Vulnerability Change Records for CVE-2014-0050

Change History

CVE Modified by Red Hat, Inc. 1/06/2017 9:59:14 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.vmware.com/security/advisories/VMSA-2014-0008.html [No Types Assigned]

CVE Modified by Source 4/14/2015 9:59:54 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://packetstormsecurity.com/files/131271/VMware-Security-Advisory-2015-0003.html
Added Reference

								
							
							
						
http://seclists.org/fulldisclosure/2015/Apr/5
Added Reference

								
							
							
						
http://www.securityfocus.com/archive/1/archive/1/535181/100/0/threaded

Modified Analysis 11/05/2015 2:10:02 PM

Action Type Old Value New Value
Changed CPE Configuration
Configuration 1
     OR
          *cpe:2.3:a:apache:tomcat:7.0.0:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.0:beta:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.1:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.10:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.11:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.12:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.13:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.14:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.15:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.16:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.17:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.18:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.19:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.2:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.2:beta:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.20:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.21:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.22:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.23:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.24:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.25:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.26:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.27:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.28:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.29:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.3:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.30:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.31:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.32:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.33:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.34:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.35:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.36:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.37:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.38:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.39:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.4:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.4:beta:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.40:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.41:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.42:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.43:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.44:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.45:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.46:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.47:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.48:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.49:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.5:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.50:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.6:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.7:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.8:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.9:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:8.0.0:rc5:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:8.0.1:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:8.0.0:rc10:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:8.0.0:rc1:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:8.0.0:rc2:*:*:*:*:*:*
          *cpe:2.3:a:apache:commons_fileupload:1.0:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:commons_fileupload:1.1:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:commons_fileupload:1.1.1:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:commons_fileupload:1.2:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:commons_fileupload:1.2.1:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:commons_fileupload:1.2.2:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:commons_fileupload:1.3:*:*:*:*:*:*:* (and previous)
Configuration 1
     OR
          *cpe:2.3:a:apache:tomcat:7.0.0:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.0:beta:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.1:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.10:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.11:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.12:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.13:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.14:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.15:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.16:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.17:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.18:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.19:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.2:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.2:beta:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.20:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.21:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.22:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.23:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.24:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.25:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.26:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.27:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.28:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.29:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.3:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.30:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.31:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.32:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.33:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.34:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.35:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.36:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.37:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.38:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.39:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.4:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.4:beta:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.40:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.41:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.42:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.43:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.44:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.45:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.46:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.47:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.48:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.49:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.5:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.50:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.6:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.7:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.8:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:7.0.9:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:8.0.0:rc5:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:8.0.1:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:8.0.0:rc10:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:8.0.0:rc1:*:*:*:*:*:*
          *cpe:2.3:a:apache:tomcat:8.0.0:rc2:*:*:*:*:*:*
          *cpe:2.3:a:apache:commons_fileupload:1.0:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:commons_fileupload:1.1:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:commons_fileupload:1.1.1:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:commons_fileupload:1.2:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:commons_fileupload:1.2.1:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:commons_fileupload:1.2.2:*:*:*:*:*:*:*
          *cpe:2.3:a:apache:commons_fileupload:1.3:*:*:*:*:*:*:* (and previous)
Configuration 2
     OR
          *cpe:2.3:a:oracle:retail_applications:12.0:*:*:*:*:*:*:*
          *cpe:2.3:a:oracle:retail_applications:12.0in:*:*:*:*:*:*:*
          *cpe:2.3:a:oracle:retail_applications:13.0:*:*:*:*:*:*:*
          *cpe:2.3:a:oracle:retail_applications:13.1:*:*:*:*:*:*:*
          *cpe:2.3:a:oracle:retail_applications:13.2:*:*:*:*:*:*:*
          *cpe:2.3:a:oracle:retail_applications:13.3:*:*:*:*:*:*:*
          *cpe:2.3:a:oracle:retail_applications:13.4:*:*:*:*:*:*:*
          *cpe:2.3:a:oracle:retail_applications:14.0:*:*:*:*:*:*:*
Changed CVSS V2
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Added Evaluator Description

								
							
							
						
The previous CVSS assessment ( Base Score: 5.0 -  AV:N/AC:L/AU:N/C:N/I:N/A:P) was provided at the time of initial analysis based on the best available published information at that time.  The score has been updated to reflect the impact to Oracle products per <a href=http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html> Oracle Critical Patch Update Advisory - October 2015 </a>. Other products listed as vulnerable may or may not be similarly impacted.

