ID CVE-2014-6517
Summary Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20; Java SE Embedded 7u60; and Jrockit R27.8.3 and R28.3.3 allows remote attackers to affect confidentiality via vectors related to JAXP.
References
Vulnerable Configurations
  • cpe:2.3:a:oracle:jrockit:r27.8.3:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:jrockit:r27.8.3:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jrockit:r28.3.3:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:jrockit:r28.3.3:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.6.0:update_81:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.6.0:update_81:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.7.0:update_60:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.7.0:update_60:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.7.0:update_67:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.7.0:update_67:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.8.0:update_20:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.8.0:update_20:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.6.0:update_81:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.6.0:update_81:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.7.0:update_60:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.7.0:update_60:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.7.0:update_67:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.7.0:update_67:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.8.0:update_20:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.8.0:update_20:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 03-01-2017 - 02:59)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:N/A:N
redhat via4
advisories
  • rhsa
    id RHSA-2014:1620
  • rhsa
    id RHSA-2014:1633
  • rhsa
    id RHSA-2014:1634
  • rhsa
    id RHSA-2014:1636
  • rhsa
    id RHSA-2014:1657
  • rhsa
    id RHSA-2014:1658
rpms
  • java-1.7.0-openjdk-1:1.7.0.71-2.5.3.1.el7_0
  • java-1.7.0-openjdk-accessibility-1:1.7.0.71-2.5.3.1.el7_0
  • java-1.7.0-openjdk-demo-1:1.7.0.71-2.5.3.1.el7_0
  • java-1.7.0-openjdk-devel-1:1.7.0.71-2.5.3.1.el7_0
  • java-1.7.0-openjdk-headless-1:1.7.0.71-2.5.3.1.el7_0
  • java-1.7.0-openjdk-javadoc-1:1.7.0.71-2.5.3.1.el7_0
  • java-1.7.0-openjdk-src-1:1.7.0.71-2.5.3.1.el7_0
  • java-1.7.0-openjdk-1:1.7.0.71-2.5.3.1.el6
  • java-1.7.0-openjdk-demo-1:1.7.0.71-2.5.3.1.el6
  • java-1.7.0-openjdk-devel-1:1.7.0.71-2.5.3.1.el6
  • java-1.7.0-openjdk-javadoc-1:1.7.0.71-2.5.3.1.el6
  • java-1.7.0-openjdk-src-1:1.7.0.71-2.5.3.1.el6
  • java-1.7.0-openjdk-1:1.7.0.71-2.5.3.1.el5_11
  • java-1.7.0-openjdk-demo-1:1.7.0.71-2.5.3.1.el5_11
  • java-1.7.0-openjdk-devel-1:1.7.0.71-2.5.3.1.el5_11
  • java-1.7.0-openjdk-javadoc-1:1.7.0.71-2.5.3.1.el5_11
  • java-1.7.0-openjdk-src-1:1.7.0.71-2.5.3.1.el5_11
  • java-1.6.0-openjdk-1:1.6.0.33-1.13.5.0.el5_11
  • java-1.6.0-openjdk-demo-1:1.6.0.33-1.13.5.0.el5_11
  • java-1.6.0-openjdk-devel-1:1.6.0.33-1.13.5.0.el5_11
  • java-1.6.0-openjdk-javadoc-1:1.6.0.33-1.13.5.0.el5_11
  • java-1.6.0-openjdk-src-1:1.6.0.33-1.13.5.0.el5_11
  • java-1.6.0-openjdk-1:1.6.0.33-1.13.5.0.el7_0
  • java-1.6.0-openjdk-demo-1:1.6.0.33-1.13.5.0.el7_0
  • java-1.6.0-openjdk-devel-1:1.6.0.33-1.13.5.0.el7_0
  • java-1.6.0-openjdk-javadoc-1:1.6.0.33-1.13.5.0.el7_0
  • java-1.6.0-openjdk-src-1:1.6.0.33-1.13.5.0.el7_0
  • java-1.6.0-openjdk-1:1.6.0.33-1.13.5.0.el6_6
  • java-1.6.0-openjdk-demo-1:1.6.0.33-1.13.5.0.el6_6
  • java-1.6.0-openjdk-devel-1:1.6.0.33-1.13.5.0.el6_6
  • java-1.6.0-openjdk-javadoc-1:1.6.0.33-1.13.5.0.el6_6
  • java-1.6.0-openjdk-src-1:1.6.0.33-1.13.5.0.el6_6
  • java-1.8.0-openjdk-0:1.8.0.25-1.b17.el6
  • java-1.8.0-openjdk-demo-0:1.8.0.25-1.b17.el6
  • java-1.8.0-openjdk-devel-0:1.8.0.25-1.b17.el6
  • java-1.8.0-openjdk-headless-0:1.8.0.25-1.b17.el6
  • java-1.8.0-openjdk-javadoc-0:1.8.0.25-1.b17.el6
  • java-1.8.0-openjdk-src-0:1.8.0.25-1.b17.el6
refmap via4
bid 70552
confirm
debian
  • DSA-3077
  • DSA-3080
gentoo GLSA-201502-12
hp
  • HPSBUX03218
  • SSRT101770
secunia
  • 60414
  • 60416
  • 60417
  • 61018
  • 61020
  • 61143
  • 61163
  • 61164
  • 61346
  • 61609
  • 61629
  • 61631
  • 61928
suse SUSE-SU-2014:1422
ubuntu
  • USN-2386-1
  • USN-2388-1
  • USN-2388-2
Last major update 03-01-2017 - 02:59
Published 15-10-2014 - 22:55
Back to Top