9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.106 Low
EPSS
Percentile
94.9%
01/15/2014
Critical
An unspecified vulnerabilities were found in Oracle products. By exploiting this vulnerability malicious users can affect integrity, confidentiality and availability. This vulnerability can be exploited remotely via an unknown vectors related to 2D, Beans, CORBA, Deployment, Hotspot, Install, JAAS, JavaFX, JAXP, JNDI, JSSE, Libraries, Networking, Security and Serviceability.
Oracle Java SE versions 5u55, 6u65, 7u45
Oracle JRockit R27.7.7, R28.2.9
Update to the latest version
OSI
CVE-2013-58706.8High
CVE-2014-04235.5High
CVE-2013-58955.0Critical
CVE-2013-58787.5Critical
CVE-2014-04247.5Critical
CVE-2013-59105.0Critical
CVE-2014-03824.3Warning
CVE-2014-03859.3Critical
CVE-2013-58995.0Critical
CVE-2014-04165.0Critical
CVE-2014-04185.1High
CVE-2014-03877.6Critical
CVE-2013-59065.1High
CVE-2013-59055.1High
CVE-2013-59046.8High
CVE-2014-03685.0Critical
CVE-2013-58965.0Critical
CVE-2013-58899.3Critical
CVE-2013-58884.6Warning
CVE-2013-58845.0Critical
CVE-2013-58875.0Critical
CVE-2014-04114.0Warning
CVE-2013-59025.1High
CVE-2014-04179.3Critical
CVE-2014-03765.0Critical
CVE-2013-58939.3Critical
CVE-2014-03737.5Critical
CVE-2013-58984.0Warning
CVE-2014-04035.8High
CVE-2014-04089.3Critical
CVE-2014-03755.8High
www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5870
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5878
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5884
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5887
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5888
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5889
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5893
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5895
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5896
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5898
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5899
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5902
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5904
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5905
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5906
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5910
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0368
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0373
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0375
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0376
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0382
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0385
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0387
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0403
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0408
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0411
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0416
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0417
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0418
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0423
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0424
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/Oracle-Java-JDK-1.7.x/
threats.kaspersky.com/en/product/Oracle-Java-JRE-1.7.x/
threats.kaspersky.com/en/product/Oracle-JRockit/
threats.kaspersky.com/en/product/Sun-Java-JDK-1.6.x/
threats.kaspersky.com/en/product/Sun-Java-JRE-1.6.x/
threats.kaspersky.com/en/product/Sun-Java-JRE/