CVE-2014-4247

HIGH

Description

Unspecified vulnerability in Oracle Java SE 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX.

References

http://seclists.org/fulldisclosure/2014/Dec/23

http://security.gentoo.org/glsa/glsa-201502-12.xml

http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html

http://www.securityfocus.com/archive/1/534161/100/0/threaded

http://www.securityfocus.com/bid/68626

http://www.securitytracker.com/id/1030577

http://www.vmware.com/security/advisories/VMSA-2014-0012.html

https://exchange.xforce.ibmcloud.com/vulnerabilities/94592

Details

Source: MITRE

Published: 2014-07-17

Updated: 2018-10-09

Type: NVD-CWE-noinfo

Risk Information

CVSS v2.0

Base Score: 9.3

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 8.6

Severity: HIGH

Tenable Plugins

View all (7 total)

ID	Name	Product	Family	Severity
81370	GLSA-201502-12 : Oracle JRE/JDK: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	critical
79865	VMware Security Updates for vCenter Server (VMSA-2014-0012)	Nessus	Misc.	critical
79864	VMware vCenter Update Manager Multiple Java Vulnerabilities (VMSA-2014-0012)	Nessus	Windows	critical
77282	Puppet Enterprise 3.3.0 Bundled Oracle Java Vulnerabilities	Nessus	CGI abuses	critical
76998	SuSE 11.3 Security Update : openjdk (SAT Patch Number 9543)	Nessus	SuSE Local Security Checks	critical
76533	Oracle Java SE Multiple Vulnerabilities (July 2014 CPU) (Unix)	Nessus	Misc.	critical
76532	Oracle Java SE Multiple Vulnerabilities (July 2014 CPU)	Nessus	Windows	critical