CVE-2014-6587 — MEDIUM (4.3)

Vulnerability Description

Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.

CVSS Score

4.3

MEDIUM

AV:L/AC:L/Au:S/C:P/I:P/A:P

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

Affected Products

Vendor	Product	Versions
Oracle	Jdk	1.6.0
Oracle	Jre	1.6.0

References

http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html
http://marc.info/?l=bugtraq&m=142496355704097&w=2
http://marc.info/?l=bugtraq&m=142607790919348&w=2
http://rhn.redhat.com/errata/RHSA-2015-0068.html
http://rhn.redhat.com/errata/RHSA-2015-0079.html
http://rhn.redhat.com/errata/RHSA-2015-0080.html
http://rhn.redhat.com/errata/RHSA-2015-0085.html
http://rhn.redhat.com/errata/RHSA-2015-0086.html
http://rhn.redhat.com/errata/RHSA-2015-0264.html
http://www.debian.org/security/2015/dsa-3144
http://www.debian.org/security/2015/dsa-3147
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.htmlPatchVendor Advisory

FAQ

What is CVE-2014-6587?

CVE-2014-6587 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.

How severe is CVE-2014-6587?

CVE-2014-6587 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2014-6587?

Check the references section above for vendor advisories and patch information. Affected products include: Oracle Jdk, Oracle Jre.