2015-02-25 19:05:32
Security update for java-1_6_0-ibm (important)
2015-02-21 01:07:10
Security update for java-1_7_1-ibm (important)
2014-12-03 17:04:45
aix
aix
Multiple vulnerabilities in current releases of the IBM SDK Java Technology Edition; issues in the Oracle October 2014 Critical Patch Update plus the POODLE SSLv3 vulnerability and
2014-11-14 15:40:48

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

4.6 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

10.3%

JSON
Related for CVE-2014-3065
cvelist1veracode1nvd1prion1ibm22nessus10redhat6openvas11suse7aix1