ID CVE-2014-4247
Summary Unspecified vulnerability in Oracle Java SE 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX. Per: http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html "Applies to client deployment of Java only. This vulnerability can be exploited only through sandboxed Java Web Start applications and sandboxed Java applets."
References
Vulnerable Configurations
  • cpe:2.3:a:oracle:jdk:1.8.0:update_5:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.8.0:update_5:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.8.0:update_5:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.8.0:update_5:*:*:*:*:*:*
CVSS
Base: 9.3 (as of 09-10-2018 - 19:48)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:M/Au:N/C:C/I:C/A:C
refmap via4
bid 68626
bugtraq 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities
confirm
fulldisc 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities
gentoo GLSA-201502-12
sectrack 1030577
xf oracle-cpujul2014-cve20144247(94592)
Last major update 09-10-2018 - 19:48
Published 17-07-2014 - 11:17
Back to Top