Lucene search

[email protected]CVE-2014-0460

HistoryApr 16, 2014 - 1:55 a.m.

CVE-2014-0460

2014-04-1601:55:09

[email protected]

web.nvd.nist.gov

cve-2014-0460

oracle java se

vulnerability

confidentiality

integrity

jndi

nvd

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

6.4 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

69.7%

JSON

Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via vectors related to JNDI.

Affected configurations

NVD

Node

oraclejrockitMatchr27.8.1

oraclejrockitMatchr28.3.1

Node

canonicalubuntu_linuxMatch10.04-

canonicalubuntu_linuxMatch12.04-

canonicalubuntu_linuxMatch12.10

canonicalubuntu_linuxMatch13.10

canonicalubuntu_linuxMatch14.04esm

Node

juniperjunos_spaceRange<15.1

Node

oraclejdkMatch1.5.0update61

oraclejdkMatch1.6.0update71

oraclejdkMatch1.7.0update51

oraclejdkMatch1.8.0-

oraclejreMatch1.5.0update61

oraclejreMatch1.6.0update71

oraclejreMatch1.7.0update51

oraclejreMatch1.8.0-

Node

debiandebian_linuxMatch6.0

debiandebian_linuxMatch7.0

debiandebian_linuxMatch8.0

CPENameOperatorVersion
oracle:jrockitoracle jrockiteqr27.8.1
oracle:jrockitoracle jrockiteqr28.3.1

CPE	Name	Operator	Version
oracle:jrockit	oracle jrockit	eq	r27.8.1
oracle:jrockit	oracle jrockit	eq	r28.3.1

References

kb.juniper.net/InfoCenter/index?page=content&id=JSA10698

marc.info/?l=bugtraq&m=140852886808946&w=2

marc.info/?l=bugtraq&m=140852974709252&w=2

rhn.redhat.com/errata/RHSA-2014-0675.html

rhn.redhat.com/errata/RHSA-2014-0685.html

secunia.com/advisories/58415

secunia.com/advisories/59022

secunia.com/advisories/59023

secunia.com/advisories/59058

secunia.com/advisories/59071

secunia.com/advisories/59082

secunia.com/advisories/59250

secunia.com/advisories/59255

secunia.com/advisories/59307

secunia.com/advisories/59436

secunia.com/advisories/59516

secunia.com/advisories/59642

secunia.com/advisories/59704

secunia.com/advisories/59705

secunia.com/advisories/59706

secunia.com/advisories/60003

secunia.com/advisories/60111

secunia.com/advisories/60117

secunia.com/advisories/61264

security.gentoo.org/glsa/glsa-201406-32.xml

security.gentoo.org/glsa/glsa-201502-12.xml

www-01.ibm.com/support/docview.wss?uid=swg21672080

www-01.ibm.com/support/docview.wss?uid=swg21673836

www-01.ibm.com/support/docview.wss?uid=swg21674539

www-01.ibm.com/support/docview.wss?uid=swg21676315

www-01.ibm.com/support/docview.wss?uid=swg21676672

www-01.ibm.com/support/docview.wss?uid=swg21676746

www-01.ibm.com/support/docview.wss?uid=swg21677294

www-01.ibm.com/support/docview.wss?uid=swg21679713

www-01.ibm.com/support/docview.wss?uid=swg21681018

www-01.ibm.com/support/docview.wss?uid=swg21681256

www-01.ibm.com/support/docview.wss?uid=swg21683484

www-01.ibm.com/support/docview.wss?uid=swg21686717

www.debian.org/security/2014/dsa-2912

www.ibm.com/support/docview.wss?uid=swg21675343

www.ibm.com/support/docview.wss?uid=swg21675588

www.ibm.com/support/docview.wss?uid=swg21677387

www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html

www.securityfocus.com/bid/66916

www.ubuntu.com/usn/USN-2187-1

www.ubuntu.com/usn/USN-2191-1

access.redhat.com/errata/RHSA-2014:0413

access.redhat.com/errata/RHSA-2014:0414

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

6.4 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

69.7%

JSON

Related for CVE-2014-0460

prion1 cvelist1 nvd1 ubuntucve1 ibm22 nessus66 openvas45 redhat9 oraclelinux5 centos3 debian2 ubuntu2 amazon2 veracode30 osv2 mageia1 suse5 aix1