CVE-2014-8891

Currently unrated

Key Information:

Vendor: IBM
Status: Java Sdk
Vendor: CVE Published:; 6 March 2015

Summary

Unspecified vulnerability in the Java Virtual Machine (JVM) in IBM SDK, Java Technology Edition 5.0 before SR16-FP9, 6 before SR16-FP3, 6R1 before SR8-FP3, 7 before SR8-FP10, and 7R1 before SR2-FP10 allows remote attackers to escape the Java sandbox and execute arbitrary code via unspecified vectors related to the security manager.

References

http://www.ibm.com/developerworks/java/jdk/alerts/#IBM_Se...

x_refsource_CONFIRM

http://rhn.redhat.com/errata/RHSA-2015-0136.html

vendor-advisoryx_refsource_REDHAT

http://lists.opensuse.org/opensuse-security-announce/2015...

vendor-advisoryx_refsource_SUSE

EPSS Score

6% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Mar 6, 2015
Vulnerability Reserved
Nov 14, 2014