CVE-2014-0460 - Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1;

CVE-2014-0460

Summary

Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via vectors related to JNDI.

References

Vulnerable Configurations

cpe:2.3:a:oracle:jdk:1.5.0:update_61:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.5.0:update_61:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update_71:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update_71:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update51:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update51:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.8.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.8.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.5.0:update_61:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.5.0:update_61:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update_71:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update_71:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update_51:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update_51:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.8.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.8.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jrockit:r27.8.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jrockit:r27.8.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jrockit:r28.3.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jrockit:r28.3.1:*:*:*:*:*:*:*
cpe:2.3:a:juniper:junos_space:15.1:*:*:*:*:*:*:*
cpe:2.3:a:juniper:junos_space:15.1:*:*:*:*:*:*:*

CVSS

Base:	5.8 (as of 08-09-2020 - 13:00)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	NONE

cvss-vector via4

AV:N/AC:M/Au:N/C:P/I:P/A:N

redhat via4

advisories

rhsa
id RHSA-2014:0413
rhsa
id RHSA-2014:0414
rhsa
id RHSA-2014:0675
rhsa
id RHSA-2014:0685

rpms

java-1.7.0-openjdk-1:1.7.0.55-2.4.7.1.el6_5
java-1.7.0-openjdk-debuginfo-1:1.7.0.55-2.4.7.1.el6_5
java-1.7.0-openjdk-demo-1:1.7.0.55-2.4.7.1.el6_5
java-1.7.0-openjdk-devel-1:1.7.0.55-2.4.7.1.el6_5
java-1.7.0-openjdk-javadoc-1:1.7.0.55-2.4.7.1.el6_5
java-1.7.0-openjdk-src-1:1.7.0.55-2.4.7.1.el6_5
java-1.7.0-openjdk-1:1.7.0.55-2.4.7.1.el5_10
java-1.7.0-openjdk-debuginfo-1:1.7.0.55-2.4.7.1.el5_10
java-1.7.0-openjdk-demo-1:1.7.0.55-2.4.7.1.el5_10
java-1.7.0-openjdk-devel-1:1.7.0.55-2.4.7.1.el5_10
java-1.7.0-openjdk-javadoc-1:1.7.0.55-2.4.7.1.el5_10
java-1.7.0-openjdk-src-1:1.7.0.55-2.4.7.1.el5_10
java-1.6.0-openjdk-1:1.6.0.0-5.1.13.3.el5_10
java-1.6.0-openjdk-1:1.6.0.0-5.1.13.3.el6_5
java-1.6.0-openjdk-debuginfo-1:1.6.0.0-5.1.13.3.el5_10
java-1.6.0-openjdk-debuginfo-1:1.6.0.0-5.1.13.3.el6_5
java-1.6.0-openjdk-demo-1:1.6.0.0-5.1.13.3.el5_10
java-1.6.0-openjdk-demo-1:1.6.0.0-5.1.13.3.el6_5
java-1.6.0-openjdk-devel-1:1.6.0.0-5.1.13.3.el5_10
java-1.6.0-openjdk-devel-1:1.6.0.0-5.1.13.3.el6_5
java-1.6.0-openjdk-javadoc-1:1.6.0.0-5.1.13.3.el5_10
java-1.6.0-openjdk-javadoc-1:1.6.0.0-5.1.13.3.el6_5
java-1.6.0-openjdk-src-1:1.6.0.0-5.1.13.3.el5_10
java-1.6.0-openjdk-src-1:1.6.0.0-5.1.13.3.el6_5
java-1.7.0-oracle-1:1.7.0.55-1jpp.1.el6_5
java-1.7.0-oracle-1:1.7.0.55-1jpp.2.el5_10
java-1.7.0-oracle-devel-1:1.7.0.55-1jpp.1.el6_5
java-1.7.0-oracle-devel-1:1.7.0.55-1jpp.2.el5_10
java-1.7.0-oracle-javafx-1:1.7.0.55-1jpp.1.el6_5
java-1.7.0-oracle-javafx-1:1.7.0.55-1jpp.2.el5_10
java-1.7.0-oracle-jdbc-1:1.7.0.55-1jpp.1.el6_5
java-1.7.0-oracle-jdbc-1:1.7.0.55-1jpp.2.el5_10
java-1.7.0-oracle-plugin-1:1.7.0.55-1jpp.1.el6_5
java-1.7.0-oracle-plugin-1:1.7.0.55-1jpp.2.el5_10
java-1.7.0-oracle-src-1:1.7.0.55-1jpp.1.el6_5
java-1.7.0-oracle-src-1:1.7.0.55-1jpp.2.el5_10
java-1.7.0-oracle-1:1.7.0.55-1jpp.1.el6_5
java-1.7.0-oracle-1:1.7.0.55-1jpp.2.el5_10
java-1.7.0-oracle-devel-1:1.7.0.55-1jpp.1.el6_5
java-1.7.0-oracle-devel-1:1.7.0.55-1jpp.2.el5_10
java-1.7.0-oracle-javafx-1:1.7.0.55-1jpp.1.el6_5
java-1.7.0-oracle-javafx-1:1.7.0.55-1jpp.2.el5_10
java-1.7.0-oracle-jdbc-1:1.7.0.55-1jpp.1.el6_5
java-1.7.0-oracle-jdbc-1:1.7.0.55-1jpp.2.el5_10
