9.3

CVE-2014-2483

Exploit

EPSS 6.06%
Veröffentlicht 17.07.2014 05:10:14
Zuletzt bearbeitet 12.04.2025 10:46:40
Quelle secalert_us@oracle.com
Teams Watchlist Login
Unerledigt Login

Unspecified vulnerability in the Java SE component in Oracle Java SE Java SE 7u60 and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2014-4223. NOTE: the previous information is from the July 2014 CPU. Oracle has not commented on another vendor's claim that the issue is related to improper restriction of the "use of privileged annotations."

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 17

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Debian ≫ Debian Linux Version7.0

Redhat ≫ Enterprise Linux Version5

Redhat ≫ Enterprise Linux Version6.0

Redhat ≫ Enterprise Linux Version7.0

Oracle ≫ Jdk Version1.7.0 Updateupdate60

Oracle ≫ Jre Version1.7.0 Updateupdate60

Oracle ≫ Openjdk Version1.7.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	6.06%	0.904

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.3	8.6	10	AV:N/AC:M/Au:N/C:C/I:C/A:C

http://seclists.org/fulldisclosure/2014/Dec/23

http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html

Vendor Advisory

http://www.securityfocus.com/archive/1/534161/100/0/threaded

http://www.vmware.com/security/advisories/VMSA-2014-0012.html

http://marc.info/?l=bugtraq&m=140852886808946&w=2

http://security.gentoo.org/glsa/glsa-201502-12.xml

http://hg.openjdk.java.net/jdk7u/jdk7u/hotspot/rev/848481af9003

Patch

Exploit

http://secunia.com/advisories/60485

http://secunia.com/advisories/60812

http://www.debian.org/security/2014/dsa-2987

http://www.securityfocus.com/bid/68608

http://www.securitytracker.com/id/1030577

https://access.redhat.com/errata/RHSA-2014:0902

https://bugzilla.redhat.com/show_bug.cgi?id=1119626

https://nvd.nist.gov/vuln/detail/CVE-2014-2483

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2014-2483

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2014-2483

EUVD