CVE-2014-1876

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The unpacker::redirect_stdio function in unpack.cpp in unpack200 in OpenJDK 6, 7, and 8; Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 does not securely create temporary files when a log file cannot be opened, which allows local users to overwrite arbitrary files via a symlink attack on /tmp/unpack.log.

References

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737562

http://marc.info/?l=bugtraq&m=140852886808946&w=2

http://marc.info/?l=bugtraq&m=140852974709252&w=2

http://osvdb.org/102808

http://rhn.redhat.com/errata/RHSA-2014-0675.html

http://rhn.redhat.com/errata/RHSA-2014-0685.html

http://seclists.org/oss-sec/2014/q1/242

http://seclists.org/oss-sec/2014/q1/285

http://secunia.com/advisories/58415

http://secunia.com/advisories/59058

http://security.gentoo.org/glsa/glsa-201406-32.xml

http://www.debian.org/security/2014/dsa-2912

http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html

http://www.securityfocus.com/bid/65568

http://www.ubuntu.com/usn/USN-2187-1

http://www.ubuntu.com/usn/USN-2191-1

http://www-01.ibm.com/support/docview.wss?uid=swg21672080

http://www-01.ibm.com/support/docview.wss?uid=swg21676746

http://www-01.ibm.com/support/docview.wss?uid=swg21679713

https://access.redhat.com/errata/RHSA-2014:0413

https://access.redhat.com/errata/RHSA-2014:0414

https://bugzilla.redhat.com/show_bug.cgi?id=1060907

Details

Source: MITRE

Published: 2014-02-10

Updated: 2018-01-05

Type: CWE-59

Risk Information

CVSS v2

Base Score: 4.4

Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 3.4

Severity: MEDIUM

Tenable Plugins

View all (47 total)

