Home > Vulnerability Database > CVE-2014-3065

Mend.io Vulnerability Database

CVE-2014-3065

Date: December 1, 2014

Unspecified vulnerability in IBM Java Runtime Environment (JRE) 7 R1 before SR2 (7.1.2.0), 7 before SR8 (7.0.8.0), 6 R1 before SR8 FP2 (6.1.8.2), 6 before SR16 FP2 (6.0.16.2), and before SR16 FP8 (5.0.16.8) allows local users to execute arbitrary code via vectors related to the shared classes cache.

Severity Score

7.4

Related Resources (20)

Url: http://www.securityfocus.com/bid/71147

Url: http://www-01.ibm.com/support/docview.wss?uid=swg21688283

Url: http://rhn.redhat.com/errata/RHSA-2014-1882.html

Url: https://nvd.nist.gov/vuln/detail/CVE-2014-3065

Url: http://rhn.redhat.com/errata/RHSA-2014-1880.html

Url: http://rhn.redhat.com/errata/RHSA-2015-0264.html

Url: http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html

Url: http://rhn.redhat.com/errata/RHSA-2014-1877.html

Url: http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html

Url: http://rhn.redhat.com/errata/RHSA-2014-1881.html

Url: http://www-01.ibm.com/support/docview.wss?uid=swg1IV66045

Url: http://www-01.ibm.com/support/docview.wss?uid=swg1IV66044

Url: http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html

Url: http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html

Url: https://access.redhat.com/security/cve/CVE-2014-3065

Url: http://rhn.redhat.com/errata/RHSA-2014-1876.html

Url: https://bugzilla.redhat.com/show_bug.cgi?id=1162554

Url: http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html

Url: http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html

Url: https://www.mend.io/vulnerability-database/CVE-2014-3065

Severity Score

7.4

Weakness Type (CWE)

Improper Control of Generation of Code ('Code Injection')

CWE-94

CVSS v3.1

Base Score:	7.4
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	HIGH
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

CVSS v2

Base Score:	6.9
Access Vector (AV):	LOCAL
Access Complexity (AC):	MEDIUM
Authentication (AU):	NONE
Confidentiality (C):	COMPLETE
Integrity (I):	COMPLETE
Availability (A):	COMPLETE
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2014-3065

Date: December 1, 2014

Severity Score

Related Resources (20)

Severity Score

Weakness Type (CWE)

CVSS v3.1

CVSS v2

Do you need more information?