National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

CVE-2014-4244 Detail

Description

Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5, and JRockit R27.8.2 and JRockit R28.3.2, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security.

Source:  MITRE      Last Modified:  07/17/2014

Evaluator Description

Per: http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html "Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service."

Quick Info

CVE Dictionary Entry:
CVE-2014-4244
Original release date:
07/17/2014
Last revised:
01/04/2018
Source:
US-CERT/NIST

Impact

CVSS Severity (version 2.0):
CVSS v2 Base Score:
4.0 MEDIUM
Vector:
(AV:N/AC:H/Au:N/C:P/I:P/A:N) (legend)
Impact Subscore:
4.9
Exploitability Subscore:
4.9
CVSS Version 2 Metrics:
Access Vector:
Network exploitable
Access Complexity:
High
Authentication:
Not required to exploit
Impact Type:
Allows unauthorized disclosure of information; Allows unauthorized modification

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

Hyperlink Resource Type Source Name
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html External Source SUSE SUSE-SU-2015:0344
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html External Source SUSE SUSE-SU-2015:0376
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html External Source SUSE SUSE-SU-2015:0392
http://marc.info/?l=bugtraq&m=140852886808946&w=2 External Source HP SSRT101667
http://marc.info/?l=bugtraq&m=140852974709252&w=2 External Source HP SSRT101668
http://rhn.redhat.com/errata/RHSA-2015-0264.html External Source REDHAT RHSA-2015:0264
http://seclists.org/fulldisclosure/2014/Dec/23 External Source FULLDISC 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities
http://secunia.com/advisories/59404 External Source SECUNIA 59404
http://secunia.com/advisories/59680 External Source SECUNIA 59680
http://secunia.com/advisories/59924 External Source SECUNIA 59924
http://secunia.com/advisories/59985 External Source SECUNIA 59985
http://secunia.com/advisories/59986 External Source SECUNIA 59986
http://secunia.com/advisories/59987 External Source SECUNIA 59987
http://secunia.com/advisories/60002 External Source SECUNIA 60002
http://secunia.com/advisories/60031 External Source SECUNIA 60031
http://secunia.com/advisories/60032 External Source SECUNIA 60032
http://secunia.com/advisories/60129 External Source SECUNIA 60129
http://secunia.com/advisories/60335 External Source SECUNIA 60335
http://secunia.com/advisories/60485 External Source SECUNIA 60485
http://secunia.com/advisories/60497 External Source SECUNIA 60497
http://secunia.com/advisories/60622 External Source SECUNIA 60622
http://secunia.com/advisories/60812 External Source SECUNIA 60812
http://secunia.com/advisories/60817 External Source SECUNIA 60817
http://secunia.com/advisories/61254 External Source SECUNIA 61254
http://secunia.com/advisories/61264 External Source SECUNIA 61264
http://secunia.com/advisories/61417 External Source SECUNIA 61417
http://security.gentoo.org/glsa/glsa-201502-12.xml External Source GENTOO GLSA-201502-12
http://www.debian.org/security/2014/dsa-2980 External Source DEBIAN DSA-2980
http://www.debian.org/security/2014/dsa-2987 External Source DEBIAN DSA-2987
http://www.ibm.com/support/docview.wss?uid=swg21683518 External Source CONFIRM http://www.ibm.com/support/docview.wss?uid=swg21683518
http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html Vendor Advisory External Source CONFIRM http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
http://www.securityfocus.com/archive/1/archive/1/534161/100/0/threaded External Source BUGTRAQ 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities
http://www.securityfocus.com/bid/68624 External Source BID 68624
http://www.securitytracker.com/id/1030577 External Source SECTRACK 1030577
http://www.vmware.com/security/advisories/VMSA-2014-0012.html External Source CONFIRM http://www.vmware.com/security/advisories/VMSA-2014-0012.html
http://www-01.ibm.com/support/docview.wss?uid=swg21680334 External Source CONFIRM http://www-01.ibm.com/support/docview.wss?uid=swg21680334
http://www-01.ibm.com/support/docview.wss?uid=swg21681379 External Source CONFIRM http://www-01.ibm.com/support/docview.wss?uid=swg21681379
http://www-01.ibm.com/support/docview.wss?uid=swg21681966 External Source CONFIRM http://www-01.ibm.com/support/docview.wss?uid=swg21681966
http://www-01.ibm.com/support/docview.wss?uid=swg21683338 External Source CONFIRM http://www-01.ibm.com/support/docview.wss?uid=swg21683338
http://www-01.ibm.com/support/docview.wss?uid=swg21683429 External Source CONFIRM http://www-01.ibm.com/support/docview.wss?uid=swg21683429
http://www-01.ibm.com/support/docview.wss?uid=swg21683438 External Source CONFIRM http://www-01.ibm.com/support/docview.wss?uid=swg21683438
http://www-01.ibm.com/support/docview.wss?uid=swg21683484 External Source CONFIRM http://www-01.ibm.com/support/docview.wss?uid=swg21683484
http://www-01.ibm.com/support/docview.wss?uid=swg21685121 External Source CONFIRM http://www-01.ibm.com/support/docview.wss?uid=swg21685121
http://www-01.ibm.com/support/docview.wss?uid=swg21685122 External Source CONFIRM http://www-01.ibm.com/support/docview.wss?uid=swg21685122
http://www-01.ibm.com/support/docview.wss?uid=swg21685178 External Source CONFIRM http://www-01.ibm.com/support/docview.wss?uid=swg21685178
http://www-01.ibm.com/support/docview.wss?uid=swg21685242 External Source CONFIRM http://www-01.ibm.com/support/docview.wss?uid=swg21685242
http://www-01.ibm.com/support/docview.wss?uid=swg21686142 External Source CONFIRM http://www-01.ibm.com/support/docview.wss?uid=swg21686142
http://www-01.ibm.com/support/docview.wss?uid=swg21686383 External Source CONFIRM http://www-01.ibm.com/support/docview.wss?uid=swg21686383
http://www-01.ibm.com/support/docview.wss?uid=swg21686824 External Source CONFIRM http://www-01.ibm.com/support/docview.wss?uid=swg21686824
http://www-01.ibm.com/support/docview.wss?uid=swg21688893 External Source CONFIRM http://www-01.ibm.com/support/docview.wss?uid=swg21688893
http://www-01.ibm.com/support/docview.wss?uid=swg21689593 External Source CONFIRM http://www-01.ibm.com/support/docview.wss?uid=swg21689593
https://access.redhat.com/errata/RHSA-2014:0902 External Source REDHAT RHSA-2014:0902
https://access.redhat.com/errata/RHSA-2014:0908 External Source REDHAT RHSA-2014:0908
https://exchange.xforce.ibmcloud.com/vulnerabilities/94605 External Source XF oracle-cpujul2014-cve20144244(94605)
https://kc.mcafee.com/corporate/index?page=content&id=SB10083 External Source CONFIRM https://kc.mcafee.com/corporate/index?page=content&id=SB10083
https://www.ibm.com/support/docview.wss?uid=swg21680418 External Source CONFIRM https://www.ibm.com/support/docview.wss?uid=swg21680418

Technical Details

Vulnerability Type (View All)

Change History 12 change records found - show changes