5

CVE-2014-0368

EPSS 2.28%
Published 15.01.2014 16:08:06
Last modified 11.04.2025 00:51:21
Source secalert_us@oracle.com
Teams watchlist Login
Open Login

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45, and Java SE Embedded 7u45, allows remote attackers to affect confidentiality via unknown vectors related to Networking.  NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to incorrect permission checks when listening on a socket, which allows attackers to escape the sandbox.

Affected products Warnungen 0 Metrics 2 CWE 0 References 35

Data is provided by the National Vulnerability Database (NVD)

Oracle ≫ Jdk Version1.5.0 Updateupdate55

Oracle ≫ Jre Version1.5.0 Updateupdate55

Oracle ≫ Jdk Version1.6.0 Updateupdate65

Oracle ≫ Jre Version1.6.0 Updateupdate65

Oracle ≫ Jdk Version1.7.0 Updateupdate45

Oracle ≫ Jre Version1.7.0 Updateupdate45

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	2.28%	0.84

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N

http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html

Vendor Advisory

http://www.securityfocus.com/bid/64758

https://access.redhat.com/errata/RHSA-2014:0414

http://www.ubuntu.com/usn/USN-2089-1

http://lists.opensuse.org/opensuse-updates/2014-01/msg00105.html

http://lists.opensuse.org/opensuse-updates/2014-01/msg00107.html

http://lists.opensuse.org/opensuse-updates/2014-02/msg00000.html

http://marc.info/?l=bugtraq&m=139402697611681&w=2

http://rhn.redhat.com/errata/RHSA-2014-0026.html

http://rhn.redhat.com/errata/RHSA-2014-0027.html

http://rhn.redhat.com/errata/RHSA-2014-0030.html

http://secunia.com/advisories/56432

http://secunia.com/advisories/56485

http://secunia.com/advisories/56486

http://secunia.com/advisories/56535

http://www.securitytracker.com/id/1029608

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777

http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00009.html

http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00012.html

http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00024.html

http://marc.info/?l=bugtraq&m=139402749111889&w=2

http://rhn.redhat.com/errata/RHSA-2014-0097.html

http://rhn.redhat.com/errata/RHSA-2014-0134.html

http://rhn.redhat.com/errata/RHSA-2014-0135.html

http://www.ubuntu.com/usn/USN-2124-1

http://rhn.redhat.com/errata/RHSA-2014-0136.html

http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/e6160aedadd5

http://secunia.com/advisories/59235

http://secunia.com/advisories/59339

http://www-01.ibm.com/support/docview.wss?uid=swg21676978

http://www.securityfocus.com/bid/64930

https://bugzilla.redhat.com/show_bug.cgi?id=1052919

https://nvd.nist.gov/vuln/detail/CVE-2014-0368

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2014-0368

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2014-0368

EUVD