CVE-2014-0446

HIGH

Description

Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.

References

http://marc.info/?l=bugtraq&m=140852886808946&w=2

http://marc.info/?l=bugtraq&m=140852974709252&w=2

http://rhn.redhat.com/errata/RHSA-2014-0675.html

http://rhn.redhat.com/errata/RHSA-2014-0685.html

http://secunia.com/advisories/58415

http://secunia.com/advisories/59058

http://security.gentoo.org/glsa/glsa-201406-32.xml

http://security.gentoo.org/glsa/glsa-201502-12.xml

http://www.debian.org/security/2014/dsa-2912

http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html

http://www.securityfocus.com/bid/66903

http://www.ubuntu.com/usn/USN-2187-1

http://www.ubuntu.com/usn/USN-2191-1

http://www-01.ibm.com/support/docview.wss?uid=swg21672080

http://www-01.ibm.com/support/docview.wss?uid=swg21676746

https://access.redhat.com/errata/RHSA-2014:0413

https://access.redhat.com/errata/RHSA-2014:0414

Details

Source: MITRE

Published: 2014-04-16

Updated: 2018-01-05

Type: NVD-CWE-noinfo

Risk Information

CVSS v2.0

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH

Vulnerable Software

Configuration 1

cpe:2.3:a:oracle:jdk:1.5.0:update_61:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.6.0:update_71:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.7.0:update_51:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.8.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.5.0:update_61:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.6.0:update_71:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.7.0:update_51:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.8.0:*:*:*:*:*:*:*

Tenable Plugins

View all (71 total)

