Search for vulnerabilities
Vulnerability details: VCID-4tpu-dmys-aaac
Vulnerability ID VCID-4tpu-dmys-aaac
Aliases CVE-2014-6591
Summary Unspecified vulnerability in the Java SE component in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to 2D, a different vulnerability than CVE-2014-6585.
Status Published
Exploitability 0.5
Weighted Severity 9.0
Risk 4.5
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-125 Out-of-bounds Read
System Score Found at
generic_textual Medium http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-6591.html
rhas Critical https://access.redhat.com/errata/RHSA-2015:0067
rhas Important https://access.redhat.com/errata/RHSA-2015:0068
rhas Important https://access.redhat.com/errata/RHSA-2015:0069
rhas Critical https://access.redhat.com/errata/RHSA-2015:0079
rhas Critical https://access.redhat.com/errata/RHSA-2015:0080
rhas Important https://access.redhat.com/errata/RHSA-2015:0085
rhas Important https://access.redhat.com/errata/RHSA-2015:0086
rhas Critical https://access.redhat.com/errata/RHSA-2015:0133
rhas Critical https://access.redhat.com/errata/RHSA-2015:0134
rhas Critical https://access.redhat.com/errata/RHSA-2015:0135
rhas Important https://access.redhat.com/errata/RHSA-2015:0136
rhas Low https://access.redhat.com/errata/RHSA-2015:0263
rhas Low https://access.redhat.com/errata/RHSA-2015:0264
epss 0.00799 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.00799 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.00799 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.00799 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.00799 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.00799 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.00799 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.00799 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.00799 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.00799 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.00799 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.00845 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.00845 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.00845 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.00845 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.01237 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.01237 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.01237 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.01237 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.01237 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.01237 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.01237 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.01237 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.01237 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.01237 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.01237 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.01237 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.01237 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.01237 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.01237 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.01237 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.01237 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.01237 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.01237 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.01237 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.01237 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.01237 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.01237 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.01237 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.01237 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.01237 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.0174 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.0174 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.0174 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.0174 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.0174 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.0174 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.0174 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.0174 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.0174 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.0174 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.0174 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.0174 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.0174 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.0174 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.0174 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.0174 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.0174 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.0174 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.0174 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.0174 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.0174 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.0174 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.0174 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.0174 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.0174 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.0174 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.0174 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.0174 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.0174 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.0174 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.0174 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.0174 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.02252 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.02252 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.02252 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.02252 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.02252 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.02252 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.02252 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.02252 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.02252 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.02252 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
epss 0.0273 https://api.first.org/data/v1/epss?cve=CVE-2014-6591
rhbs low https://bugzilla.redhat.com/show_bug.cgi?id=1183646
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1569
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6587
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6593
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6601
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7923
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7926
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7940
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0383
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0395
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0407
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0408
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0410
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0412
cvssv2 2.6 https://nvd.nist.gov/vuln/detail/CVE-2014-6591
generic_textual Medium https://ubuntu.com/security/notices/USN-2486-1
generic_textual Medium https://ubuntu.com/security/notices/USN-2487-1
generic_textual Medium https://ubuntu.com/security/notices/USN-2522-1
cvssv3.1 6.1 http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
generic_textual MODERATE http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
cvssv3.1 5.3 http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
generic_textual HIGH http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
Reference id Reference type URL
http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html
http://marc.info/?l=bugtraq&m=142496355704097&w=2
http://marc.info/?l=bugtraq&m=142607790919348&w=2
http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-6591.html
http://rhn.redhat.com/errata/RHSA-2015-0068.html
http://rhn.redhat.com/errata/RHSA-2015-0079.html
http://rhn.redhat.com/errata/RHSA-2015-0080.html
http://rhn.redhat.com/errata/RHSA-2015-0085.html
http://rhn.redhat.com/errata/RHSA-2015-0086.html
http://rhn.redhat.com/errata/RHSA-2015-0136.html
http://rhn.redhat.com/errata/RHSA-2015-0264.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6591.json
https://api.first.org/data/v1/epss?cve=CVE-2014-6591
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1569
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2383
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2384
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2419
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6587
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6593
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6601
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7923
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7926
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7940
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9654
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0383
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0395
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0407
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0408
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0410
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0412
https://security.gentoo.org/glsa/201507-14
https://security.gentoo.org/glsa/201603-14
https://ubuntu.com/security/notices/USN-2486-1
https://ubuntu.com/security/notices/USN-2487-1
https://ubuntu.com/security/notices/USN-2522-1
https://www-304.ibm.com/support/docview.wss?uid=swg21695474
http://www.debian.org/security/2015/dsa-3144
http://www.debian.org/security/2015/dsa-3147
http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
http://www.securityfocus.com/bid/72175
http://www.securitytracker.com/id/1031580
http://www.ubuntu.com/usn/USN-2486-1
http://www.ubuntu.com/usn/USN-2487-1
http://www.vmware.com/security/advisories/VMSA-2015-0003.html
1183646 https://bugzilla.redhat.com/show_bug.cgi?id=1183646
775884 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775884
cpe:2.3:a:oracle:jdk:1.5.0:update75:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.5.0:update75:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update85:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.6.0:update85:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update72:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update72:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.8.0:update25:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update25:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.5.0:update75:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.5.0:update75:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update85:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.6.0:update85:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update72:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update72:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.8.0:update25:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update25:*:*:*:*:*:*
CVE-2014-6591 https://nvd.nist.gov/vuln/detail/CVE-2014-6591
RHSA-2015:0067 https://access.redhat.com/errata/RHSA-2015:0067
RHSA-2015:0068 https://access.redhat.com/errata/RHSA-2015:0068
RHSA-2015:0069 https://access.redhat.com/errata/RHSA-2015:0069
RHSA-2015:0079 https://access.redhat.com/errata/RHSA-2015:0079
RHSA-2015:0080 https://access.redhat.com/errata/RHSA-2015:0080
RHSA-2015:0085 https://access.redhat.com/errata/RHSA-2015:0085
RHSA-2015:0086 https://access.redhat.com/errata/RHSA-2015:0086
RHSA-2015:0133 https://access.redhat.com/errata/RHSA-2015:0133
RHSA-2015:0134 https://access.redhat.com/errata/RHSA-2015:0134
RHSA-2015:0135 https://access.redhat.com/errata/RHSA-2015:0135
RHSA-2015:0136 https://access.redhat.com/errata/RHSA-2015:0136
RHSA-2015:0263 https://access.redhat.com/errata/RHSA-2015:0263
RHSA-2015:0264 https://access.redhat.com/errata/RHSA-2015:0264
USN-2486-1 https://usn.ubuntu.com/2486-1/
USN-2487-1 https://usn.ubuntu.com/2487-1/
USN-2522-1 https://usn.ubuntu.com/2522-1/
USN-2522-3 https://usn.ubuntu.com/2522-3/
No exploits are available.
Vector: AV:N/AC:H/Au:N/C:P/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2014-6591
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Found at http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.82089
EPSS Score 0.00799
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.