CVE-2014-0455
critical
CVSS v3
—
CVSS v2
9.3
VIR risk
9.3
Description
Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2014-0432 and CVE-2014-2402.
Predictions
Exploit likelihood
20%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: secalert_us@oracle.com — http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html
OS impact
| OS | Version | Status | Fixed in |
|---|---|---|---|
| ubuntu | 12.10 | affected | |
| ubuntu | 13.10 | affected | |
| ubuntu | 14.04 | affected | |
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.8.0 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.8.0 | |
| ibm | forms_viewer | {"startIncluding":"4.0.0","endExcluding":"4.0.0.3"} | 4.0.0.3 |
References
- http://marc.info/?l=bugtraq&m=140852886808946&w=2
- http://rhn.redhat.com/errata/RHSA-2014-0675.html
- http://secunia.com/advisories/58974
- http://security.gentoo.org/glsa/glsa-201502-12.xml
- http://www-01.ibm.com/support/docview.wss?uid=swg21672080
- http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html
- http://www.securityfocus.com/bid/66899
- http://www.ubuntu.com/usn/USN-2187-1
- https://access.redhat.com/errata/RHSA-2014:0413
- https://www.ibm.com/support/docview.wss?uid=swg21675973
- http://marc.info/?l=bugtraq&m=140852886808946&w=2
- http://rhn.redhat.com/errata/RHSA-2014-0675.html
- http://secunia.com/advisories/58974
- http://security.gentoo.org/glsa/glsa-201502-12.xml
- http://www-01.ibm.com/support/docview.wss?uid=swg21672080
- http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html
- http://www.securityfocus.com/bid/66899
- http://www.ubuntu.com/usn/USN-2187-1
- https://access.redhat.com/errata/RHSA-2014:0413
- https://www.ibm.com/support/docview.wss?uid=swg21675973
Verify integrity in audit chain (admin only). AS-IS.