ID	Name	Product	Family	Severity
83625	SUSE SLES10 Security Update : IBM Java 5 (SUSE-SU-2014:0732-1)	Nessus	SuSE Local Security Checks	critical
81370	GLSA-201502-12 : Oracle JRE/JDK: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	critical
80046	openSUSE Security Update : java-1_7_0-openjdk (openSUSE-SU-2014:1638-1)	Nessus	SuSE Local Security Checks	critical
80045	openSUSE Security Update : java-1_7_0-openjdk (openSUSE-SU-2014:1645-1)	Nessus	SuSE Local Security Checks	critical
79039	RHEL 5 / 6 : IBM Java Runtime in Satellite Server (RHSA-2014:0982)	Nessus	Red Hat Local Security Checks	critical
79011	RHEL 5 / 6 : java-1.6.0-sun (RHSA-2014:0414)	Nessus	Red Hat Local Security Checks	critical
79010	RHEL 5 / 6 : java-1.7.0-oracle (RHSA-2014:0413)	Nessus	Red Hat Local Security Checks	critical
77812	IBM Notes 9.0.x < 9.0.1 Fix Pack 2 Multiple Vulnerabilities	Nessus	Windows	critical
77811	IBM Domino 9.0.x < 9.0.1 Fix Pack 2 Multiple Vulnerabilities (credentialed check) (POODLE)	Nessus	Windows	critical
77810	IBM Domino 9.x < 9.0.1 Fix Pack 2 Multiple Vulnerabilities (uncredentialed check)	Nessus	Misc.	critical
77728	VMware Security Updates for vCenter Server (VMSA-2014-0008)	Nessus	Misc.	critical
77727	VMware vCenter Update Manager Multiple Java Vulnerabilities (VMSA-2014-0008)	Nessus	Windows	critical
76900	RHEL 7 : java-1.7.1-ibm (RHSA-2014:0705)	Nessus	Red Hat Local Security Checks	critical
76894	RHEL 7 : java-1.6.0-openjdk (RHSA-2014:0685)	Nessus	Red Hat Local Security Checks	critical
76889	RHEL 7 : java-1.7.0-openjdk (RHSA-2014:0675)	Nessus	Red Hat Local Security Checks	critical
76870	AIX Java Advisory : java_apr2014_advisory.asc	Nessus	AIX Local Security Checks	critical
76732	Oracle Linux 7 : java-1.6.0-openjdk (ELSA-2014-0685)	Nessus	Oracle Linux Local Security Checks	critical
76727	Oracle Linux 7 : java-1.7.0-openjdk (ELSA-2014-0675)	Nessus	Oracle Linux Local Security Checks	critical
76303	GLSA-201406-32 : IcedTea JDK: Multiple vulnerabilities (BEAST) (ROBOT)	Nessus	Gentoo Local Security Checks	critical
74284	SuSE 11.3 Security Update : IBM Java 6 (SAT Patch Number 9256)	Nessus	SuSE Local Security Checks	critical
74254	SuSE 11.3 Security Update : IBM Java 7 (SAT Patch Number 9263)	Nessus	SuSE Local Security Checks	critical
74078	Mandriva Linux Security Advisory : java-1.7.0-openjdk (MDVSA-2014:100)	Nessus	Mandriva Local Security Checks	critical
74032	RHEL 5 / 6 : java-1.5.0-ibm (RHSA-2014:0509)	Nessus	Red Hat Local Security Checks	critical
74031	RHEL 5 / 6 : java-1.6.0-ibm (RHSA-2014:0508)	Nessus	Red Hat Local Security Checks	critical
74007	SuSE 11.3 Security Update : OpenJDK (SAT Patch Number 9209)	Nessus	SuSE Local Security Checks	critical
74005	RHEL 5 / 6 : java-1.7.0-ibm (RHSA-2014:0486)	Nessus	Red Hat Local Security Checks	critical
73868	Debian DSA-2923-1 : openjdk-7 - security update	Nessus	Debian Local Security Checks	critical
73822	Ubuntu 10.04 LTS / 12.04 LTS : openjdk-6 vulnerabilities (USN-2191-1)	Nessus	Ubuntu Local Security Checks	critical
73801	Ubuntu 12.10 / 13.10 / 14.04 LTS : openjdk-7 vulnerabilities (USN-2187-1)	Nessus	Ubuntu Local Security Checks	critical
73691	Debian DSA-2912-1 : openjdk-6 - security update	Nessus	Debian Local Security Checks	critical
73655	Amazon Linux AMI : java-1.7.0-openjdk (ALAS-2014-327)	Nessus	Amazon Linux Local Security Checks	critical
73654	Amazon Linux AMI : java-1.6.0-openjdk (ALAS-2014-326)	Nessus	Amazon Linux Local Security Checks	critical
73608	RHEL 5 / 6 : java-1.7.0-oracle (RHSA-2014:0412)	Nessus	Red Hat Local Security Checks	critical
73605	Oracle Linux 5 : java-1.7.0-openjdk (ELSA-2014-0407)	Nessus	Oracle Linux Local Security Checks	critical
73590	Scientific Linux Security Update : java-1.7.0-openjdk on SL6.x i386/x86_64 (20140416)	Nessus	Scientific Linux Local Security Checks	critical
73589	Scientific Linux Security Update : java-1.7.0-openjdk on SL5.x i386/x86_64 (20140416)	Nessus	Scientific Linux Local Security Checks	critical
73588	Scientific Linux Security Update : java-1.6.0-openjdk on SL5.x, SL6.x i386/x86_64 (20140416)	Nessus	Scientific Linux Local Security Checks	critical
73587	RHEL 5 / 6 : java-1.6.0-openjdk (RHSA-2014:0408)	Nessus	Red Hat Local Security Checks	critical
73586	RHEL 5 : java-1.7.0-openjdk (RHSA-2014:0407)	Nessus	Red Hat Local Security Checks	critical
73585	RHEL 6 : java-1.7.0-openjdk (RHSA-2014:0406)	Nessus	Red Hat Local Security Checks	critical
73584	Oracle Linux 5 / 6 : java-1.6.0-openjdk (ELSA-2014-0408)	Nessus	Oracle Linux Local Security Checks	critical
73583	Oracle Linux 6 : java-1.7.0-openjdk (ELSA-2014-0406)	Nessus	Oracle Linux Local Security Checks	critical
73580	CentOS 5 / 6 : java-1.6.0-openjdk (CESA-2014:0408)	Nessus	CentOS Local Security Checks	critical
73579	CentOS 5 : java-1.7.0-openjdk (CESA-2014:0407)	Nessus	CentOS Local Security Checks	critical
73578	CentOS 6 : java-1.7.0-openjdk (CESA-2014:0406)	Nessus	CentOS Local Security Checks	critical
73571	Oracle Java SE Multiple Vulnerabilities (April 2014 CPU) (Unix)	Nessus	Misc.	critical
73570	Oracle Java SE Multiple Vulnerabilities (April 2014 CPU)	Nessus	Windows	critical
27034	Solaris 9 (x86) : 125139-97	Nessus	Solaris Local Security Checks	critical
27033	Solaris 9 (x86) : 125138-97	Nessus	Solaris Local Security Checks	critical
27021	Solaris 9 (sparc) : 125137-97	Nessus	Solaris Local Security Checks	critical
27020	Solaris 9 (sparc) : 125136-97	Nessus	Solaris Local Security Checks	critical
27016	Solaris 8 (x86) : 125139-97	Nessus	Solaris Local Security Checks	critical
27015	Solaris 8 (x86) : 125138-97	Nessus	Solaris Local Security Checks	critical
27009	Solaris 8 (sparc) : 125137-97	Nessus	Solaris Local Security Checks	critical
27008	Solaris 8 (sparc) : 125136-97	Nessus	Solaris Local Security Checks	critical
26996	Solaris 10 (x86) : 125139-97 (deprecated)	Nessus	Solaris Local Security Checks	critical
26995	Solaris 10 (x86) : 125138-97 (deprecated)	Nessus	Solaris Local Security Checks	critical
26985	Solaris 10 (sparc) : 125137-97 (deprecated)	Nessus	Solaris Local Security Checks	critical
26984	Solaris 10 (sparc) : 125136-97 (deprecated)	Nessus	Solaris Local Security Checks	critical
19583	Solaris 9 (x86) : 118669-86	Nessus	Solaris Local Security Checks	critical
19582	Solaris 8 (x86) : 118669-86	Nessus	Solaris Local Security Checks	critical
19580	Solaris 10 (x86) : 118669-86 (deprecated)	Nessus	Solaris Local Security Checks	critical
19461	Solaris 9 (x86) : 118668-86	Nessus	Solaris Local Security Checks	critical
19460	Solaris 9 (sparc) : 118667-86	Nessus	Solaris Local Security Checks	critical
19459	Solaris 9 (sparc) : 118666-86	Nessus	Solaris Local Security Checks	critical
19457	Solaris 8 (x86) : 118668-86	Nessus	Solaris Local Security Checks	critical
19456	Solaris 8 (sparc) : 118667-86	Nessus	Solaris Local Security Checks	critical
19455	Solaris 8 (sparc) : 118666-86	Nessus	Solaris Local Security Checks	critical
19450	Solaris 10 (x86) : 118668-86 (deprecated)	Nessus	Solaris Local Security Checks	critical
19444	Solaris 10 (sparc) : 118667-86 (deprecated)	Nessus	Solaris Local Security Checks	critical
19443	Solaris 10 (sparc) : 118666-86 (deprecated)	Nessus	Solaris Local Security Checks	critical