ID CVE-2014-8891
Summary Unspecified vulnerability in the Java Virtual Machine (JVM) in IBM SDK, Java Technology Edition 5.0 before SR16-FP9, 6 before SR16-FP3, 6R1 before SR8-FP3, 7 before SR8-FP10, and 7R1 before SR2-FP10 allows remote attackers to escape the Java sandbox and execute arbitrary code via unspecified vectors related to the security manager.
References
Vulnerable Configurations
  • cpe:2.3:a:ibm:java_sdk:5.0.0.0:*:*:*:technology:*:*:*
    cpe:2.3:a:ibm:java_sdk:5.0.0.0:*:*:*:technology:*:*:*
  • cpe:2.3:a:ibm:java_sdk:5.0.11.0:*:*:*:technology:*:*:*
    cpe:2.3:a:ibm:java_sdk:5.0.11.0:*:*:*:technology:*:*:*
  • cpe:2.3:a:ibm:java_sdk:5.0.11.1:*:*:*:technology:*:*:*
    cpe:2.3:a:ibm:java_sdk:5.0.11.1:*:*:*:technology:*:*:*
  • cpe:2.3:a:ibm:java_sdk:5.0.11.2:*:*:*:technology:*:*:*
    cpe:2.3:a:ibm:java_sdk:5.0.11.2:*:*:*:technology:*:*:*
  • cpe:2.3:a:ibm:java_sdk:5.0.12.0:*:*:*:technology:*:*:*
    cpe:2.3:a:ibm:java_sdk:5.0.12.0:*:*:*:technology:*:*:*
  • cpe:2.3:a:ibm:java_sdk:5.0.12.1:*:*:*:technology:*:*:*
    cpe:2.3:a:ibm:java_sdk:5.0.12.1:*:*:*:technology:*:*:*
  • cpe:2.3:a:ibm:java_sdk:5.0.12.2:*:*:*:technology:*:*:*
    cpe:2.3:a:ibm:java_sdk:5.0.12.2:*:*:*:technology:*:*:*
  • cpe:2.3:a:ibm:java_sdk:5.0.12.3:*:*:*:technology:*:*:*
    cpe:2.3:a:ibm:java_sdk:5.0.12.3:*:*:*:technology:*:*:*
  • cpe:2.3:a:ibm:java_sdk:5.0.12.4:*:*:*:technology:*:*:*
    cpe:2.3:a:ibm:java_sdk:5.0.12.4:*:*:*:technology:*:*:*
  • cpe:2.3:a:ibm:java_sdk:5.0.12.5:*:*:*:technology:*:*:*
    cpe:2.3:a:ibm:java_sdk:5.0.12.5:*:*:*:technology:*:*:*
  • cpe:2.3:a:ibm:java_sdk:5.0.13.0:*:*:*:technology:*:*:*
    cpe:2.3:a:ibm:java_sdk:5.0.13.0:*:*:*:technology:*:*:*
  • cpe:2.3:a:ibm:java_sdk:5.0.14.0:*:*:*:technology:*:*:*
    cpe:2.3:a:ibm:java_sdk:5.0.14.0:*:*:*:technology:*:*:*
  • cpe:2.3:a:ibm:java_sdk:5.0.15.0:*:*:*:technology:*:*:*
    cpe:2.3:a:ibm:java_sdk:5.0.15.0:*:*:*:technology:*:*:*
  • cpe:2.3:a:ibm:java_sdk:5.0.16.0:*:*:*:technology:*:*:*
    cpe:2.3:a:ibm:java_sdk:5.0.16.0:*:*:*:technology:*:*:*
  • cpe:2.3:a:ibm:java_sdk:5.0.16.1:*:*:*:technology:*:*:*
    cpe:2.3:a:ibm:java_sdk:5.0.16.1:*:*:*:technology:*:*:*
  • cpe:2.3:a:ibm:java_sdk:5.0.16.2:*:*:*:technology:*:*:*
    cpe:2.3:a:ibm:java_sdk:5.0.16.2:*:*:*:technology:*:*:*
  • cpe:2.3:a:ibm:java_sdk:5.0.16.3:*:*:*:technology:*:*:*
    cpe:2.3:a:ibm:java_sdk:5.0.16.3:*:*:*:technology:*:*:*
  • cpe:2.3:a:ibm:java_sdk:5.0.16.4:*:*:*:technology:*:*:*
    cpe:2.3:a:ibm:java_sdk:5.0.16.4:*:*:*:technology:*:*:*
  • cpe:2.3:a:ibm:java_sdk:5.0.16.5:*:*:*:technology:*:*:*
    cpe:2.3:a:ibm:java_sdk:5.0.16.5:*:*:*:technology:*:*:*
  • cpe:2.3:a:ibm:java_sdk:5.0.16.6:*:*:*:technology:*:*:*
