CVE-2014-0453

MEDIUM

Description

Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security.

References

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698

http://marc.info/?l=bugtraq&m=140852886808946&w=2

http://marc.info/?l=bugtraq&m=140852974709252&w=2

http://rhn.redhat.com/errata/RHSA-2014-0675.html

http://rhn.redhat.com/errata/RHSA-2014-0685.html

http://secunia.com/advisories/58415

http://secunia.com/advisories/59022

http://secunia.com/advisories/59023

http://secunia.com/advisories/59071

http://secunia.com/advisories/59082

http://secunia.com/advisories/59104

http://secunia.com/advisories/59194

http://secunia.com/advisories/59250

http://secunia.com/advisories/59255

http://secunia.com/advisories/59307

http://secunia.com/advisories/59324

http://secunia.com/advisories/59436

http://secunia.com/advisories/59438

http://secunia.com/advisories/59653

http://secunia.com/advisories/59675

http://secunia.com/advisories/59722

http://secunia.com/advisories/59733

http://secunia.com/advisories/60003

http://secunia.com/advisories/60111

http://secunia.com/advisories/60117

http://secunia.com/advisories/60498

http://secunia.com/advisories/60574

http://secunia.com/advisories/60580

http://secunia.com/advisories/61050

http://secunia.com/advisories/61264

http://security.gentoo.org/glsa/glsa-201406-32.xml

http://security.gentoo.org/glsa/glsa-201502-12.xml

http://www.debian.org/security/2014/dsa-2912

http://www.ibm.com/support/docview.wss?uid=swg21675343

http://www.ibm.com/support/docview.wss?uid=swg21675588

http://www.ibm.com/support/docview.wss?uid=swg21677387

http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html

http://www.securityfocus.com/bid/66914

http://www.ubuntu.com/usn/USN-2187-1

http://www.ubuntu.com/usn/USN-2191-1

http://www-01.ibm.com/support/docview.wss?uid=swg21672080

http://www-01.ibm.com/support/docview.wss?uid=swg21673836

http://www-01.ibm.com/support/docview.wss?uid=swg21674539

http://www-01.ibm.com/support/docview.wss?uid=swg21675945

http://www-01.ibm.com/support/docview.wss?uid=swg21676190

http://www-01.ibm.com/support/docview.wss?uid=swg21676373

http://www-01.ibm.com/support/docview.wss?uid=swg21676672

http://www-01.ibm.com/support/docview.wss?uid=swg21676703

http://www-01.ibm.com/support/docview.wss?uid=swg21677294

http://www-01.ibm.com/support/docview.wss?uid=swg21678113

http://www-01.ibm.com/support/docview.wss?uid=swg21679610

http://www-01.ibm.com/support/docview.wss?uid=swg21679713

http://www-01.ibm.com/support/docview.wss?uid=swg21680387

http://www-01.ibm.com/support/docview.wss?uid=swg21680750

http://www-01.ibm.com/support/docview.wss?uid=swg21681018

http://www-01.ibm.com/support/docview.wss?uid=swg21681047

http://www-01.ibm.com/support/docview.wss?uid=swg21681256

http://www-01.ibm.com/support/docview.wss?uid=swg21683484

http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096132

https://access.redhat.com/errata/RHSA-2014:0413

https://access.redhat.com/errata/RHSA-2014:0414

https://www.ibm.com/support/docview.wss?uid=swg21674530

Details

Source: MITRE

Published: 2014-04-16

Updated: 2020-09-08

Risk Information

CVSS v2.0

Base Score: 4

Vector: AV:N/AC:H/Au:N/C:P/I:P/A:N

Impact Score: 4.9

Exploitability Score: 4.9

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:oracle:jdk:1.5.0:update_61:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.6.0:update_71:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.7.0:update51:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.8.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.5.0:update_61:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.6.0:update_71:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.7.0:update_51:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.8.0:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*

Configuration 3

OR

cpe:2.3:a:oracle:jrockit:r27.8.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:jrockit:r28.3.1:*:*:*:*:*:*:*

Tenable Plugins

View all (78 total)

