CVE-2014-4218

2014-07-1705:10:16

oracle

web.nvd.nist.gov

cve-2014-4218

oracle

java

vulnerability

remote attackers

integrity

libraries

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

AI Score

3.4

Confidence

Low

EPSS

0.014

Percentile

86.7%

JSON

Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect integrity via unknown vectors related to Libraries.

Affected configurations

Nvd

Node

oraclejdkMatch1.5.0update65

oraclejdkMatch1.6.0update75

oraclejdkMatch1.7.0update60

oraclejdkMatch1.8.0update5

oraclejreMatch1.5.0update65

oraclejreMatch1.6.0update75

oraclejreMatch1.7.0update60

oraclejreMatch1.8.0update5

VendorProductVersionCPE
oraclejdk1.5.0cpe:2.3:a:oracle:jdk:1.5.0:update65:*:*:*:*:*:*
oraclejdk1.6.0cpe:2.3:a:oracle:jdk:1.6.0:update75:*:*:*:*:*:*
oraclejdk1.7.0cpe:2.3:a:oracle:jdk:1.7.0:update60:*:*:*:*:*:*
oraclejdk1.8.0cpe:2.3:a:oracle:jdk:1.8.0:update5:*:*:*:*:*:*
oraclejre1.5.0cpe:2.3:a:oracle:jre:1.5.0:update65:*:*:*:*:*:*
oraclejre1.6.0cpe:2.3:a:oracle:jre:1.6.0:update75:*:*:*:*:*:*
oraclejre1.7.0cpe:2.3:a:oracle:jre:1.7.0:update60:*:*:*:*:*:*
oraclejre1.8.0cpe:2.3:a:oracle:jre:1.8.0:update5:*:*:*:*:*:*

Vendor	Product	Version	CPE
oracle	jdk	1.5.0	cpe:2.3:a:oracle:jdk:1.5.0:update65::::::
oracle	jdk	1.6.0	cpe:2.3:a:oracle:jdk:1.6.0:update75::::::
oracle	jdk	1.7.0	cpe:2.3:a:oracle:jdk:1.7.0:update60::::::
oracle	jdk	1.8.0	cpe:2.3:a:oracle:jdk:1.8.0:update5::::::
oracle	jre	1.5.0	cpe:2.3:a:oracle:jre:1.5.0:update65::::::
oracle	jre	1.6.0	cpe:2.3:a:oracle:jre:1.6.0:update75::::::
oracle	jre	1.7.0	cpe:2.3:a:oracle:jre:1.7.0:update60::::::
oracle	jre	1.8.0	cpe:2.3:a:oracle:jre:1.8.0:update5::::::