5

CVE-2014-0368

EPSS 2.28%
Veröffentlicht 15.01.2014 16:08:06
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle secalert_us@oracle.com
Teams Watchlist Login
Unerledigt Login

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45, and Java SE Embedded 7u45, allows remote attackers to affect confidentiality via unknown vectors related to Networking.  NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to incorrect permission checks when listening on a socket, which allows attackers to escape the sandbox.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 35

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Oracle ≫ Jdk Version1.5.0 Updateupdate55

Oracle ≫ Jre Version1.5.0 Updateupdate55

Oracle ≫ Jdk Version1.6.0 Updateupdate65

Oracle ≫ Jre Version1.6.0 Updateupdate65

Oracle ≫ Jdk Version1.7.0 Updateupdate45

Oracle ≫ Jre Version1.7.0 Updateupdate45

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	2.28%	0.84

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N

http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html

Vendor Advisory

http://www.securityfocus.com/bid/64758

https://access.redhat.com/errata/RHSA-2014:0414

http://www.ubuntu.com/usn/USN-2089-1

http://lists.opensuse.org/opensuse-updates/2014-01/msg00105.html

http://lists.opensuse.org/opensuse-updates/2014-01/msg00107.html

http://lists.opensuse.org/opensuse-updates/2014-02/msg00000.html

http://marc.info/?l=bugtraq&m=139402697611681&w=2

http://rhn.redhat.com/errata/RHSA-2014-0026.html

http://rhn.redhat.com/errata/RHSA-2014-0027.html

http://rhn.redhat.com/errata/RHSA-2014-0030.html

http://secunia.com/advisories/56432

http://secunia.com/advisories/56485

http://secunia.com/advisories/56486

http://secunia.com/advisories/56535

http://www.securitytracker.com/id/1029608

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777

http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00009.html

http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00012.html

http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00024.html

http://marc.info/?l=bugtraq&m=139402749111889&w=2

http://rhn.redhat.com/errata/RHSA-2014-0097.html

http://rhn.redhat.com/errata/RHSA-2014-0134.html

http://rhn.redhat.com/errata/RHSA-2014-0135.html

http://www.ubuntu.com/usn/USN-2124-1

http://rhn.redhat.com/errata/RHSA-2014-0136.html

http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/e6160aedadd5

http://secunia.com/advisories/59235

http://secunia.com/advisories/59339

http://www-01.ibm.com/support/docview.wss?uid=swg21676978

http://www.securityfocus.com/bid/64930

https://bugzilla.redhat.com/show_bug.cgi?id=1052919

https://nvd.nist.gov/vuln/detail/CVE-2014-0368

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2014-0368

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2014-0368

EUVD