CVE-2014-6504

2014-10-1522:55:06

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

3.1

Confidence

High

EPSS

0.008

Percentile

81.7%

JSON

Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, and 7u67, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality via unknown vectors related to Hotspot.

Affected configurations

Nvd

Node

oraclejdkMatch1.5.0update_71

oraclejdkMatch1.6.0update81

oraclejdkMatch1.7.0update60

oraclejreMatch1.5.0update_71

oraclejreMatch1.6.0update_81

oraclejreMatch1.7.0update_67

oraclejreMatch1.7.0update60

VendorProductVersionCPE
oraclejdk1.5.0cpe:2.3:a:oracle:jdk:1.5.0:update_71:*:*:*:*:*:*
oraclejdk1.6.0cpe:2.3:a:oracle:jdk:1.6.0:update81:*:*:*:*:*:*
oraclejdk1.7.0cpe:2.3:a:oracle:jdk:1.7.0:update60:*:*:*:*:*:*
oraclejre1.5.0cpe:2.3:a:oracle:jre:1.5.0:update_71:*:*:*:*:*:*
oraclejre1.6.0cpe:2.3:a:oracle:jre:1.6.0:update_81:*:*:*:*:*:*
oraclejre1.7.0cpe:2.3:a:oracle:jre:1.7.0:update_67:*:*:*:*:*:*
oraclejre1.7.0cpe:2.3:a:oracle:jre:1.7.0:update60:*:*:*:*:*:*

Vendor	Product	Version	CPE
oracle	jdk	1.5.0	cpe:2.3:a:oracle:jdk:1.5.0:update_71::::::
oracle	jdk	1.6.0	cpe:2.3:a:oracle:jdk:1.6.0:update81::::::
oracle	jdk	1.7.0	cpe:2.3:a:oracle:jdk:1.7.0:update60::::::
oracle	jre	1.5.0	cpe:2.3:a:oracle:jre:1.5.0:update_71::::::
oracle	jre	1.6.0	cpe:2.3:a:oracle:jre:1.6.0:update_81::::::
oracle	jre	1.7.0	cpe:2.3:a:oracle:jre:1.7.0:update_67::::::
oracle	jre	1.7.0	cpe:2.3:a:oracle:jre:1.7.0:update60::::::