CVE-2014-0460
medium
CVSS v3
โ
CVSS v4 NEW
โ
VIR risk
5.8
Description
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via vectors related to JNDI.
Predictions
Exploit likelihood
20%
Patch ETA
โ
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No mitigations published for this CVE yet.
The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or โ if you've already worked around this in production โ publish your fix to the community-verified tier.
โ Propose a mitigation on Community โ Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here withsource_tier=community-verified.
OS impact
| OS | Version | Status | Fixed in |
|---|---|---|---|
| debian | 6.0 | affected | |
| debian | 7.0 | affected | |
| debian | 8.0 | affected | |
| ubuntu | 10.04 | affected | |
| ubuntu | 12.04 | affected | |
| ubuntu | 12.10 | affected | |
| ubuntu | 13.10 | affected | |
| ubuntu | 14.04 | affected | |
References
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698
- http://marc.info/?l=bugtraq&m=140852886808946&w=2
- http://marc.info/?l=bugtraq&m=140852974709252&w=2
- http://rhn.redhat.com/errata/RHSA-2014-0675.html
- http://rhn.redhat.com/errata/RHSA-2014-0685.html
- http://secunia.com/advisories/58415
- http://secunia.com/advisories/59022
- http://secunia.com/advisories/59023
- http://secunia.com/advisories/59058
- http://secunia.com/advisories/59071
- http://secunia.com/advisories/59082
- http://secunia.com/advisories/59250
- http://secunia.com/advisories/59255
- http://secunia.com/advisories/59307
- http://secunia.com/advisories/59436
- http://secunia.com/advisories/59516
- http://secunia.com/advisories/59642
- http://secunia.com/advisories/59704
- http://secunia.com/advisories/59705
- http://secunia.com/advisories/59706
- http://secunia.com/advisories/60003
- http://secunia.com/advisories/60111
- http://secunia.com/advisories/60117
- http://secunia.com/advisories/61264
- http://security.gentoo.org/glsa/glsa-201406-32.xml
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.