Lucene search

K

[email protected]CVE-2014-4288

HistoryOct 15, 2014 - 3:55 p.m.

CVE-2014-4288

2014-10-1515:55:06

[email protected]

web.nvd.nist.gov

54

5

cve-2014-4288

oracle java

se

vulnerability

confidentiality

integrity

availability

remote attackers

nvd

7.6 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

3.2 Low

AI Score

Confidence

High

0.019 Low

EPSS

Percentile

88.5%

Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2014-6493, CVE-2014-6503, and CVE-2014-6532.

Affected configurations

NVD

Node

oraclejdkMatch1.6.0update81

OR

oraclejdkMatch1.8.0update20

OR

oraclejreMatch1.6.0update_81

OR

oraclejreMatch1.7.0update_67

OR

oraclejreMatch1.8.0update_20

CPENameOperatorVersion
oracle:jdkoracle jdkeq1.6.0
oracle:jdkoracle jdkeq1.8.0
oracle:jreoracle jreeq1.6.0
oracle:jreoracle jreeq1.7.0
oracle:jreoracle jreeq1.8.0

References

lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html

lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html

lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html

lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html

lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html

marc.info/?l=bugtraq&m=141775382904016&w=2

rhn.redhat.com/errata/RHSA-2014-1657.html

rhn.redhat.com/errata/RHSA-2014-1658.html

rhn.redhat.com/errata/RHSA-2014-1876.html

rhn.redhat.com/errata/RHSA-2014-1877.html

rhn.redhat.com/errata/RHSA-2014-1880.html

rhn.redhat.com/errata/RHSA-2014-1882.html

rhn.redhat.com/errata/RHSA-2015-0264.html

secunia.com/advisories/61163

secunia.com/advisories/61164

secunia.com/advisories/61609

security.gentoo.org/glsa/glsa-201502-12.xml

www-01.ibm.com/support/docview.wss?uid=swg21688283

www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html

www.securityfocus.com/bid/70470

Social References

More

7.6 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

3.2 Low

AI Score

Confidence

High

0.019 Low

EPSS

Percentile

88.5%

Related for CVE-2014-4288

cve3 debiancve4 prion4 cvelist4 nvd4 ubuntucve4 veracode4 openvas13 nessus15 redhat7 ibm8 suse6 aix1 f52 kaspersky2 securityvulns2 gentoo1 oracle1