CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS
Percentile
89.6%
Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote
attackers to affect confidentiality, integrity, and availability via
unknown vectors related to Deployment, a different vulnerability than
CVE-2013-5902, CVE-2014-0410, CVE-2014-0415, CVE-2014-0418, and
CVE-2014-0424.
Author | Note |
---|---|
mdeslaur | in lucid+, NetX and the plugin moved to the icedtea-web package |
jdstrand | sun-java6 is not redistributable, no longer in the archive and no longer tracked sun-java5 is EOL upstream and no longer tracked Based on Oracle advisory and lack of fixes from OpenJDK, marking as ‘not-affected’ for now (which is the best we can do until more information comes to light) |