CVE-2014-4223

HIGH

Description

Unspecified vulnerability in Oracle Java SE 7u60 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2014-2483.

References

http://marc.info/?l=bugtraq&m=140852886808946&w=2

http://seclists.org/fulldisclosure/2014/Dec/23

http://secunia.com/advisories/60485

http://secunia.com/advisories/60812

http://security.gentoo.org/glsa/glsa-201502-12.xml

http://www.debian.org/security/2014/dsa-2987

http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html

http://www.securityfocus.com/archive/1/534161/100/0/threaded

http://www.securityfocus.com/bid/68590

http://www.securitytracker.com/id/1030577

http://www.vmware.com/security/advisories/VMSA-2014-0012.html

https://access.redhat.com/errata/RHSA-2014:0902

https://exchange.xforce.ibmcloud.com/vulnerabilities/94594

Details

Source: MITRE

Published: 2014-07-17

Updated: 2020-09-08

Risk Information

CVSS v2.0

Base Score: 9.3

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 8.6

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:oracle:jdk:1.7.0:update60:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.7.0:update_60:*:*:*:*:*:*

Tenable Plugins

View all (25 total)

IDNameProductFamilySeverity
81370GLSA-201502-12 : Oracle JRE/JDK: Multiple vulnerabilitiesNessusGentoo Local Security Checks
critical
80046openSUSE Security Update : java-1_7_0-openjdk (openSUSE-SU-2014:1638-1)NessusSuSE Local Security Checks
critical
80045openSUSE Security Update : java-1_7_0-openjdk (openSUSE-SU-2014:1645-1)NessusSuSE Local Security Checks
critical
79865VMware Security Updates for vCenter Server (VMSA-2014-0012)NessusMisc.
critical
79864VMware vCenter Update Manager Multiple Java Vulnerabilities (VMSA-2014-0012)NessusWindows
critical
79036RHEL 5 / 6 / 7 : java-1.7.0-oracle (RHSA-2014:0902)NessusRed Hat Local Security Checks
critical
78326Amazon Linux AMI : java-1.7.0-openjdk (ALAS-2014-383)NessusAmazon Linux Local Security Checks
high
77724Ubuntu 14.04 LTS : openjdk-7 update (USN-2319-3)NessusUbuntu Local Security Checks
high
77387Ubuntu 14.04 LTS : openjdk-7 regression (USN-2319-2)NessusUbuntu Local Security Checks
high
77282Puppet Enterprise 3.3.0 Bundled Oracle Java VulnerabilitiesNessusCGI abuses
critical
77274Ubuntu 14.04 LTS : openjdk-7 vulnerabilities (USN-2319-1)NessusUbuntu Local Security Checks
high
76998SuSE 11.3 Security Update : openjdk (SAT Patch Number 9543)NessusSuSE Local Security Checks
critical
76887Mandriva Linux Security Advisory : java-1.7.0-openjdk (MDVSA-2014:141)NessusMandriva Local Security Checks
high
76842Debian DSA-2987-1 : openjdk-7 - security updateNessusDebian Local Security Checks
high
8332Oracle Java Update (July 2014) Multiple VulnerabilitiesNessus Network MonitorWeb Clients
high
76552Scientific Linux Security Update : java-1.7.0-openjdk on SL6.x i386/x86_64 (20140716)NessusScientific Linux Local Security Checks
high
76551Scientific Linux Security Update : java-1.7.0-openjdk on SL5.x i386/x86_64 (20140716)NessusScientific Linux Local Security Checks
high
76548Oracle Linux 5 : java-1.7.0-openjdk (ELSA-2014-0890)NessusOracle Linux Local Security Checks
high
76547Oracle Linux 6 / 7 : java-1.7.0-openjdk (ELSA-2014-0889)NessusOracle Linux Local Security Checks
high
76538CentOS 5 : java-1.7.0-openjdk (CESA-2014:0890)NessusCentOS Local Security Checks
high
76537CentOS 6 / 7 : java-1.7.0-openjdk (CESA-2014:0889)NessusCentOS Local Security Checks
high
76533Oracle Java SE Multiple Vulnerabilities (July 2014 CPU) (Unix)NessusMisc.
critical
76532Oracle Java SE Multiple Vulnerabilities (July 2014 CPU)NessusWindows
critical
76516RHEL 5 : java-1.7.0-openjdk (RHSA-2014:0890)NessusRed Hat Local Security Checks
high
76515RHEL 6 / 7 : java-1.7.0-openjdk (RHSA-2014:0889)NessusRed Hat Local Security Checks
high