Bug 1152762 (CVE-2014-6466) - CVE-2014-6466 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)
Summary: CVE-2014-6466 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8...
Keywords:
Status: CLOSED NOTABUG
Alias: CVE-2014-6466
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks: 1148726
TreeView+ depends on / blocked
 
Reported: 2014-10-14 21:36 UTC by Tomas Hoger
Modified: 2021-02-17 06:06 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2014-10-14 21:40:54 UTC
Embargoed:


Attachments (Terms of Use)

Description Tomas Hoger 2014-10-14 21:36:22 UTC
Oracle Java SE 6u85, 7u71 and 8u25 fixes an unspecified vulnerability in the Deployment component (CVE-2014-6466).  Upstream has CVSSv2 scored this issue as: 6.9/AV:L/AC:M/Au:N/C:C/I:C/A:C

External Reference:

http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html#AppendixJAVA

Comment 1 Tomas Hoger 2014-10-14 21:40:54 UTC
Oracle CPU has the following note for this issue:

  Applies to client deployment of Java on Internet Explorer only.

Hence this is not applicable to Oracle JDK on Linux.


Note You need to log in before you can comment on or make changes to this bug.