Lucene search

[email protected]CVE-2014-6506

HistoryOct 15, 2014 - 10:55 p.m.

CVE-2014-6506

2014-10-1522:55:06

[email protected]

web.nvd.nist.gov

cve-2014-6506

oracle java

vulnerability

confidentiality

integrity

availability

nvd

libraries

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

3.5 Low

AI Score

Confidence

Low

0.027 Low

EPSS

Percentile

90.5%

JSON

Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.

Affected configurations

NVD

Node

oraclejdkMatch1.5.0update_71

oraclejdkMatch1.6.0update81

oraclejdkMatch1.7.0update60

oraclejreMatch1.5.0update_71

oraclejreMatch1.6.0update_81

oraclejreMatch1.7.0update_67

oraclejreMatch1.7.0update60

oraclejreMatch1.8.0update_20

CPENameOperatorVersion
oracle:jdkoracle jdkeq1.5.0
oracle:jdkoracle jdkeq1.6.0
oracle:jdkoracle jdkeq1.7.0
oracle:jreoracle jreeq1.5.0
oracle:jreoracle jreeq1.6.0
oracle:jreoracle jreeq1.7.0
oracle:jreoracle jreeq1.8.0

CPE	Name	Operator	Version
oracle:jdk	oracle jdk	eq	1.5.0
oracle:jdk	oracle jdk	eq	1.6.0
oracle:jdk	oracle jdk	eq	1.7.0
oracle:jre	oracle jre	eq	1.5.0
oracle:jre	oracle jre	eq	1.6.0
oracle:jre	oracle jre	eq	1.7.0
oracle:jre	oracle jre	eq	1.8.0

References

linux.oracle.com/errata/ELSA-2014-1633.html

linux.oracle.com/errata/ELSA-2014-1634.html

linux.oracle.com/errata/ELSA-2014-1636

lists.opensuse.org/opensuse-security-announce/2014-11/msg00013.html

lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html

lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html

lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html

lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html

lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html

lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html

marc.info/?l=bugtraq&m=141775382904016&w=2

rhn.redhat.com/errata/RHSA-2014-1620.html

rhn.redhat.com/errata/RHSA-2014-1633.html

rhn.redhat.com/errata/RHSA-2014-1634.html

rhn.redhat.com/errata/RHSA-2014-1636.html

rhn.redhat.com/errata/RHSA-2014-1657.html

rhn.redhat.com/errata/RHSA-2014-1658.html

rhn.redhat.com/errata/RHSA-2014-1876.html

rhn.redhat.com/errata/RHSA-2014-1877.html

rhn.redhat.com/errata/RHSA-2014-1880.html

rhn.redhat.com/errata/RHSA-2014-1881.html

rhn.redhat.com/errata/RHSA-2014-1882.html

rhn.redhat.com/errata/RHSA-2015-0264.html

secunia.com/advisories/60414

secunia.com/advisories/60416

secunia.com/advisories/60417

secunia.com/advisories/61018

secunia.com/advisories/61020

secunia.com/advisories/61143

secunia.com/advisories/61163

secunia.com/advisories/61164

secunia.com/advisories/61346

secunia.com/advisories/61609

secunia.com/advisories/61629

secunia.com/advisories/61928

security.gentoo.org/glsa/glsa-201502-12.xml

www-01.ibm.com/support/docview.wss?uid=swg21688283

www.debian.org/security/2014/dsa-3077

www.debian.org/security/2014/dsa-3080

www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html

www.securityfocus.com/bid/70556

www.ubuntu.com/usn/USN-2386-1

www.ubuntu.com/usn/USN-2388-1

www.ubuntu.com/usn/USN-2388-2

Social References

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

3.5 Low

AI Score

Confidence

Low

0.027 Low

EPSS

Percentile

90.5%

JSON

Related for CVE-2014-6506

prion1 nvd1 ubuntucve1 debiancve1 veracode6 cvelist1 openvas40 nessus43 redhat12 centos4 osv3 amazon3 debian3 oraclelinux4 mageia1 ubuntu3 ibm10 suse8 aix1 f52 kaspersky1 securityvulns2 gentoo1 oracle1