CVE-2014-4227

critical

Published 2014-07-17 · Modified 2026-05-06

CVSS v3

—

CVSS v2

10.0

VIR risk

10.0

Description

Unspecified vulnerability in Oracle Java SE 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.

Predictions

Exploit likelihood

20%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: secalert_us@oracle.com — http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html

Application impact

Vendor	Product	Versions
oracle	jdk	`1.6.0`
oracle	jdk	`1.7.0`
oracle	jdk	`1.8.0`
oracle	jre	`1.6.0`
oracle	jre	`1.7.0`
oracle	jre	`1.8.0`

References

http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html
http://marc.info/?l=bugtraq&m=140852974709252&w=2
http://rhn.redhat.com/errata/RHSA-2015-0264.html
http://seclists.org/fulldisclosure/2014/Dec/23
http://secunia.com/advisories/59404
http://secunia.com/advisories/59680
http://secunia.com/advisories/59924
http://secunia.com/advisories/59986
http://secunia.com/advisories/59987
http://secunia.com/advisories/60081
http://secunia.com/advisories/60245
http://secunia.com/advisories/60317
http://secunia.com/advisories/60622
http://secunia.com/advisories/60817
http://secunia.com/advisories/61577
http://secunia.com/advisories/61640
http://security.gentoo.org/glsa/glsa-201502-12.xml
http://www-01.ibm.com/support/docview.wss?uid=swg21680334
http://www-01.ibm.com/support/docview.wss?uid=swg21686383
http://www-01.ibm.com/support/docview.wss?uid=swg21686824
http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
http://www.securityfocus.com/archive/1/534161/100/0/threaded
http://www.securityfocus.com/bid/68603
http://www.securitytracker.com/id/1030577

Verify integrity in audit chain (admin only). AS-IS.