Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
zdiYuki Chen of QihooZDI-14-382
HistoryNov 19, 2014 - 12:00 a.m.

Oracle Java jp2launcher.exe Privilege Escalation Vulnerability

2014-11-1900:00:00
Yuki Chen of Qihoo
www.zerodayinitiative.com
232

0.012 Low

EPSS

Percentile

85.1%

JSON

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of paths within jp2launcher.exe. The issue lies in assumptions made in preparation for the call to java.exe. An attacker can leverage this vulnerability to execute code as the current user with medium integrity.

Related

prion 1
cve 1
ubuntucve 1
cvelist 1
debiancve 1
nvd 1
zdt 1
openvas 13
nessus 8
suse 6
ibm 8
aix 1
f5 2
kaspersky 1
securityvulns 2
gentoo 1
oracle 1
prion
prion
Design/Logic Flaw
2014-10-15 15:55:00
cve
cve
CVE-2014-6466
2014-10-15 15:55:08
ubuntucve
ubuntucve
CVE-2014-6466
2014-10-15 00:00:00
cvelist
cvelist
CVE-2014-6466
2014-10-15 15:15:00
debiancve
debiancve
CVE-2014-6466
2014-10-15 15:55:08
nvd
nvd
CVE-2014-6466
2014-10-15 15:55:08
zdt
zdt
Oracle Java jp2launcher.exe Privilege Escalation Vulnerability
2014-11-30 00:00:00
openvas
openvas
Oracle Java SE JRE Multiple Unspecified Vulnerabilities-02 (Oct 2014) - Windows
2014-10-20 00:00:00
Oracle Java SE JRE Multiple Unspecified Vulnerabilities-02 (Oct 2014) - Linux
2014-10-20 00:00:00
SUSE: Security Advisory for IBM Java (SUSE-SU-2014:1526-1)
2015-10-13 00:00:00
nessus
nessus
SUSE SLES12 Security Update : java-1_6_0-ibm (SUSE-SU-2014:1541-1) (POODLE)
2019-01-02 00:00:00
AIX Java Advisory : java_oct2014_advisory.asc (POODLE)
2014-11-28 00:00:00
SuSE 11.3 Security Update : IBM Java (SAT Patch Number 9999)
2014-12-01 00:00:00
suse
suse
Security update for java-1_6_0-ibm (important)
2015-02-21 01:07:10
Security update for java-1_7_1-ibm (important)
2014-12-03 17:04:45
Security update for IBM Java (important)
2014-12-02 19:04:43
ibm
ibm
Security Bulletin: Multiple vulnerabilities in current releases of IBM® WebSphere Real Time
2018-06-15 07:02:02
Security Bulletin: CICS Transaction Gateway for Multiplatforms
2018-06-15 07:02:44
Security Bulletin: Multiple vulnerabilities in current releases of the IBM® SDK, Java™ Technology Edition
2018-06-15 07:01:54
aix
aix
Multiple vulnerabilities in current releases of the IBM SDK Java Technology Edition; issues in the Oracle October 2014 Critical Patch Update plus the POODLE SSLv3 vulnerability and
2014-11-14 15:40:48
f5
f5
K15745 : Multiple Oracle Java vulnerabilities
2014-10-28 00:00:00
SOL15745 - Multiple Oracle Java vulnerabilities
2014-10-27 00:00:00
kaspersky
kaspersky
KLA10505 Multiple vulnerabilities in Oracle products
2014-10-15 00:00:00
securityvulns
securityvulns
ESA-2015-004: EMC M&R (Watch4Net) Multiple Vulnerabilities
2015-01-25 00:00:00
Oracle / Sun / PeopleSoft / MySQL multiple security vulnerabilities
2014-11-03 00:00:00
gentoo
gentoo
Oracle JRE/JDK: Multiple vulnerabilities
2015-02-15 00:00:00
oracle
oracle
Oracle Critical Patch Update - October 2014
2014-10-14 00:00:00

0.012 Low

EPSS

Percentile

85.1%

JSON
Related for ZDI-14-382
prion1cve1ubuntucve1cvelist1debiancve1nvd1zdt1openvas13nessus8suse6ibm8aix1f52kaspersky1securityvulns2gentoo1oracle1