CVE-2014-2420

Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect integrity via unknown vectors related to Deployment.

CVSS v2.0 2.6 LOW

2.6^/10

CVSS v2.0 : LOW

Vector : AV:N/AC:H/Au:N/C:N/I:P/A:N

Exploitability : 4.9 / Impact : 2.9

Access Vector NETWORK

Access Complexity HIGH

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html	Vendor Advisory
http://www.securityfocus.com/bid/66919	Third Party Advisory VDB Entry
http://www-01.ibm.com/support/docview.wss?uid=swg21672080	Third Party Advisory
http://www.ibm.com/support/docview.wss?uid=swg21677387	Third Party Advisory
http://secunia.com/advisories/60111	Third Party Advisory
http://security.gentoo.org/glsa/glsa-201502-12.xml	Third Party Advisory
http://marc.info/?l=bugtraq&m=140852974709252&w=2	Issue Tracking Mailing List Third Party Advisory
http://marc.info/?l=bugtraq&m=140852886808946&w=2	Issue Tracking Mailing List Third Party Advisory
https://access.redhat.com/errata/RHSA-2014:0414	Third Party Advisory
https://access.redhat.com/errata/RHSA-2014:0413	Third Party Advisory

Advertisement

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:oracle:jdk:1.7.0:update51::::::
	cpe:2.3:a:oracle:jre:1.7.0:update51::::::
	cpe:2.3:a:oracle:jdk:1.8.0:-::::::
	cpe:2.3:a:oracle:jre:1.8.0:-::::::
	cpe:2.3:a:oracle:jdk:1.6.0:update71::::::
	cpe:2.3:a:oracle:jre:1.6.0:update71::::::

Information

Published : 2014-04-15 19:55

Updated : 2022-05-13 07:57

NVD link : CVE-2014-2420

Mitre link : CVE-2014-2420

JSON object : View

CWE

NVD-CWE-noinfo

Advertisement

Products Affected

oracle

jdk
jre

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html", "name": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html", "tags": ["Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://www.securityfocus.com/bid/66919", "name": "66919", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": "BID"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080", "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080", "tags": ["Third Party Advisory"], "refsource": "CONFIRM"}, {"url": "http://www.ibm.com/support/docview.wss?uid=swg21677387", "name": "http://www.ibm.com/support/docview.wss?uid=swg21677387", "tags": ["Third Party Advisory"], "refsource": "CONFIRM"}, {"url": "http://secunia.com/advisories/60111", "name": "60111", "tags": ["Third Party Advisory"], "refsource": "SECUNIA"}, {"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml", "name": "GLSA-201502-12", "tags": ["Third Party Advisory"], "refsource": "GENTOO"}, {"url": "http://marc.info/?l=bugtraq&m=140852974709252&w=2", "name": "SSRT101668", "tags": ["Issue Tracking", "Mailing List", "Third Party Advisory"], "refsource": "HP"}, {"url": "http://marc.info/?l=bugtraq&m=140852886808946&w=2", "name": "SSRT101667", "tags": ["Issue Tracking", "Mailing List", "Third Party Advisory"], "refsource": "HP"}, {"url": "https://access.redhat.com/errata/RHSA-2014:0414", "name": "RHSA-2014:0414", "tags": ["Third Party Advisory"], "refsource": "REDHAT"}, {"url": "https://access.redhat.com/errata/RHSA-2014:0413", "name": "RHSA-2014:0413", "tags": ["Third Party Advisory"], "refsource": "REDHAT"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect integrity via unknown vectors related to Deployment."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2014-2420", "ASSIGNER": "secalert_us@oracle.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 2.6, "accessVector": "NETWORK", "vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "HIGH", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "severity": "LOW", "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 4.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2014-04-16T02:55Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update51:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update51:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:jdk:1.8.0:-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:jre:1.8.0:-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update71:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update71:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2022-05-13T14:57Z"}