IDNameProductFamilySeverity
9699IBM WebSphere Application Server 7.0 < 7.0.0.33 Multiple VulnerabilitiesNessus Network MonitorWeb Servers
critical
91778Juniper Junos Space < 15.1R1 Multiple Vulnerabilities (JSA10698)NessusJunos Local Security Checks
critical
83625SUSE SLES10 Security Update : IBM Java 5 (SUSE-SU-2014:0732-1)NessusSuSE Local Security Checks
critical
81370GLSA-201502-12 : Oracle JRE/JDK: Multiple vulnerabilitiesNessusGentoo Local Security Checks
critical
80197Juniper Junos Space < 14.1R1 Multiple Vulnerabilities (JSA10659)NessusJunos Local Security Checks
high
80046openSUSE Security Update : java-1_7_0-openjdk (openSUSE-SU-2014:1638-1)NessusSuSE Local Security Checks
critical
80045openSUSE Security Update : java-1_7_0-openjdk (openSUSE-SU-2014:1645-1)NessusSuSE Local Security Checks
critical
79039RHEL 5 / 6 : IBM Java Runtime in Satellite Server (RHSA-2014:0982)NessusRed Hat Local Security Checks
critical
79011RHEL 5 / 6 : java-1.6.0-sun (RHSA-2014:0414)NessusRed Hat Local Security Checks
critical
79010RHEL 5 / 6 : java-1.7.0-oracle (RHSA-2014:0413)NessusRed Hat Local Security Checks
critical
77812IBM Notes 9.0.x < 9.0.1 Fix Pack 2 Multiple VulnerabilitiesNessusWindows
critical
77811IBM Domino 9.0.x < 9.0.1 Fix Pack 2 Multiple Vulnerabilities (credentialed check) (POODLE)NessusWindows
critical
77810IBM Domino 9.x < 9.0.1 Fix Pack 2 Multiple Vulnerabilities (uncredentialed check)NessusMisc.
critical
77728VMware Security Updates for vCenter Server (VMSA-2014-0008)NessusMisc.
critical
77727VMware vCenter Update Manager Multiple Java Vulnerabilities (VMSA-2014-0008)NessusWindows
critical
77326Juniper NSM < 2012.2R9 Multiple Java and Apache Vulnerabilities (JSA10642)NessusMisc.
critical
76995IBM WebSphere Application Server 8.0 < Fix Pack 9 Multiple VulnerabilitiesNessusWeb Servers
high
76967IBM WebSphere Application Server 7.0 < Fix Pack 33 Multiple VulnerabilitiesNessusWeb Servers
high
76900RHEL 7 : java-1.7.1-ibm (RHSA-2014:0705)NessusRed Hat Local Security Checks
critical
76894RHEL 7 : java-1.6.0-openjdk (RHSA-2014:0685)NessusRed Hat Local Security Checks
critical
76889RHEL 7 : java-1.7.0-openjdk (RHSA-2014:0675)NessusRed Hat Local Security Checks
critical
76870AIX Java Advisory : java_apr2014_advisory.ascNessusAIX Local Security Checks
critical
76732Oracle Linux 7 : java-1.6.0-openjdk (ELSA-2014-0685)NessusOracle Linux Local Security Checks
critical
76727Oracle Linux 7 : java-1.7.0-openjdk (ELSA-2014-0675)NessusOracle Linux Local Security Checks
critical
76303GLSA-201406-32 : IcedTea JDK: Multiple vulnerabilities (BEAST) (ROBOT)NessusGentoo Local Security Checks
critical
74284SuSE 11.3 Security Update : IBM Java 6 (SAT Patch Number 9256)NessusSuSE Local Security Checks
critical
74254SuSE 11.3 Security Update : IBM Java 7 (SAT Patch Number 9263)NessusSuSE Local Security Checks
critical
74078Mandriva Linux Security Advisory : java-1.7.0-openjdk (MDVSA-2014:100)NessusMandriva Local Security Checks
critical
74032RHEL 5 / 6 : java-1.5.0-ibm (RHSA-2014:0509)NessusRed Hat Local Security Checks
critical
74031RHEL 5 / 6 : java-1.6.0-ibm (RHSA-2014:0508)NessusRed Hat Local Security Checks
critical
74007SuSE 11.3 Security Update : OpenJDK (SAT Patch Number 9209)NessusSuSE Local Security Checks
critical
74005RHEL 5 / 6 : java-1.7.0-ibm (RHSA-2014:0486)NessusRed Hat Local Security Checks
critical
73868Debian DSA-2923-1 : openjdk-7 - security updateNessusDebian Local Security Checks
critical
73822Ubuntu 10.04 LTS / 12.04 LTS : openjdk-6 vulnerabilities (USN-2191-1)NessusUbuntu Local Security Checks
critical
73801Ubuntu 12.10 / 13.10 / 14.04 LTS : openjdk-7 vulnerabilities (USN-2187-1)NessusUbuntu Local Security Checks
critical
73691Debian DSA-2912-1 : openjdk-6 - security updateNessusDebian Local Security Checks
critical
73655Amazon Linux AMI : java-1.7.0-openjdk (ALAS-2014-327)NessusAmazon Linux Local Security Checks
