Code Execution Vulnerability in IBM Java Virtual Machine Used in IBM WebSphere
CVE-2014-3086

Currently unrated

Key Information:

Vendor: IBM
Status: Lotus Notes
Vendor: CVE Published:; 12 August 2014

Summary

An unspecified vulnerability exists in the IBM Java Virtual Machine which is embedded within IBM WebSphere Real Time prior to Service Refresh 7 FP1. This vulnerability enables remote attackers to execute arbitrary code with the privileges of a security manager. By exploiting this issue, an attacker can potentially gain greater access to the system, making it critical for organizations to secure their WebSphere deployments and apply recommended updates to mitigate the risk.

References

http://www-01.ibm.com/support/docview.wss?uid=swg21680333

x_refsource_CONFIRM

http://www.securityfocus.com/bid/69183

vdb-entryx_refsource_BID

http://secunia.com/advisories/61577

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Aug 12, 2014
Vulnerability Reserved
Apr 29, 2014