CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
91.6%
An unspecified vulnerabilities were found in Oracle products. By exploiting these vulnerabilities malicious users can affect integrity, confidentiality and vulnerability. These vulnerabilities can be exploited remotely via an unknown vectors related to JSSE, JAXP, AWT, 2D, Deployment, Libraries, Hotspot, Security and other unknown points.
CVE-2014-6476 critical
CVE-2014-6532 critical
CVE-2014-6456 critical
CVE-2014-6457 warning
CVE-2014-6458 high
CVE-2014-6531 warning
CVE-2014-6519 critical
CVE-2014-6558 warning
CVE-2014-6485 critical
CVE-2014-4288 critical
CVE-2014-6511 critical
CVE-2014-6512 warning
CVE-2014-6515 critical
CVE-2014-6517 critical
CVE-2014-6513 critical
CVE-2014-6493 critical
CVE-2014-6492 critical
CVE-2014-6468 high
CVE-2014-6466 high
CVE-2014-6562 critical
CVE-2014-6503 critical
CVE-2014-6502 warning
CVE-2014-6527 warning
CVE-2014-6506 high
CVE-2014-6504 critical
Update to the latest version.
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.
Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.
Loss of integrity. Exploitation of vulnerabilities with this impact can lead to partial system fault or system components connection disruption.
www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html#AppendixJAVA
statistics.securelist.com/
threats.kaspersky.com/en/product/Oracle-Java-JDK-1.7.x/
threats.kaspersky.com/en/product/Oracle-Java-JDK-1.8.x-3/
threats.kaspersky.com/en/product/Oracle-Java-JRE-1.7.x/
threats.kaspersky.com/en/product/Oracle-Java-JRE-1.8.x/
threats.kaspersky.com/en/product/Oracle-JRockit/
threats.kaspersky.com/en/product/Sun-Java-JDK-1.6.x/
threats.kaspersky.com/en/product/Sun-Java-JRE-1.6.x/