IDNameProductFamilySeverity
83625SUSE SLES10 Security Update : IBM Java 5 (SUSE-SU-2014:0732-1)NessusSuSE Local Security Checks
critical
80046openSUSE Security Update : java-1_7_0-openjdk (openSUSE-SU-2014:1638-1)NessusSuSE Local Security Checks
critical
80045openSUSE Security Update : java-1_7_0-openjdk (openSUSE-SU-2014:1645-1)NessusSuSE Local Security Checks
critical
79039RHEL 5 / 6 : IBM Java Runtime in Satellite Server (RHSA-2014:0982)NessusRed Hat Local Security Checks
critical
79011RHEL 5 / 6 : java-1.6.0-sun (RHSA-2014:0414)NessusRed Hat Local Security Checks
medium
79010RHEL 5 / 6 : java-1.7.0-oracle (RHSA-2014:0413)NessusRed Hat Local Security Checks
critical
77812IBM Notes 9.0.x < 9.0.1 Fix Pack 2 Multiple VulnerabilitiesNessusWindows
critical
77811IBM Domino 9.0.x < 9.0.1 Fix Pack 2 Multiple Vulnerabilities (credentialed check) (POODLE)NessusWindows
critical
77810IBM Domino 9.x < 9.0.1 Fix Pack 2 Multiple Vulnerabilities (uncredentialed check)NessusMisc.
critical
77728VMware Security Updates for vCenter Server (VMSA-2014-0008)NessusMisc.
critical
77727VMware vCenter Update Manager Multiple Java Vulnerabilities (VMSA-2014-0008)NessusWindows
critical
76900RHEL 7 : java-1.7.1-ibm (RHSA-2014:0705)NessusRed Hat Local Security Checks
critical
76894RHEL 7 : java-1.6.0-openjdk (RHSA-2014:0685)NessusRed Hat Local Security Checks
critical
76889RHEL 7 : java-1.7.0-openjdk (RHSA-2014:0675)NessusRed Hat Local Security Checks
critical
76870AIX Java Advisory : java_apr2014_advisory.ascNessusAIX Local Security Checks
critical
76732Oracle Linux 7 : java-1.6.0-openjdk (ELSA-2014-0685)NessusOracle Linux Local Security Checks
critical
76727Oracle Linux 7 : java-1.7.0-openjdk (ELSA-2014-0675)NessusOracle Linux Local Security Checks
critical
76303GLSA-201406-32 : IcedTea JDK: Multiple vulnerabilities (BEAST) (ROBOT)NessusGentoo Local Security Checks
critical
74284SuSE 11.3 Security Update : IBM Java 6 (SAT Patch Number 9256)NessusSuSE Local Security Checks
critical
74254SuSE 11.3 Security Update : IBM Java 7 (SAT Patch Number 9263)NessusSuSE Local Security Checks
critical
74078Mandriva Linux Security Advisory : java-1.7.0-openjdk (MDVSA-2014:100)NessusMandriva Local Security Checks
critical
74032RHEL 5 / 6 : java-1.5.0-ibm (RHSA-2014:0509)NessusRed Hat Local Security Checks
critical
74031RHEL 5 / 6 : java-1.6.0-ibm (RHSA-2014:0508)NessusRed Hat Local Security Checks
critical
74007SuSE 11.3 Security Update : OpenJDK (SAT Patch Number 9209)NessusSuSE Local Security Checks
critical
74005RHEL 5 / 6 : java-1.7.0-ibm (RHSA-2014:0486)NessusRed Hat Local Security Checks
critical
73868Debian DSA-2923-1 : openjdk-7 - security updateNessusDebian Local Security Checks
critical
73822Ubuntu 10.04 LTS / 12.04 LTS : openjdk-6 vulnerabilities (USN-2191-1)NessusUbuntu Local Security Checks
critical
73801Ubuntu 12.10 / 13.10 / 14.04 LTS : openjdk-7 vulnerabilities (USN-2187-1)NessusUbuntu Local Security Checks
critical
73691Debian DSA-2912-1 : openjdk-6 - security updateNessusDebian Local Security Checks
critical
73655Amazon Linux AMI : java-1.7.0-openjdk (ALAS-2014-327)NessusAmazon Linux Local Security Checks
critical
73654Amazon Linux AMI : java-1.6.0-openjdk (ALAS-2014-326)NessusAmazon Linux Local Security Checks
critical
73612Oracle JRockit R27 < R27.8.2 / R28 < R28.3.2 Multiple Vulnerabilities (April 2014 CPU)NessusWindows
critical
73608RHEL 5 / 6 : java-1.7.0-oracle (RHSA-2014:0412)NessusRed Hat Local Security Checks
critical
73605Oracle Linux 5 : java-1.7.0-openjdk (ELSA-2014-0407)NessusOracle Linux Local Security Checks
critical
73590Scientific Linux Security Update : java-1.7.0-openjdk on SL6.x i386/x86_64 (20140416)NessusScientific Linux Local Security Checks
critical
73589Scientific Linux Security Update : java-1.7.0-openjdk on SL5.x i386/x86_64 (20140416)NessusScientific Linux Local Security Checks
critical
73588Scientific Linux Security Update : java-1.6.0-openjdk on SL5.x, SL6.x i386/x86_64 (20140416)NessusScientific Linux Local Security Checks
critical
73587RHEL 5 / 6 : java-1.6.0-openjdk (RHSA-2014:0408)NessusRed Hat Local Security Checks
critical
73586RHEL 5 : java-1.7.0-openjdk (RHSA-2014:0407)NessusRed Hat Local Security Checks
critical
73585RHEL 6 : java-1.7.0-openjdk (RHSA-2014:0406)NessusRed Hat Local Security Checks
critical
73584Oracle Linux 5 / 6 : java-1.6.0-openjdk (ELSA-2014-0408)NessusOracle Linux Local Security Checks
critical
73583Oracle Linux 6 : java-1.7.0-openjdk (ELSA-2014-0406)NessusOracle Linux Local Security Checks
critical
73580CentOS 5 / 6 : java-1.6.0-openjdk (CESA-2014:0408)NessusCentOS Local Security Checks
critical
73579CentOS 5 : java-1.7.0-openjdk (CESA-2014:0407)NessusCentOS Local Security Checks
critical
73578CentOS 6 : java-1.7.0-openjdk (CESA-2014:0406)NessusCentOS Local Security Checks
critical
73571Oracle Java SE Multiple Vulnerabilities (April 2014 CPU) (Unix)NessusMisc.
critical
73570Oracle Java SE Multiple Vulnerabilities (April 2014 CPU)NessusWindows
critical