CVE-2014-6517 - Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and Jrockit

CVE-2014-6517

Summary

Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and Jrockit R27.8.3 and R28.3.3 allows remote attackers to affect confidentiality via vectors related to JAXP.

References

Vulnerable Configurations

cpe:2.3:a:oracle:jrockit:r28.3.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jrockit:r28.3.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jrockit:r27.8.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jrockit:r27.8.3:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.8.0:update_20:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.8.0:update_20:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update_67:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update_67:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update_81:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update_81:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update60:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update60:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update81:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update81:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update60:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update60:*:*:*:*:*:*

CVSS

Base:	5.0 (as of 13-05-2022 - 14:57)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	NONE	NONE

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:N/A:N

redhat via4

advisories

rhsa
id RHSA-2014:1620
rhsa
id RHSA-2014:1633
rhsa
id RHSA-2014:1634
rhsa
id RHSA-2014:1636
rhsa
id RHSA-2014:1657
rhsa
id RHSA-2014:1658

rpms

java-1.7.0-openjdk-1:1.7.0.71-2.5.3.1.el6
java-1.7.0-openjdk-1:1.7.0.71-2.5.3.1.el7_0
java-1.7.0-openjdk-accessibility-1:1.7.0.71-2.5.3.1.el7_0
java-1.7.0-openjdk-debuginfo-1:1.7.0.71-2.5.3.1.el6
java-1.7.0-openjdk-debuginfo-1:1.7.0.71-2.5.3.1.el7_0
java-1.7.0-openjdk-demo-1:1.7.0.71-2.5.3.1.el6
java-1.7.0-openjdk-demo-1:1.7.0.71-2.5.3.1.el7_0
java-1.7.0-openjdk-devel-1:1.7.0.71-2.5.3.1.el6
java-1.7.0-openjdk-devel-1:1.7.0.71-2.5.3.1.el7_0
java-1.7.0-openjdk-headless-1:1.7.0.71-2.5.3.1.el7_0
java-1.7.0-openjdk-javadoc-1:1.7.0.71-2.5.3.1.el6
java-1.7.0-openjdk-javadoc-1:1.7.0.71-2.5.3.1.el7_0
java-1.7.0-openjdk-src-1:1.7.0.71-2.5.3.1.el6
java-1.7.0-openjdk-src-1:1.7.0.71-2.5.3.1.el7_0
java-1.7.0-openjdk-1:1.7.0.71-2.5.3.1.el5_11
java-1.7.0-openjdk-debuginfo-1:1.7.0.71-2.5.3.1.el5_11
java-1.7.0-openjdk-demo-1:1.7.0.71-2.5.3.1.el5_11
java-1.7.0-openjdk-devel-1:1.7.0.71-2.5.3.1.el5_11
java-1.7.0-openjdk-javadoc-1:1.7.0.71-2.5.3.1.el5_11
java-1.7.0-openjdk-src-1:1.7.0.71-2.5.3.1.el5_11
java-1.6.0-openjdk-1:1.6.0.33-1.13.5.0.el5_11
java-1.6.0-openjdk-1:1.6.0.33-1.13.5.0.el6_6
java-1.6.0-openjdk-1:1.6.0.33-1.13.5.0.el7_0
java-1.6.0-openjdk-debuginfo-1:1.6.0.33-1.13.5.0.el5_11
java-1.6.0-openjdk-debuginfo-1:1.6.0.33-1.13.5.0.el6_6
java-1.6.0-openjdk-debuginfo-1:1.6.0.33-1.13.5.0.el7_0
java-1.6.0-openjdk-demo-1:1.6.0.33-1.13.5.0.el5_11
java-1.6.0-openjdk-demo-1:1.6.0.33-1.13.5.0.el6_6
