fkie_cve-2014-6457
Vulnerability from fkie_nvd
Published
2014-10-15 15:55
Modified
2024-11-21 02:14
Severity ?
Summary
Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and JRockit R27.8.3, and R28.3.3 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jrockit:r27.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "E7ED5A7D-7C5F-494B-B71F-136FC4F60F87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jrockit:r28.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "091F8337-0581-4C70-85F2-4FB68087FE70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update_71:*:*:*:*:*:*",
"matchCriteriaId": "ABFFC778-4647-464C-8D4B-C5FFF9A8B881",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update81:*:*:*:*:*:*",
"matchCriteriaId": "A96B7B6D-890C-4CAF-A273-01E17D3FDBBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update60:*:*:*:*:*:*",
"matchCriteriaId": "B3D836B0-936A-445F-A08F-C962FC8B91EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update67:*:*:*:*:*:*",
"matchCriteriaId": "FCF8778E-09C0-4569-A06F-91B6BC9ABFA3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update20:*:*:*:*:*:*",
"matchCriteriaId": "1F19BFEB-7202-4156-893E-576486FCCA63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.5.0:update_71:*:*:*:*:*:*",
"matchCriteriaId": "2537DFD3-4ACE-4448-964A-18CE2B8C71BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update_81:*:*:*:*:*:*",
"matchCriteriaId": "6D7DEDD2-FEF2-4FEC-B9BF-C1C3FA247A02",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update_67:*:*:*:*:*:*",
"matchCriteriaId": "CE789D26-302F-44CF-AF63-EA0BA73E49E9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update60:*:*:*:*:*:*",
"matchCriteriaId": "A85E8DD9-9B00-4C7E-802D-6E6A1BD3B9C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update_20:*:*:*:*:*:*",
"matchCriteriaId": "D776872E-A50A-498D-A68B-84DD910ED429",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Oracle Java SE 5.0u71, 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and JRockit R27.8.3, and R28.3.3 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE."
},
{
"lang": "es",
"value": "Vulnerabilidad sin especificar en Oracle Java SE 5.0u71, 6u81, 7u67, y 8u20; Java SE Embedded 7u60; y JRockit R27.8.3, y R28.3.3 permite a atacantes remotos afectar la confidencialidad y la integridad a trav\u00e9s de vectores relacionados con JSSE."
}
],
"id": "CVE-2014-6457",
"lastModified": "2024-11-21T02:14:25.497",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-10-15T15:55:07.790",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://linux.oracle.com/errata/ELSA-2014-1633.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://linux.oracle.com/errata/ELSA-2014-1634.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://linux.oracle.com/errata/ELSA-2014-1636"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00013.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=141775382904016\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://marc.info/?l=bugtraq\u0026m=141775382904016\u0026w=2"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1620.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1633.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1634.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1636.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1657.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1658.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1876.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1877.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1880.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1881.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1882.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/60414"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/60416"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/60417"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61018"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61020"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61143"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61163"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61164"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61346"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61609"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61629"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61631"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61635"
},
{
"source": "secalert_us@oracle.com",
"url": "http://secunia.com/advisories/61928"
},
{
"source": "secalert_us@oracle.com",
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21692299"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.debian.org/security/2014/dsa-3077"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.debian.org/security/2014/dsa-3080"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securityfocus.com/bid/70538"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2386-1"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2388-1"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.ubuntu.com/usn/USN-2388-2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://linux.oracle.com/errata/ELSA-2014-1633.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://linux.oracle.com/errata/ELSA-2014-1634.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://linux.oracle.com/errata/ELSA-2014-1636"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00013.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=141775382904016\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=141775382904016\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1620.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1633.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1634.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1636.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1657.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1658.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1876.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1877.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1880.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1881.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2014-1882.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60414"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60416"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/60417"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61018"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61020"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61143"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61163"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61164"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61346"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61609"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61629"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61631"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61635"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/61928"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21692299"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2014/dsa-3077"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2014/dsa-3080"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/70538"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2386-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2388-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2388-2"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.