Summary
The host is installed with Oracle Java SE JRE
and is prone to unspecified vulnerability.
Impact
Successful exploitation will allow attackers
to disclose sensitive information.
Impact Level: Application.
Solution
Apply the patch from below link,
http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
Insight
The flaw exist due to an error related to C2
optimizations and range checks in the Hotspot subcomponent.
Affected
Oracle Java SE 5.0u71 and prior, 6u81 and
prior, and 7u67 and prior on Windows
Detection
Get the installed version of Oracle Java
SE JRE with the help of detect NVT and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2014-6504 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- Adobe Reader 'file://' URL Information Disclosure Vulnerability Feb07 (Mac OS X)
- Apple Safari 'javascript: URI' XSS Vulnerability - Sep09
- Adobe Reader Cross-Site Scripting & Denial of Service Vulnerabilities (Linux)
- Apple Safari Webcore Webkit 'XSSAuditor.cpp' XSS Vulnerability (Mac OS X)
- Apple Safari WebKit Information Disclosure Vulnerability (Windows)