JDK: unspecified partial Java sandbox bypass fixed in Feb 2015 update

🗓️ 24 Feb 2015 13:20:03Reported by RedHatType

Unspecified partial Java sandbox bypass fixed in February 2015 update; IBM Java Technology Edition JVM allowed remote bypass via the security manager.

Reporter	Title	Published	Views	Family All 64
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in current releases of the IBM® SDK, Java™ Technology Edition	15 Jun 201807:02	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Rational Lifecycle Integration Adapter for HP ALM (CVE-2015-0138, CVE-2014-6549, CVE-2015-0408, CVE-2015-0412, CVE-2015-0395, CVE-2015-0403, CVE-2015-0406, CVE-2015-0410, CVE-2015-0407,	17 Jun 201805:01	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java SDK, and IBM Java Runtime Technology Edition affect Rational Functional Tester	29 Sep 201820:06	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Tivoli Storage Productivity Center January 2015 CPU	19 Aug 202223:26	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities impact DS8000 HMC	24 May 202217:06	–	ibm
IBM Security Bulletins	Security Bulletin: Upward Integration Module for HP Openview Operations for Windows is affected by multiple vulnerabilities in IBM Java SDK	31 Jan 201901:45	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in current releases of IBM® WebSphere Real Time	15 Jun 201807:02	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities, including Freak and Bar Mitzvah, in IBM Java SDK affect IBM i.	18 Dec 201914:26	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Flex System Manager (FSM)	31 Jan 201902:10	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect WebSphere Application Server January 2015 CPU	15 Jun 201807:02	–	ibm

OS	OS Version	Architecture	Package	Package Version	Filename
Red Hat Enterprise Linux	6	s390x	java-1.6.0-ibm	1:1.6.0.16.3-1jpp.1.el6	java-1.6.0-ibm-1:1.6.0.16.3-1jpp.1.el6.s390x.rpm
Red Hat Enterprise Linux	6	x86_64	java-1.6.0-ibm	1:1.6.0.16.3-1jpp.1.el6	java-1.6.0-ibm-1:1.6.0.16.3-1jpp.1.el6.x86_64.rpm
Red Hat Enterprise Linux	6	s390x	java-1.6.0-ibm-devel	1:1.6.0.16.3-1jpp.1.el6	java-1.6.0-ibm-devel-1:1.6.0.16.3-1jpp.1.el6.s390x.rpm
Red Hat Enterprise Linux	6	x86_64	java-1.6.0-ibm-devel	1:1.6.0.16.3-1jpp.1.el6	java-1.6.0-ibm-devel-1:1.6.0.16.3-1jpp.1.el6.x86_64.rpm

Source	Link
access	www.access.redhat.com/security/cve/CVE-2014-8892
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
nvd	www.nvd.nist.gov/vuln/detail/CVE-2014-8892
cve	www.cve.org/CVERecord

28 Jun 2026 12:24Current

5.9Medium risk

Vulners AI Score5.9

CVSS 27.8

EPSS0.04453