CVE-2014-2490

HIGH

Description

Unspecified vulnerability in the Java SE component in Oracle Java SE 7u60 and SE 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.

References

http://marc.info/?l=bugtraq&m=140852886808946&w=2

http://seclists.org/fulldisclosure/2014/Dec/23

http://secunia.com/advisories/60129

http://secunia.com/advisories/60485

http://secunia.com/advisories/60812

http://security.gentoo.org/glsa/glsa-201502-12.xml

http://www.debian.org/security/2014/dsa-2980

http://www.debian.org/security/2014/dsa-2987

http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html

http://www.securityfocus.com/archive/1/534161/100/0/threaded

http://www.securityfocus.com/bid/68645

http://www.securitytracker.com/id/1030577

http://www.vmware.com/security/advisories/VMSA-2014-0012.html

https://access.redhat.com/errata/RHSA-2014:0902

Details

Source: MITRE

Published: 2014-07-17

Updated: 2018-10-09

Type: NVD-CWE-noinfo

Risk Information

CVSS v2.0

Base Score: 9.3

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 8.6

Severity: HIGH

Tenable Plugins

View all (33 total)

ID	Name	Product	Family	Severity
82241	Debian DLA-96-1 : openjdk-6 security update	Nessus	Debian Local Security Checks	high
81370	GLSA-201502-12 : Oracle JRE/JDK: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	critical
80046	openSUSE Security Update : java-1_7_0-openjdk (openSUSE-SU-2014:1638-1)	Nessus	SuSE Local Security Checks	critical
80045	openSUSE Security Update : java-1_7_0-openjdk (openSUSE-SU-2014:1645-1)	Nessus	SuSE Local Security Checks	critical
79865	VMware Security Updates for vCenter Server (VMSA-2014-0012)	Nessus	Misc.	critical
79864	VMware vCenter Update Manager Multiple Java Vulnerabilities (VMSA-2014-0012)	Nessus	Windows	critical
79036	RHEL 5 / 6 / 7 : java-1.7.0-oracle (RHSA-2014:0902)	Nessus	Red Hat Local Security Checks	critical
78330	Amazon Linux AMI : java-1.6.0-openjdk (ALAS-2014-387)	Nessus	Amazon Linux Local Security Checks	high
78326	Amazon Linux AMI : java-1.7.0-openjdk (ALAS-2014-383)	Nessus	Amazon Linux Local Security Checks	high
77724	Ubuntu 14.04 LTS : openjdk-7 update (USN-2319-3)	Nessus	Ubuntu Local Security Checks	high
77387	Ubuntu 14.04 LTS : openjdk-7 regression (USN-2319-2)	Nessus	Ubuntu Local Security Checks	high
77282	Puppet Enterprise 3.3.0 Bundled Oracle Java Vulnerabilities	Nessus	CGI abuses	critical
77274	Ubuntu 14.04 LTS : openjdk-7 vulnerabilities (USN-2319-1)	Nessus	Ubuntu Local Security Checks	high
77181	Ubuntu 10.04 LTS / 12.04 LTS : openjdk-6 vulnerabilities (USN-2312-1)	Nessus	Ubuntu Local Security Checks	high
76998	SuSE 11.3 Security Update : openjdk (SAT Patch Number 9543)	Nessus	SuSE Local Security Checks	critical
76887	Mandriva Linux Security Advisory : java-1.7.0-openjdk (MDVSA-2014:141)	Nessus	Mandriva Local Security Checks	high
76842	Debian DSA-2987-1 : openjdk-7 - security update	Nessus	Debian Local Security Checks	high
76689	Debian DSA-2980-1 : openjdk-6 - security update	Nessus	Debian Local Security Checks	high
8332	Oracle Java Update (July 2014) Multiple Vulnerabilities	Nessus Network Monitor	Web Clients	high
76681	Scientific Linux Security Update : java-1.6.0-openjdk on SL5.x, SL6.x i386/srpm/x86_64 (20140721)	Nessus	Scientific Linux Local Security Checks	high
76680	RHEL 5 / 6 / 7 : java-1.6.0-openjdk (RHSA-2014:0907)	Nessus	Red Hat Local Security Checks	high
76631	Oracle Linux 5 / 6 / 7 : java-1.6.0-openjdk (ELSA-2014-0907)	Nessus	Oracle Linux Local Security Checks	high
76623	CentOS 5 / 6 / 7 : java-1.6.0-openjdk (CESA-2014:0907)	Nessus	CentOS Local Security Checks	high
76552	Scientific Linux Security Update : java-1.7.0-openjdk on SL6.x i386/x86_64 (20140716)	Nessus	Scientific Linux Local Security Checks	high
76551	Scientific Linux Security Update : java-1.7.0-openjdk on SL5.x i386/x86_64 (20140716)	Nessus	Scientific Linux Local Security Checks	high
76548	Oracle Linux 5 : java-1.7.0-openjdk (ELSA-2014-0890)	Nessus	Oracle Linux Local Security Checks	high
76547	Oracle Linux 6 / 7 : java-1.7.0-openjdk (ELSA-2014-0889)	Nessus	Oracle Linux Local Security Checks	high
76538	CentOS 5 : java-1.7.0-openjdk (CESA-2014:0890)	Nessus	CentOS Local Security Checks	high
76537	CentOS 6 / 7 : java-1.7.0-openjdk (CESA-2014:0889)	Nessus	CentOS Local Security Checks	high
76533	Oracle Java SE Multiple Vulnerabilities (July 2014 CPU) (Unix)	Nessus	Misc.	critical
76532	Oracle Java SE Multiple Vulnerabilities (July 2014 CPU)	Nessus	Windows	critical
76516	RHEL 5 : java-1.7.0-openjdk (RHSA-2014:0890)	Nessus	Red Hat Local Security Checks	high
76515	RHEL 6 / 7 : java-1.7.0-openjdk (RHSA-2014:0889)	Nessus	Red Hat Local Security Checks	high

CVE-2014-2490

Description

References

Details

Risk Information

CVSS v2.0

Vulnerable Software

Configuration 1

Configuration 2

Configuration 3

Tenable Plugins