[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247768

 
 

909

 
 

194555

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2014-0373Date: (C)2014-01-16   (M)2023-12-28


Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Serviceability. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to throwing of an incorrect exception when SnmpStatusException should have been used in the SNMP implementation, which allows attackers to escape the sandbox.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 7.5
Exploit Score: 10.0
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
SECTRACK-1029608
SECUNIA-56432
SECUNIA-56485
SECUNIA-56535
BID-64758
BID-64922
RHSA-2014:0026
RHSA-2014:0027
RHSA-2014:0030
RHSA-2014:0097
RHSA-2014:0134
RHSA-2014:0135
RHSA-2014:0136
RHSA-2014:0414
SSRT101454
SSRT101455
SUSE-SU-2014:0246
SUSE-SU-2014:0266
SUSE-SU-2014:0451
USN-2089-1
USN-2124-1
http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/496c51673dec
http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
https://bugzilla.redhat.com/show_bug.cgi?id=1051699
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777
openSUSE-SU-2014:0174
openSUSE-SU-2014:0177
openSUSE-SU-2014:0180

OVAL    23
oval:org.secpod.oval:def:1600184
oval:org.secpod.oval:def:501180
oval:org.secpod.oval:def:1600048
oval:org.secpod.oval:def:505663
...

© SecPod Technologies