java-1.6.0-openjdk-demo-1:1.6.0.33-1.13.5.0.el7_0
java-1.6.0-openjdk-devel-1:1.6.0.33-1.13.5.0.el5_11
java-1.6.0-openjdk-devel-1:1.6.0.33-1.13.5.0.el6_6
java-1.6.0-openjdk-devel-1:1.6.0.33-1.13.5.0.el7_0
java-1.6.0-openjdk-javadoc-1:1.6.0.33-1.13.5.0.el5_11
java-1.6.0-openjdk-javadoc-1:1.6.0.33-1.13.5.0.el6_6
java-1.6.0-openjdk-javadoc-1:1.6.0.33-1.13.5.0.el7_0
java-1.6.0-openjdk-src-1:1.6.0.33-1.13.5.0.el5_11
java-1.6.0-openjdk-src-1:1.6.0.33-1.13.5.0.el6_6
java-1.6.0-openjdk-src-1:1.6.0.33-1.13.5.0.el7_0
java-1.8.0-openjdk-0:1.8.0.25-1.b17.el6
java-1.8.0-openjdk-debuginfo-0:1.8.0.25-1.b17.el6
java-1.8.0-openjdk-demo-0:1.8.0.25-1.b17.el6
java-1.8.0-openjdk-devel-0:1.8.0.25-1.b17.el6
java-1.8.0-openjdk-headless-0:1.8.0.25-1.b17.el6
java-1.8.0-openjdk-javadoc-0:1.8.0.25-1.b17.el6
java-1.8.0-openjdk-src-0:1.8.0.25-1.b17.el6
java-1.7.0-oracle-1:1.7.0.72-1jpp.2.el6
java-1.7.0-oracle-1:1.7.0.72-1jpp.2.el7
java-1.7.0-oracle-1:1.7.0.72-1jpp.4.el5_11
java-1.7.0-oracle-devel-1:1.7.0.72-1jpp.2.el6
java-1.7.0-oracle-devel-1:1.7.0.72-1jpp.2.el7
java-1.7.0-oracle-devel-1:1.7.0.72-1jpp.4.el5_11
java-1.7.0-oracle-javafx-1:1.7.0.72-1jpp.2.el6
java-1.7.0-oracle-javafx-1:1.7.0.72-1jpp.2.el7
java-1.7.0-oracle-javafx-1:1.7.0.72-1jpp.4.el5_11
java-1.7.0-oracle-jdbc-1:1.7.0.72-1jpp.2.el6
java-1.7.0-oracle-jdbc-1:1.7.0.72-1jpp.2.el7
java-1.7.0-oracle-jdbc-1:1.7.0.72-1jpp.4.el5_11
java-1.7.0-oracle-plugin-1:1.7.0.72-1jpp.2.el6
java-1.7.0-oracle-plugin-1:1.7.0.72-1jpp.2.el7
java-1.7.0-oracle-plugin-1:1.7.0.72-1jpp.4.el5_11
java-1.7.0-oracle-src-1:1.7.0.72-1jpp.2.el6
java-1.7.0-oracle-src-1:1.7.0.72-1jpp.2.el7
java-1.7.0-oracle-src-1:1.7.0.72-1jpp.4.el5_11
java-1.6.0-sun-1:1.6.0.85-1jpp.2.el6
java-1.6.0-sun-1:1.6.0.85-1jpp.2.el7
java-1.6.0-sun-1:1.6.0.85-1jpp.3.el5_11
java-1.6.0-sun-demo-1:1.6.0.85-1jpp.2.el6
java-1.6.0-sun-demo-1:1.6.0.85-1jpp.2.el7
java-1.6.0-sun-demo-1:1.6.0.85-1jpp.3.el5_11
java-1.6.0-sun-devel-1:1.6.0.85-1jpp.2.el6
java-1.6.0-sun-devel-1:1.6.0.85-1jpp.2.el7
java-1.6.0-sun-devel-1:1.6.0.85-1jpp.3.el5_11
java-1.6.0-sun-jdbc-1:1.6.0.85-1jpp.2.el6
java-1.6.0-sun-jdbc-1:1.6.0.85-1jpp.2.el7
java-1.6.0-sun-jdbc-1:1.6.0.85-1jpp.3.el5_11
java-1.6.0-sun-plugin-1:1.6.0.85-1jpp.2.el6
java-1.6.0-sun-plugin-1:1.6.0.85-1jpp.2.el7
java-1.6.0-sun-plugin-1:1.6.0.85-1jpp.3.el5_11
java-1.6.0-sun-src-1:1.6.0.85-1jpp.2.el6
java-1.6.0-sun-src-1:1.6.0.85-1jpp.2.el7
java-1.6.0-sun-src-1:1.6.0.85-1jpp.3.el5_11

refmap via4

bid	70552
confirm	http://linux.oracle.com/errata/ELSA-2014-1633.html http://linux.oracle.com/errata/ELSA-2014-1634.html http://linux.oracle.com/errata/ELSA-2014-1636 http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html https://kc.mcafee.com/corporate/index?page=content&id=SB10092
debian	DSA-3077 DSA-3080
gentoo	GLSA-201502-12
hp	HPSBUX03218 SSRT101770
secunia	60414 60416 60417 61018 61020 61143 61163 61164 61346 61609 61629 61631 61928
suse	SUSE-SU-2014:1422
ubuntu	USN-2386-1 USN-2388-1 USN-2388-2

Last major update

13-05-2022 - 14:57

Published

15-10-2014 - 22:55

Last modified

13-05-2022 - 14:57