9.3

CVE-2014-2483

Exploit
Unspecified vulnerability in the Java SE component in Oracle Java SE Java SE 7u60 and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2014-4223. NOTE: the previous information is from the July 2014 CPU. Oracle has not commented on another vendor's claim that the issue is related to improper restriction of the "use of privileged annotations."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
DebianDebian Linux Version7.0
RedhatEnterprise Linux Version5
RedhatEnterprise Linux Version6.0
RedhatEnterprise Linux Version7.0
OracleJdk Version1.7.0 Updateupdate60
OracleJre Version1.7.0 Updateupdate60
OracleOpenjdk Version1.7.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 5.23% 0.914
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://seclists.org/fulldisclosure/2014/Dec/23
http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
Vendor Advisory
http://www.securityfocus.com/archive/1/534161/100/0/threaded
http://www.vmware.com/security/advisories/VMSA-2014-0012.html
http://marc.info/?l=bugtraq&m=140852886808946&w=2
http://security.gentoo.org/glsa/glsa-201502-12.xml
http://hg.openjdk.java.net/jdk7u/jdk7u/hotspot/rev/848481af9003
Patch
Exploit
http://secunia.com/advisories/60485
http://secunia.com/advisories/60812
http://www.debian.org/security/2014/dsa-2987
http://www.securityfocus.com/bid/68608
http://www.securitytracker.com/id/1030577
https://access.redhat.com/errata/RHSA-2014:0902
https://bugzilla.redhat.com/show_bug.cgi?id=1119626