ID CVE-2014-6458
Summary Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
References
Vulnerable Configurations
  • cpe:2.3:a:oracle:jdk:1.6.0:update_81:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.6.0:update_81:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.7.0:update_67:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.7.0:update_67:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.8.0:update_20:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.8.0:update_20:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.6.0:update_81:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.6.0:update_81:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.7.0:update_67:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.7.0:update_67:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.8.0:update_20:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.8.0:update_20:*:*:*:*:*:*
CVSS
Base: 6.9 (as of 03-01-2017 - 02:59)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
LOCAL MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:L/AC:M/Au:N/C:C/I:C/A:C
redhat via4
advisories
  • rhsa
    id RHSA-2014:1657
  • rhsa
    id RHSA-2014:1658
  • rhsa
    id RHSA-2014:1876
  • rhsa
    id RHSA-2014:1877
  • rhsa
    id RHSA-2014:1880
  • rhsa
    id RHSA-2014:1882
  • rhsa
    id RHSA-2015:0264
refmap via4
bid 70460
confirm
gentoo GLSA-201502-12
hp
  • HPSBUX03218
  • SSRT101770
secunia
  • 61163
  • 61164
  • 61609
  • 61635
suse
  • SUSE-SU-2014:1526
  • SUSE-SU-2014:1549
  • SUSE-SU-2015:0344
  • SUSE-SU-2015:0345
  • SUSE-SU-2015:0392
Last major update 03-01-2017 - 02:59
Published 15-10-2014 - 15:55
Back to Top