critical
73654Amazon Linux AMI : java-1.6.0-openjdk (ALAS-2014-326)NessusAmazon Linux Local Security Checks
critical
73612Oracle JRockit R27 < R27.8.2 / R28 < R28.3.2 Multiple Vulnerabilities (April 2014 CPU)NessusWindows
critical
73608RHEL 5 / 6 : java-1.7.0-oracle (RHSA-2014:0412)NessusRed Hat Local Security Checks
critical
73605Oracle Linux 5 : java-1.7.0-openjdk (ELSA-2014-0407)NessusOracle Linux Local Security Checks
critical
73590Scientific Linux Security Update : java-1.7.0-openjdk on SL6.x i386/x86_64 (20140416)NessusScientific Linux Local Security Checks
critical
73589Scientific Linux Security Update : java-1.7.0-openjdk on SL5.x i386/x86_64 (20140416)NessusScientific Linux Local Security Checks
critical
73588Scientific Linux Security Update : java-1.6.0-openjdk on SL5.x, SL6.x i386/x86_64 (20140416)NessusScientific Linux Local Security Checks
critical
73587RHEL 5 / 6 : java-1.6.0-openjdk (RHSA-2014:0408)NessusRed Hat Local Security Checks
critical
73586RHEL 5 : java-1.7.0-openjdk (RHSA-2014:0407)NessusRed Hat Local Security Checks
critical
73585RHEL 6 : java-1.7.0-openjdk (RHSA-2014:0406)NessusRed Hat Local Security Checks
critical
73584Oracle Linux 5 / 6 : java-1.6.0-openjdk (ELSA-2014-0408)NessusOracle Linux Local Security Checks
critical
73583Oracle Linux 6 : java-1.7.0-openjdk (ELSA-2014-0406)NessusOracle Linux Local Security Checks
critical
73580CentOS 5 / 6 : java-1.6.0-openjdk (CESA-2014:0408)NessusCentOS Local Security Checks
critical
73579CentOS 5 : java-1.7.0-openjdk (CESA-2014:0407)NessusCentOS Local Security Checks
critical
73578CentOS 6 : java-1.7.0-openjdk (CESA-2014:0406)NessusCentOS Local Security Checks
critical
73571Oracle Java SE Multiple Vulnerabilities (April 2014 CPU) (Unix)NessusMisc.
critical
73570Oracle Java SE Multiple Vulnerabilities (April 2014 CPU)NessusWindows
critical
27034Solaris 9 (x86) : 125139-97NessusSolaris Local Security Checks
critical
27033Solaris 9 (x86) : 125138-97NessusSolaris Local Security Checks
critical
27021Solaris 9 (sparc) : 125137-97NessusSolaris Local Security Checks
critical
27020Solaris 9 (sparc) : 125136-97NessusSolaris Local Security Checks
critical
27016Solaris 8 (x86) : 125139-97NessusSolaris Local Security Checks
critical
27015Solaris 8 (x86) : 125138-97NessusSolaris Local Security Checks
critical
27009Solaris 8 (sparc) : 125137-97NessusSolaris Local Security Checks
critical
27008Solaris 8 (sparc) : 125136-97NessusSolaris Local Security Checks
critical
26996Solaris 10 (x86) : 125139-97 (deprecated)NessusSolaris Local Security Checks
critical
26995Solaris 10 (x86) : 125138-97 (deprecated)NessusSolaris Local Security Checks
critical
26985Solaris 10 (sparc) : 125137-97 (deprecated)NessusSolaris Local Security Checks
critical
26984Solaris 10 (sparc) : 125136-97 (deprecated)NessusSolaris Local Security Checks
critical
19583Solaris 9 (x86) : 118669-86NessusSolaris Local Security Checks
critical
19582Solaris 8 (x86) : 118669-86NessusSolaris Local Security Checks
critical
19580Solaris 10 (x86) : 118669-86 (deprecated)NessusSolaris Local Security Checks
critical
19461Solaris 9 (x86) : 118668-86NessusSolaris Local Security Checks
critical
19460Solaris 9 (sparc) : 118667-86NessusSolaris Local Security Checks
critical
19459Solaris 9 (sparc) : 118666-86NessusSolaris Local Security Checks
critical
19457Solaris 8 (x86) : 118668-86NessusSolaris Local Security Checks
critical
19456Solaris 8 (sparc) : 118667-86NessusSolaris Local Security Checks
critical
19455Solaris 8 (sparc) : 118666-86NessusSolaris Local Security Checks
critical
19450Solaris 10 (x86) : 118668-86 (deprecated)NessusSolaris Local Security Checks
critical
19444Solaris 10 (sparc) : 118667-86 (deprecated)NessusSolaris Local Security Checks
critical
19443Solaris 10 (sparc) : 118666-86 (deprecated)NessusSolaris Local Security Checks
critical