4

CVE-2014-0411

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE.  NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that this issue allows remote attackers to obtain sensitive information about encryption keys via a timing discrepancy during the TLS/SSL handshake.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
OracleJrockit Versionr27.7.7
OracleJrockit Versionr28.2.9
OracleJre Version1.7.0 Updateupdate45
OracleJdk Version1.5.0 Updateupdate55
OracleJre Version1.5.0 Updateupdate55
OracleJdk Version1.6.0 Updateupdate65
OracleJre Version1.6.0 Updateupdate65
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.41% 0.82
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4 4.9 4.9
AV:N/AC:H/Au:N/C:P/I:P/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
Vendor Advisory
http://www.securityfocus.com/bid/64758
https://access.redhat.com/errata/RHSA-2014:0414
http://www.ubuntu.com/usn/USN-2089-1
http://lists.opensuse.org/opensuse-updates/2014-01/msg00105.html
http://lists.opensuse.org/opensuse-updates/2014-01/msg00107.html
http://lists.opensuse.org/opensuse-updates/2014-02/msg00000.html
http://marc.info/?l=bugtraq&m=139402697611681&w=2
http://rhn.redhat.com/errata/RHSA-2014-0026.html
http://rhn.redhat.com/errata/RHSA-2014-0027.html
http://rhn.redhat.com/errata/RHSA-2014-0030.html
http://secunia.com/advisories/56432
http://secunia.com/advisories/56485
http://secunia.com/advisories/56486
http://secunia.com/advisories/56535
http://www.securitytracker.com/id/1029608
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777
http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00009.html
http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00012.html
http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00024.html
http://marc.info/?l=bugtraq&m=139402749111889&w=2
http://rhn.redhat.com/errata/RHSA-2014-0097.html
http://rhn.redhat.com/errata/RHSA-2014-0134.html
http://rhn.redhat.com/errata/RHSA-2014-0135.html
http://www.ubuntu.com/usn/USN-2124-1
http://rhn.redhat.com/errata/RHSA-2014-0136.html
http://secunia.com/advisories/56487
http://secunia.com/advisories/59235
http://secunia.com/advisories/59339
http://www-01.ibm.com/support/docview.wss?uid=swg21676978
http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/d533e96c7acc
http://osvdb.org/102028
http://secunia.com/advisories/57809
http://secunia.com/advisories/59037
http://secunia.com/advisories/59071
http://secunia.com/advisories/59082
http://secunia.com/advisories/59194
http://secunia.com/advisories/59251
http://secunia.com/advisories/59254
http://secunia.com/advisories/59283
http://secunia.com/advisories/59324
http://secunia.com/advisories/59665
http://secunia.com/advisories/59704
http://secunia.com/advisories/59705
http://secunia.com/advisories/59872
http://secunia.com/advisories/60005
http://secunia.com/advisories/60498
http://secunia.com/advisories/60833
http://secunia.com/advisories/60835
http://secunia.com/advisories/60836
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004656
http://www-01.ibm.com/support/docview.wss?uid=swg21669519
http://www-01.ibm.com/support/docview.wss?uid=swg21675938
http://www-01.ibm.com/support/docview.wss?uid=swg21676190
http://www-01.ibm.com/support/docview.wss?uid=swg21676373
http://www-01.ibm.com/support/docview.wss?uid=swg21677388
http://www-01.ibm.com/support/docview.wss?uid=swg21680234
http://www-01.ibm.com/support/docview.wss?uid=swg21680387
http://www-01.ibm.com/support/docview.wss?uid=swg21682668
http://www-01.ibm.com/support/docview.wss?uid=swg21682669
http://www-01.ibm.com/support/docview.wss?uid=swg21682670
http://www-01.ibm.com/support/docview.wss?uid=swg21682671
http://www-01.ibm.com/support/docview.wss?uid=swg21682904
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096132
http://www.ibm.com/support/docview.wss?uid=ssg1S1004745
http://www.ibm.com/support/docview.wss?uid=swg21672078
http://www.securityfocus.com/bid/64918
https://bugzilla.redhat.com/show_bug.cgi?id=1053010
https://exchange.xforce.ibmcloud.com/vulnerabilities/90357
https://www.ibm.com/support/docview.wss?uid=swg21675223
https://www.ibm.com/support/docview.wss?uid=swg21677913