4.6 Medium
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.106 Low
EPSS
Percentile
95.0%
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Serviceability. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to throwing of an incorrect exception when SnmpStatusException should have been used in the SNMP implementation, which allows attackers to escape the sandbox.
CPE | Name | Operator | Version |
---|---|---|---|
oracle:jre | oracle jre | eq | 1.7.0 |
oracle:jdk | oracle jdk | eq | 1.5.0 |
oracle:jre | oracle jre | eq | 1.5.0 |
oracle:jdk | oracle jdk | eq | 1.6.0 |
oracle:jre | oracle jre | eq | 1.6.0 |
hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/496c51673dec
lists.opensuse.org/opensuse-security-announce/2014-02/msg00009.html
lists.opensuse.org/opensuse-security-announce/2014-02/msg00012.html
lists.opensuse.org/opensuse-security-announce/2014-03/msg00024.html
lists.opensuse.org/opensuse-updates/2014-01/msg00105.html
lists.opensuse.org/opensuse-updates/2014-01/msg00107.html
lists.opensuse.org/opensuse-updates/2014-02/msg00000.html
marc.info/?l=bugtraq&m=139402697611681&w=2
marc.info/?l=bugtraq&m=139402749111889&w=2
rhn.redhat.com/errata/RHSA-2014-0026.html
rhn.redhat.com/errata/RHSA-2014-0027.html
rhn.redhat.com/errata/RHSA-2014-0030.html
rhn.redhat.com/errata/RHSA-2014-0097.html
rhn.redhat.com/errata/RHSA-2014-0134.html
rhn.redhat.com/errata/RHSA-2014-0135.html
rhn.redhat.com/errata/RHSA-2014-0136.html
secunia.com/advisories/56432
secunia.com/advisories/56485
secunia.com/advisories/56535
www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
www.securityfocus.com/bid/64758
www.securityfocus.com/bid/64922
www.securitytracker.com/id/1029608
www.ubuntu.com/usn/USN-2089-1
www.ubuntu.com/usn/USN-2124-1
access.redhat.com/errata/RHSA-2014:0414
bugzilla.redhat.com/show_bug.cgi?id=1051699
h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777