    cpe:2.3:a:ibm:java_sdk:5.0.16.6:*:*:*:technology:*:*:*
  • cpe:2.3:a:ibm:java_sdk:5.0.16.8:*:*:*:technology:*:*:*
    cpe:2.3:a:ibm:java_sdk:5.0.16.8:*:*:*:technology:*:*:*
  • cpe:2.3:a:ibm:java_sdk:6.0.0.0:*:*:*:technology:*:*:*
    cpe:2.3:a:ibm:java_sdk:6.0.0.0:*:*:*:technology:*:*:*
  • cpe:2.3:a:ibm:java_sdk:6.0.1.0:*:*:*:technology:*:*:*
    cpe:2.3:a:ibm:java_sdk:6.0.1.0:*:*:*:technology:*:*:*
  • cpe:2.3:a:ibm:java_sdk:6.0.2.0:*:*:*:technology:*:*:*
    cpe:2.3:a:ibm:java_sdk:6.0.2.0:*:*:*:technology:*:*:*
  • cpe:2.3:a:ibm:java_sdk:6.0.3.0:*:*:*:technology:*:*:*
    cpe:2.3:a:ibm:java_sdk:6.0.3.0:*:*:*:technology:*:*:*
  • cpe:2.3:a:ibm:java_sdk:6.0.4.0:*:*:*:technology:*:*:*
    cpe:2.3:a:ibm:java_sdk:6.0.4.0:*:*:*:technology:*:*:*
  • cpe:2.3:a:ibm:java_sdk:6.0.5.0:*:*:*:technology:*:*:*
    cpe:2.3:a:ibm:java_sdk:6.0.5.0:*:*:*:technology:*:*:*
  • cpe:2.3:a:ibm:java_sdk:6.0.6.0:*:*:*:technology:*:*:*
    cpe:2.3:a:ibm:java_sdk:6.0.6.0:*:*:*:technology:*:*:*
  • cpe:2.3:a:ibm:java_sdk:6.0.7.0:*:*:*:technology:*:*:*
    cpe:2.3:a:ibm:java_sdk:6.0.7.0:*:*:*:technology:*:*:*
  • cpe:2.3:a:ibm:java_sdk:6.0.8.0:*:*:*:technology:*:*:*
    cpe:2.3:a:ibm:java_sdk:6.0.8.0:*:*:*:technology:*:*:*
  • cpe:2.3:a:ibm:java_sdk:6.0.8.1:*:*:*:technology:*:*:*
    cpe:2.3:a:ibm:java_sdk:6.0.8.1:*:*:*:technology:*:*:*
  • cpe:2.3:a:ibm:java_sdk:6.0.9.0:*:*:*:technology:*:*:*
    cpe:2.3:a:ibm:java_sdk:6.0.9.0:*:*:*:technology:*:*:*
  • cpe:2.3:a:ibm:java_sdk:6.0.9.1:*:*:*:technology:*:*:*
    cpe:2.3:a:ibm:java_sdk:6.0.9.1:*:*:*:technology:*:*:*
  • cpe:2.3:a:ibm:java_sdk:6.0.9.2:*:*:*:technology:*:*:*
    cpe:2.3:a:ibm:java_sdk:6.0.9.2:*:*:*:technology:*:*:*
  • cpe:2.3:a:ibm:java_sdk:6.0.10.0:*:*:*:technology:*:*:*
    cpe:2.3:a:ibm:java_sdk:6.0.10.0:*:*:*:technology:*:*:*
  • cpe:2.3:a:ibm:java_sdk:6.0.10.1:*:*:*:technology:*:*:*
    cpe:2.3:a:ibm:java_sdk:6.0.10.1:*:*:*:technology:*:*:*
  • cpe:2.3:a:ibm:java_sdk:6.0.11.0:*:*:*:technology:*:*:*
    cpe:2.3:a:ibm:java_sdk:6.0.11.0:*:*:*:technology:*:*:*
  • cpe:2.3:a:ibm:java_sdk:6.0.12.0:*:*:*:technology:*:*:*
    cpe:2.3:a:ibm:java_sdk:6.0.12.0:*:*:*:technology:*:*:*
  • cpe:2.3:a:ibm:java_sdk:6.0.13.0:*:*:*:technology:*:*:*
    cpe:2.3:a:ibm:java_sdk:6.0.13.0:*:*:*:technology:*:*:*
  • cpe:2.3:a:ibm:java_sdk:6.0.13.1:*:*:*:technology:*:*:*
    cpe:2.3:a:ibm:java_sdk:6.0.13.1:*:*:*:technology:*:*:*
  • cpe:2.3:a:ibm:java_sdk:6.0.13.2:*:*:*:technology:*:*:*
    cpe:2.3:a:ibm:java_sdk:6.0.13.2:*:*:*:technology:*:*:*
  • cpe:2.3:a:ibm:java_sdk:6.0.14.0:*:*:*:technology:*:*:*
    cpe:2.3:a:ibm:java_sdk:6.0.14.0:*:*:*:technology:*:*:*
