CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
98.9%
Multiple serious vulnerabilities have been found in Oracle Java Runtime Environment & Java Development Kit: 5.61, 6.71, 7.51, 8. Malicious use of these vulnerabilities can affect confidentiality, integrity and availability, cause denial of service, obtain sensitive information or overwrite arbitrary files.
Below is a complete list of vulnerabilities
CVE-2013-6629 critical
CVE-2014-2414 critical
CVE-2014-2402 critical
CVE-2014-0446 critical
CVE-2014-0454 critical
CVE-2014-2427 critical
CVE-2014-2422 high
CVE-2014-2409 high
CVE-2014-0460 high
CVE-2013-6954 critical
CVE-2014-2410 critical
CVE-2014-2397 critical
CVE-2014-0456 critical
CVE-2014-2421 critical
CVE-2014-0429 critical
CVE-2014-0457 critical
CVE-2014-2398 warning
CVE-2014-0453 warning
CVE-2014-2413 warning
CVE-2014-0459 warning
CVE-2014-0464 warning
CVE-2014-0463 warning
CVE-2014-2401 critical
CVE-2014-2403 critical
CVE-2014-2420 warning
CVE-2014-1876 warning
CVE-2014-0452 critical
CVE-2014-2423 critical
CVE-2014-2412 critical
CVE-2014-2428 critical
CVE-2014-0458 critical
CVE-2014-0451 critical
CVE-2014-0455 critical
CVE-2014-0432 critical
CVE-2014-0448 critical
CVE-2014-0461 critical
Update to latest version
Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.
Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.
Overwrite arbitrary files. Exploitation of vulnerabilities with this impact can lead to loss of some information, contained in overwritten files.
Loss of integrity. Exploitation of vulnerabilities with this impact can lead to partial system fault or system components connection disruption.
www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html
statistics.securelist.com/
threats.kaspersky.com/en/product/Oracle-Java-JDK-1.7.x/
threats.kaspersky.com/en/product/Oracle-Java-JDK-1.8.x-3/
threats.kaspersky.com/en/product/Oracle-Java-JRE-1.7.x/
threats.kaspersky.com/en/product/Oracle-Java-JRE-1.8.x/
threats.kaspersky.com/en/product/Sun-Java-JDK-1.6.x/
threats.kaspersky.com/en/product/Sun-Java-JRE-1.6.x/
threats.kaspersky.com/en/product/Sun-Java-JRE/