Vulnerability CVE-2014-2420


Published: 2014-04-15   Modified: 2014-04-16

Description:
Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect integrity via unknown vectors related to Deployment.

Type:

CWE-noinfo

CVSS2 => (AV:N/AC:H/Au:N/C:N/I:P/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
2.6/10
2.9/10
4.9/10
Exploit range
Attack complexity
Authentication
Remote
High
No required
Confidentiality impact
Integrity impact
Availability impact
None
Partial
None
Affected software
Oracle -> JDK 
Oracle -> JRE 
IBM -> Infosphere streams 
IBM -> Smartcloud provisioning 
HP -> Hp-ux 

 References:
http://marc.info/?l=bugtraq&m=140852886808946&w=2
http://marc.info/?l=bugtraq&m=140852974709252&w=2
http://security.gentoo.org/glsa/glsa-201502-12.xml
http://www-01.ibm.com/support/docview.wss?uid=swg21672080
http://www.ibm.com/support/docview.wss?uid=swg21677387
http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html
http://www.securityfocus.com/bid/66919
https://access.redhat.com/errata/RHSA-2014:0413
https://access.redhat.com/errata/RHSA-2014:0414

Copyright 2024, cxsecurity.com

 

Back to Top