Lucene search

PRIOn knowledge basePRION:CVE-2014-0373

HistoryJan 15, 2014 - 4:08 p.m.

Design/Logic Flaw

2014-01-1516:08:00

PRIOn knowledge base

www.prio-n.com

6.2 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.106 Low

EPSS

Percentile

94.9%

JSON

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Serviceability. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to throwing of an incorrect exception when SnmpStatusException should have been used in the SNMP implementation, which allows attackers to escape the sandbox.

CPENameOperatorVersion
jdkeq1.5.0 update55
jdkeq1.6.0 update65
jreeq1.7.0 update45
jreeq1.5.0 update55
jreeq1.6.0 update65

Name	Operator	Version
jdk	eq	1.5.0 update55
jdk	eq	1.6.0 update65
jre	eq	1.7.0 update45
jre	eq	1.5.0 update55
jre	eq	1.6.0 update65

References

hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/496c51673dec

lists.opensuse.org/opensuse-security-announce/2014-02/msg00009.html

lists.opensuse.org/opensuse-security-announce/2014-02/msg00012.html

lists.opensuse.org/opensuse-security-announce/2014-03/msg00024.html

lists.opensuse.org/opensuse-updates/2014-01/msg00105.html

lists.opensuse.org/opensuse-updates/2014-01/msg00107.html

lists.opensuse.org/opensuse-updates/2014-02/msg00000.html

rhn.redhat.com/errata/RHSA-2014-0026.html

rhn.redhat.com/errata/RHSA-2014-0027.html

rhn.redhat.com/errata/RHSA-2014-0030.html

rhn.redhat.com/errata/RHSA-2014-0097.html

rhn.redhat.com/errata/RHSA-2014-0134.html

rhn.redhat.com/errata/RHSA-2014-0135.html

rhn.redhat.com/errata/RHSA-2014-0136.html

secunia.com/advisories/56432

secunia.com/advisories/56485

secunia.com/advisories/56535

www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html

www.securityfocus.com/bid/64758

www.securityfocus.com/bid/64922

www.securitytracker.com/id/1029608

www.ubuntu.com/usn/USN-2089-1

www.ubuntu.com/usn/USN-2124-1

access.redhat.com/errata/RHSA-2014:0414

bugzilla.redhat.com/show_bug.cgi?id=1051699

h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777

marc.info/?l=bugtraq&m=139402697611681&w=2

marc.info/?l=bugtraq&m=139402749111889&w=2

6.2 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.106 Low

EPSS

Percentile

94.9%

JSON

Related for PRION:CVE-2014-0373