  • cpe:2.3:a:ibm:java_sdk:6.0.15.0:*:*:*:technology:*:*:*
    cpe:2.3:a:ibm:java_sdk:6.0.15.0:*:*:*:technology:*:*:*
  • cpe:2.3:a:ibm:java_sdk:6.0.15.1:*:*:*:technology:*:*:*
    cpe:2.3:a:ibm:java_sdk:6.0.15.1:*:*:*:technology:*:*:*
  • cpe:2.3:a:ibm:java_sdk:6.0.15.21:*:*:*:technology:*:*:*
    cpe:2.3:a:ibm:java_sdk:6.0.15.21:*:*:*:technology:*:*:*
  • cpe:2.3:a:ibm:java_sdk:6.0.16.0:*:*:*:technology:*:*:*
    cpe:2.3:a:ibm:java_sdk:6.0.16.0:*:*:*:technology:*:*:*
  • cpe:2.3:a:ibm:java_sdk:6.1.0.0:*:*:*:technology:*:*:*
    cpe:2.3:a:ibm:java_sdk:6.1.0.0:*:*:*:technology:*:*:*
  • cpe:2.3:a:ibm:java_sdk:6.1.8.2:*:*:*:technology:*:*:*
    cpe:2.3:a:ibm:java_sdk:6.1.8.2:*:*:*:technology:*:*:*
  • cpe:2.3:a:ibm:java_sdk:7.0.0.0:*:*:*:technology:*:*:*
    cpe:2.3:a:ibm:java_sdk:7.0.0.0:*:*:*:technology:*:*:*
  • cpe:2.3:a:ibm:java_sdk:7.0.1.0:*:*:*:technology:*:*:*
    cpe:2.3:a:ibm:java_sdk:7.0.1.0:*:*:*:technology:*:*:*
  • cpe:2.3:a:ibm:java_sdk:7.0.2.0:*:*:*:technology:*:*:*
    cpe:2.3:a:ibm:java_sdk:7.0.2.0:*:*:*:technology:*:*:*
  • cpe:2.3:a:ibm:java_sdk:7.0.3.0:*:*:*:technology:*:*:*
    cpe:2.3:a:ibm:java_sdk:7.0.3.0:*:*:*:technology:*:*:*
  • cpe:2.3:a:ibm:java_sdk:7.0.4.0:*:*:*:technology:*:*:*
    cpe:2.3:a:ibm:java_sdk:7.0.4.0:*:*:*:technology:*:*:*
  • cpe:2.3:a:ibm:java_sdk:7.0.4.1:*:*:*:technology:*:*:*
    cpe:2.3:a:ibm:java_sdk:7.0.4.1:*:*:*:technology:*:*:*
  • cpe:2.3:a:ibm:java_sdk:7.0.4.2:*:*:*:technology:*:*:*
    cpe:2.3:a:ibm:java_sdk:7.0.4.2:*:*:*:technology:*:*:*
  • cpe:2.3:a:ibm:java_sdk:7.0.5.0:*:*:*:technology:*:*:*
    cpe:2.3:a:ibm:java_sdk:7.0.5.0:*:*:*:technology:*:*:*
  • cpe:2.3:a:ibm:java_sdk:7.0.6.0:*:*:*:technology:*:*:*
    cpe:2.3:a:ibm:java_sdk:7.0.6.0:*:*:*:technology:*:*:*
  • cpe:2.3:a:ibm:java_sdk:7.0.6.1:*:*:*:technology:*:*:*
    cpe:2.3:a:ibm:java_sdk:7.0.6.1:*:*:*:technology:*:*:*
  • cpe:2.3:a:ibm:java_sdk:7.0.7.0:*:*:*:technology:*:*:*
    cpe:2.3:a:ibm:java_sdk:7.0.7.0:*:*:*:technology:*:*:*
  • cpe:2.3:a:ibm:java_sdk:7.1.0.0:*:*:*:technology:*:*:*
    cpe:2.3:a:ibm:java_sdk:7.1.0.0:*:*:*:technology:*:*:*
  • cpe:2.3:a:ibm:java_sdk:7.1.1.0:*:*:*:technology:*:*:*
    cpe:2.3:a:ibm:java_sdk:7.1.1.0:*:*:*:technology:*:*:*
CVSS
Base: 10.0 (as of 16-07-2019 - 12:23)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:C/I:C/A:C
redhat via4
advisories
  • rhsa
    id RHSA-2015:0136
  • rhsa
    id RHSA-2015:0264
refmap via4
confirm
suse
  • SUSE-SU-2015:0304
  • SUSE-SU-2015:0306
  • SUSE-SU-2015:0343
  • SUSE-SU-2015:0344
  • SUSE-SU-2015:0345
  • SUSE-SU-2015:0376
  • SUSE-SU-2015:0392
  • SUSE-SU-2015:1073
Last major update 16-07-2019 - 12:23
Published 06-03-2015 - 23:59
Back to Top