CVE-2014-4262

Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.

CVSS v2.0 9.3 HIGH

9.3^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability : 8.6 / Impact : 10.0

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html	Vendor Advisory
http://www.securityfocus.com/bid/68599
http://secunia.com/advisories/60245
http://www.debian.org/security/2014/dsa-2980
http://www.debian.org/security/2014/dsa-2987
http://secunia.com/advisories/61577
http://secunia.com/advisories/61640
http://www-01.ibm.com/support/docview.wss?uid=swg21686824
http://secunia.com/advisories/60081
http://www-01.ibm.com/support/docview.wss?uid=swg21686383
http://secunia.com/advisories/60317
http://www.vmware.com/security/advisories/VMSA-2014-0012.html
http://seclists.org/fulldisclosure/2014/Dec/23
http://security.gentoo.org/glsa/glsa-201502-12.xml
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html
http://rhn.redhat.com/errata/RHSA-2015-0264.html
http://marc.info/?l=bugtraq&m=140852974709252&w=2
http://marc.info/?l=bugtraq&m=140852886808946&w=2
http://www-01.ibm.com/support/docview.wss?uid=swg21680334
http://www.securitytracker.com/id/1030577
http://secunia.com/advisories/60817
http://secunia.com/advisories/60812
http://secunia.com/advisories/60622
http://secunia.com/advisories/60485
http://secunia.com/advisories/60129
http://secunia.com/advisories/59987
http://secunia.com/advisories/59986
http://secunia.com/advisories/59985
http://secunia.com/advisories/59924
http://secunia.com/advisories/59680
http://secunia.com/advisories/59404
https://exchange.xforce.ibmcloud.com/vulnerabilities/94595
https://access.redhat.com/errata/RHSA-2014:0908
https://access.redhat.com/errata/RHSA-2014:0902
http://www.securityfocus.com/archive/1/534161/100/0/threaded

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:oracle:jdk:1.8.0:update5::::::
	cpe:2.3:a:oracle:jdk:1.7.0:update60::::::
	cpe:2.3:a:oracle:jdk:1.5.0:update65::::::
	cpe:2.3:a:oracle:jdk:1.6.0:update75::::::
	cpe:2.3:a:oracle:jre:1.5.0:update65::::::
	cpe:2.3:a:oracle:jre:1.6.0:update75::::::
	cpe:2.3:a:oracle:jre:1.8.0:update5::::::
	cpe:2.3:a:oracle:jre:1.7.0:update60::::::

Information

Published : 2014-07-17 04:17

Updated : 2022-05-13 07:57

NVD link : CVE-2014-4262

Mitre link : CVE-2014-4262

JSON object : View

CWE

NVD-CWE-noinfo

Products Affected

oracle

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html", "name": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html", "tags": ["Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://www.securityfocus.com/bid/68599", "name": "68599", "tags": [], "refsource": "BID"}, {"url": "http://secunia.com/advisories/60245", "name": "60245", "tags": [], "refsource": "SECUNIA"}, {"url": "http://www.debian.org/security/2014/dsa-2980", "name": "DSA-2980", "tags": [], "refsource": "DEBIAN"}, {"url": "http://www.debian.org/security/2014/dsa-2987", "name": "DSA-2987", "tags": [], "refsource": "DEBIAN"}, {"url": "http://secunia.com/advisories/61577", "name": "61577", "tags": [], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/61640", "name": "61640", "tags": [], "refsource": "SECUNIA"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686824", "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686824", "tags": [], "refsource": "CONFIRM"}, {"url": "http://secunia.com/advisories/60081", "name": "60081", "tags": [], "refsource": "SECUNIA"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21686383", "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21686383", "tags": [], "refsource": "CONFIRM"}, {"url": "http://secunia.com/advisories/60317", "name": "60317", "tags": [], "refsource": "SECUNIA"}, {"url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", "name": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", "tags": [], "refsource": "CONFIRM"}, {"url": "http://seclists.org/fulldisclosure/2014/Dec/23", "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", "tags": [], "refsource": "FULLDISC"}, {"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml", "name": "GLSA-201502-12", "tags": [], "refsource": "GENTOO"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html", "name": "SUSE-SU-2015:0344", "tags": [], "refsource": "SUSE"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html", "name": "SUSE-SU-2015:0392", "tags": [], "refsource": "SUSE"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html", "name": "SUSE-SU-2015:0376", "tags": [], "refsource": "SUSE"}, {"url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html", "name": "RHSA-2015:0264", "tags": [], "refsource": "REDHAT"}, {"url": "http://marc.info/?l=bugtraq&m=140852974709252&w=2", "name": "HPSBUX03092", "tags": [], "refsource": "HP"}, {"url": "http://marc.info/?l=bugtraq&m=140852886808946&w=2", "name": "HPSBUX03091", "tags": [], "refsource": "HP"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21680334", "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21680334", "tags": [], "refsource": "CONFIRM"}, {"url": "http://www.securitytracker.com/id/1030577", "name": "1030577", "tags": [], "refsource": "SECTRACK"}, {"url": "http://secunia.com/advisories/60817", "name": "60817", "tags": [], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/60812", "name": "60812", "tags": [], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/60622", "name": "60622", "tags": [], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/60485", "name": "60485", "tags": [], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/60129", "name": "60129", "tags": [], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/59987", "name": "59987", "tags": [], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/59986", "name": "59986", "tags": [], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/59985", "name": "59985", "tags": [], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/59924", "name": "59924", "tags": [], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/59680", "name": "59680", "tags": [], "refsource": "SECUNIA"}, {"url": "http://secunia.com/advisories/59404", "name": "59404", "tags": [], "refsource": "SECUNIA"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94595", "name": "oracle-cpujul2014-cve20144262(94595)", "tags": [], "refsource": "XF"}, {"url": "https://access.redhat.com/errata/RHSA-2014:0908", "name": "RHSA-2014:0908", "tags": [], "refsource": "REDHAT"}, {"url": "https://access.redhat.com/errata/RHSA-2014:0902", "name": "RHSA-2014:0902", "tags": [], "refsource": "REDHAT"}, {"url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded", "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", "tags": [], "refsource": "BUGTRAQ"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2014-4262", "ASSIGNER": "secalert_us@oracle.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "HIGH", "impactScore": 10.0, "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2014-07-17T11:17Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:oracle:jdk:1.8.0:update5:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update60:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:jdk:1.5.0:update65:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update75:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:jre:1.5.0:update65:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update75:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:jre:1.8.0:update5:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update60:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2022-05-13T14:57Z"}

9.3 /10