IBM Java Multiple Vulnerabilities
Last Update Date:
12 Nov 2014 16:56
Release Date:
12 Nov 2014
3249
Views
RISK: Medium Risk
TYPE: Clients - Productivity Products
Multiple vulnerabilities have been identified in IBM Java, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to disclose sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a user's system.
A security issue has been identified in IBM Java SSL Version 3.0, which can be exploited by malicious people to disclose potentially sensitive information
Impact
- Denial of Service
- Elevation of Privilege
- Information Disclosure
- Data Manipulation
System / Technologies affected
- IBM Java 5.x
- IBM Java 6.x
- IBM Java 7.x
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Update to version 5.0 SR16-FP8, 6 SR16-FP2, 6R1 SR8-FP2, 7 SR8, or 7R1 SR2.
http://www.ibm.com/developerworks/java/jdk/alerts/
Vulnerability Identifier
- CVE-2014-3065
- CVE-2014-4288
- CVE-2014-6456
- CVE-2014-6457
- CVE-2014-6458
- CVE-2014-6466
- CVE-2014-6476
- CVE-2014-6492
- CVE-2014-6493
- CVE-2014-6502
- CVE-2014-6503
- CVE-2014-6506
- CVE-2014-6511
- CVE-2014-6512
- CVE-2014-6513
- CVE-2014-6515
- CVE-2014-6527
- CVE-2014-6531
- CVE-2014-6532
- CVE-2014-6558
- CVE-2014-3566
Source
Related Link
Share with