CVE Modified by Red Hat, Inc. 12/15/2017 9:29:01 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://rhn.redhat.com/errata/RHSA-2014-0252.html [No Types Assigned]
Added Reference

								
							
							
						
http://rhn.redhat.com/errata/RHSA-2014-0253.html [No Types Assigned]
Added Reference

								
							
							
						
http://www.debian.org/security/2014/dsa-2856 [No Types Assigned]
Added Reference

								
							
							
						
http://www.ubuntu.com/usn/USN-2130-1 [No Types Assigned]

Initial CVE Analysis 4/01/2014 6:1:08 AM

Action Type Old Value New Value

CVE Modified by Source 4/16/2015 9:59:04 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html

CVE Modified by Red Hat, Inc. 10/09/2018 3:35:09 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.securityfocus.com/archive/1/532549/100/0/threaded [No Types Assigned]
Added Reference

								
							
							
						
http://www.securityfocus.com/archive/1/534161/100/0/threaded [No Types Assigned]
Removed Reference
http://www.securityfocus.com/archive/1/archive/1/532549/100/0/threaded [No Types Assigned]

								
						
Removed Reference
http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded [No Types Assigned]

								
						

CVE Modified by Source 1/21/2016 9:59:12 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html

CVE Modified by Source 4/01/2015 9:59:10 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://advisories.mageia.org/MGASA-2014-0110.html
Added Reference

								
							
							
						
http://www.mandriva.com/security/advisories?name=MDVSA-2015:084

CVE Modified by Red Hat, Inc. 10/19/2017 9:29:01 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html [No Types Assigned]

CVE Modified by Red Hat, Inc. 1/19/2017 9:59:02 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05376917 [No Types Assigned]

CVE Modified by Source 8/22/2016 10:6:34 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://marc.info/?l=bugtraq&m=143136844732487&w=2

CVE Modified by Source 1/22/2015 9:0:05 AM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html

CVE Modified by Source 4/06/2016 9:59:04 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
Removed Reference
http://www.oracle.com/technetwork/topics/security/alerts-086861.html

								
						

CVE Modified by Source 5/15/2015 9:59:14 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www-01.ibm.com/support/docview.wss?uid=swg21669554
Added Reference

								
							
							
						
http://www-01.ibm.com/support/docview.wss?uid=swg21676091
Added Reference

								
							
							
						
http://www-01.ibm.com/support/docview.wss?uid=swg21676092

CVE Modified by Source 12/11/2014 10:0:15 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://seclists.org/fulldisclosure/2014/Dec/23
Added Reference

								
							
							
						
http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded
Added Reference

								
							
							
						
http://www.vmware.com/security/advisories/VMSA-2014-0012.html

CVE Modified by Source 6/16/2016 9:59:43 PM

Action Type Old Value New Value
Removed Reference
http://packetstormsecurity.com/files/131271/VMware-Security-Advisory-2015-0003.html

								
						
Removed Reference
http://seclists.org/fulldisclosure/2015/Apr/5

								
						
Removed Reference
http://www.securityfocus.com/archive/1/archive/1/535181/100/0/threaded

								
						

CVE Modified by Source 10/22/2015 9:59:17 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.oracle.com/technetwork/topics/security/alerts-086861.html

CVE Modified by Source 11/04/2016 9:59:03 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324755

CVE Modified by Source 10/25/2016 9:59:21 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

CVE Modified by Red Hat, Inc. 2/16/2017 9:59:00 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722 [No Types Assigned]