java-1.7.0-oracle-plugin-1:1.7.0.55-1jpp.1.el6_5
java-1.7.0-oracle-plugin-1:1.7.0.55-1jpp.2.el5_10
java-1.7.0-oracle-src-1:1.7.0.55-1jpp.1.el6_5
java-1.7.0-oracle-src-1:1.7.0.55-1jpp.2.el5_10
java-1.6.0-sun-1:1.6.0.75-1jpp.1.el6_5
java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10
java-1.6.0-sun-demo-1:1.6.0.75-1jpp.1.el6_5
java-1.6.0-sun-demo-1:1.6.0.75-1jpp.3.el5_10
java-1.6.0-sun-devel-1:1.6.0.75-1jpp.1.el6_5
java-1.6.0-sun-devel-1:1.6.0.75-1jpp.3.el5_10
java-1.6.0-sun-jdbc-1:1.6.0.75-1jpp.1.el6_5
java-1.6.0-sun-jdbc-1:1.6.0.75-1jpp.3.el5_10
java-1.6.0-sun-plugin-1:1.6.0.75-1jpp.1.el6_5
java-1.6.0-sun-plugin-1:1.6.0.75-1jpp.3.el5_10
java-1.6.0-sun-src-1:1.6.0.75-1jpp.1.el6_5
java-1.6.0-sun-src-1:1.6.0.75-1jpp.3.el5_10
java-1.7.0-ibm-1:1.7.0.7.0-1jpp.1.el5_10
java-1.7.0-ibm-1:1.7.0.7.0-1jpp.1.el6_5
java-1.7.0-ibm-demo-1:1.7.0.7.0-1jpp.1.el5_10
java-1.7.0-ibm-demo-1:1.7.0.7.0-1jpp.1.el6_5
java-1.7.0-ibm-devel-1:1.7.0.7.0-1jpp.1.el5_10
java-1.7.0-ibm-devel-1:1.7.0.7.0-1jpp.1.el6_5
java-1.7.0-ibm-jdbc-1:1.7.0.7.0-1jpp.1.el5_10
java-1.7.0-ibm-jdbc-1:1.7.0.7.0-1jpp.1.el6_5
java-1.7.0-ibm-plugin-1:1.7.0.7.0-1jpp.1.el5_10
java-1.7.0-ibm-plugin-1:1.7.0.7.0-1jpp.1.el6_5
java-1.7.0-ibm-src-1:1.7.0.7.0-1jpp.1.el5_10
java-1.7.0-ibm-src-1:1.7.0.7.0-1jpp.1.el6_5
java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5_10
java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6_5
java-1.6.0-ibm-accessibility-1:1.6.0.16.0-1jpp.1.el5_10
java-1.6.0-ibm-demo-1:1.6.0.16.0-1jpp.1.el5_10
java-1.6.0-ibm-demo-1:1.6.0.16.0-1jpp.1.el6_5
java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5_10
java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6_5
java-1.6.0-ibm-javacomm-1:1.6.0.16.0-1jpp.1.el5_10
java-1.6.0-ibm-javacomm-1:1.6.0.16.0-1jpp.1.el6_5
java-1.6.0-ibm-jdbc-1:1.6.0.16.0-1jpp.1.el5_10
java-1.6.0-ibm-jdbc-1:1.6.0.16.0-1jpp.1.el6_5
java-1.6.0-ibm-plugin-1:1.6.0.16.0-1jpp.1.el5_10
java-1.6.0-ibm-plugin-1:1.6.0.16.0-1jpp.1.el6_5
java-1.6.0-ibm-src-1:1.6.0.16.0-1jpp.1.el5_10
java-1.6.0-ibm-src-1:1.6.0.16.0-1jpp.1.el6_5
java-1.5.0-ibm-1:1.5.0.16.6-1jpp.1.el5_10
java-1.5.0-ibm-1:1.5.0.16.6-1jpp.1.el6_5
java-1.5.0-ibm-accessibility-1:1.5.0.16.6-1jpp.1.el5_10
java-1.5.0-ibm-demo-1:1.5.0.16.6-1jpp.1.el5_10
java-1.5.0-ibm-demo-1:1.5.0.16.6-1jpp.1.el6_5
java-1.5.0-ibm-devel-1:1.5.0.16.6-1jpp.1.el5_10
java-1.5.0-ibm-devel-1:1.5.0.16.6-1jpp.1.el6_5
java-1.5.0-ibm-javacomm-1:1.5.0.16.6-1jpp.1.el5_10
java-1.5.0-ibm-javacomm-1:1.5.0.16.6-1jpp.1.el6_5
java-1.5.0-ibm-jdbc-1:1.5.0.16.6-1jpp.1.el5_10
java-1.5.0-ibm-jdbc-1:1.5.0.16.6-1jpp.1.el6_5
java-1.5.0-ibm-plugin-1:1.5.0.16.6-1jpp.1.el5_10
java-1.5.0-ibm-plugin-1:1.5.0.16.6-1jpp.1.el6_5
java-1.5.0-ibm-src-1:1.5.0.16.6-1jpp.1.el5_10
java-1.5.0-ibm-src-1:1.5.0.16.6-1jpp.1.el6_5
java-1.7.0-openjdk-1:1.7.0.55-2.4.7.2.el7_0
java-1.7.0-openjdk-accessibility-1:1.7.0.55-2.4.7.2.el7_0
java-1.7.0-openjdk-debuginfo-1:1.7.0.55-2.4.7.2.el7_0
java-1.7.0-openjdk-demo-1:1.7.0.55-2.4.7.2.el7_0
java-1.7.0-openjdk-devel-1:1.7.0.55-2.4.7.2.el7_0
java-1.7.0-openjdk-headless-1:1.7.0.55-2.4.7.2.el7_0
java-1.7.0-openjdk-javadoc-1:1.7.0.55-2.4.7.2.el7_0
java-1.7.0-openjdk-src-1:1.7.0.55-2.4.7.2.el7_0
java-1.6.0-openjdk-1:1.6.0.0-6.1.13.3.el7_0
java-1.6.0-openjdk-debuginfo-1:1.6.0.0-6.1.13.3.el7_0
java-1.6.0-openjdk-demo-1:1.6.0.0-6.1.13.3.el7_0
java-1.6.0-openjdk-devel-1:1.6.0.0-6.1.13.3.el7_0
java-1.6.0-openjdk-javadoc-1:1.6.0.0-6.1.13.3.el7_0
java-1.6.0-openjdk-src-1:1.6.0.0-6.1.13.3.el7_0
java-1.7.1-ibm-1:1.7.1.1.0-1jpp.2.el7_0
java-1.7.1-ibm-demo-1:1.7.1.1.0-1jpp.2.el7_0
java-1.7.1-ibm-devel-1:1.7.1.1.0-1jpp.2.el7_0
java-1.7.1-ibm-jdbc-1:1.7.1.1.0-1jpp.2.el7_0
java-1.7.1-ibm-plugin-1:1.7.1.1.0-1jpp.2.el7_0
java-1.7.1-ibm-src-1:1.7.1.1.0-1jpp.2.el7_0
java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5
java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6
java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5
java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6

refmap via4

bid	66916
confirm	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698 http://www-01.ibm.com/support/docview.wss?uid=swg21672080 http://www-01.ibm.com/support/docview.wss?uid=swg21673836 http://www-01.ibm.com/support/docview.wss?uid=swg21674539 http://www-01.ibm.com/support/docview.wss?uid=swg21676315 http://www-01.ibm.com/support/docview.wss?uid=swg21676672 http://www-01.ibm.com/support/docview.wss?uid=swg21676746 http://www-01.ibm.com/support/docview.wss?uid=swg21677294 http://www-01.ibm.com/support/docview.wss?uid=swg21679713 http://www-01.ibm.com/support/docview.wss?uid=swg21681018 http://www-01.ibm.com/support/docview.wss?uid=swg21681256 http://www-01.ibm.com/support/docview.wss?uid=swg21683484 http://www-01.ibm.com/support/docview.wss?uid=swg21686717 http://www.ibm.com/support/docview.wss?uid=swg21675343 http://www.ibm.com/support/docview.wss?uid=swg21675588 http://www.ibm.com/support/docview.wss?uid=swg21677387 http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html
debian	DSA-2912
gentoo	GLSA-201406-32 GLSA-201502-12
hp	HPSBUX03091 HPSBUX03092 SSRT101667 SSRT101668
secunia	58415 59022 59023 59058 59071 59082 59250 59255 59307 59436 59516 59642 59704 59705 59706 60003 60111 60117 61264
ubuntu	USN-2187-1 USN-2191-1

Last major update

08-09-2020 - 13:00

Published

16-04-2014 - 01:55

Last modified

08-09-2020 - 13:00