CVE-2014-0448 - OpenCVE

Unspecified vulnerability in Oracle Java SE 7u51 and 8 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity High

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:H/Au:N/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Oracle	Jre Jdk
Microsoft	Windows
Ibm	Forms Viewer

Configuration 1 [-]

OR	cpe:2.3:a:oracle:jdk:1.7.0:update51::::::
	cpe:2.3:a:oracle:jdk:1.8.0:-::::::
	cpe:2.3:a:oracle:jre:1.7.0:update51::::::
	cpe:2.3:a:oracle:jre:1.8.0:-::::::

Configuration 2 [-]

AND

OR	cpe:2.3:a:ibm:forms_viewer::::::::
	cpe:2.3:a:ibm:forms_viewer::::::::

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

References

Link	Resource
http://marc.info/?l=bugtraq&m=140852886808946&w=2	Issue Tracking Mailing List Third Party Advisory
http://security.gentoo.org/glsa/glsa-201502-12.xml	Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21672080	Third Party Advisory
http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html	Vendor Advisory
http://www.securityfocus.com/bid/66904	Third Party Advisory VDB Entry
https://access.redhat.com/errata/RHSA-2014:0413	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: oracle

Published: 2014-04-15T22:00:00

Updated: 2018-01-04T19:57:01

Reserved: 2013-12-12T00:00:00

Link: CVE-2014-0448

JSON object: View

NVD Information

Status : Analyzed

Published: 2014-04-16T00:55:24.090

Modified: 2022-05-13T14:57:20.533

Link: CVE-2014-0448

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-noinfo

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-04-15T00:00:00", "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Oracle Java SE 7u51 and 8 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-01-04T19:57:01", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle"}, "references": [{"name": "HPSBUX03091", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://marc.info/?l=bugtraq&m=140852886808946&w=2"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080"}, {"name": "66904", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/66904"}, {"name": "RHSA-2014:0413", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2014:0413"}, {"name": "SSRT101667", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://marc.info/?l=bugtraq&m=140852886808946&w=2"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"}, {"name": "GLSA-201502-12", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert_us@oracle.com", "ID": "CVE-2014-0448", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in Oracle Java SE 7u51 and 8 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "HPSBUX03091", "refsource": "HP", "url": "http://marc.info/?l=bugtraq&m=140852886808946&w=2"}, {"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080"}, {"name": "66904", "refsource": "BID", "url": "http://www.securityfocus.com/bid/66904"}, {"name": "RHSA-2014:0413", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2014:0413"}, {"name": "SSRT101667", "refsource": "HP", "url": "http://marc.info/?l=bugtraq&m=140852886808946&w=2"}, {"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"}, {"name": "GLSA-201502-12", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"}]}}}}, "cveMetadata": {"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2014-0448", "datePublished": "2014-04-15T22:00:00", "dateReserved": "2013-12-12T00:00:00", "dateUpdated": "2018-01-04T19:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update51:*:*:*:*:*:*", "matchCriteriaId": "3343969B-2926-4C55-8787-792ABF6429D7", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:-:*:*:*:*:*:*", "matchCriteriaId": "F906BFD6-7654-46C5-8240-3A50949CAE85", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update51:*:*:*:*:*:*", "matchCriteriaId": "4DA64EFB-8416-4A0B-91B5-F02CC1A79D40", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.8.0:-:*:*:*:*:*:*", "matchCriteriaId": "CA226495-4733-485A-9D53-85874434815D", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:forms_viewer:*:*:*:*:*:*:*:*", "matchCriteriaId": "745E0942-12A9-49B3-851C-ED67F047BCEB", "versionEndExcluding": "4.0.0.3", "versionStartIncluding": "4.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:forms_viewer:*:*:*:*:*:*:*:*", "matchCriteriaId": "5452C9C6-D761-4E3D-B7CF-C0AC55D08650", "versionEndExcluding": "8.0.1.1", "versionStartIncluding": "8.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Oracle Java SE 7u51 and 8 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment."}, {"lang": "es", "value": "Vulnerabilidad no especificada en Oracle Java SE 7u51 y 8 permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a trav\u00e9s de vectores desconocidos relacionados con la implementaci\u00f3n."}], "id": "CVE-2014-0448", "lastModified": "2022-05-13T14:57:20.533", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.6, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 4.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2014-04-16T00:55:24.090", "references": [{"source": "secalert_us@oracle.com", "tags": ["Issue Tracking", "Mailing List", "Third Party Advisory"], "url": "http://marc.info/?l=bugtraq&m=140852886808946&w=2"}, {"source": "secalert_us@oracle.com", "tags": ["Third Party Advisory"], "url": "http://security.gentoo.org/glsa/glsa-201502-12.xml"}, {"source": "secalert_us@oracle.com", "tags": ["Third Party Advisory"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21672080"}, {"source": "secalert_us@oracle.com", "tags": ["Vendor Advisory"], "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html"}, {"source": "secalert_us@oracle.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/66904"}, {"source": "secalert_us@oracle.com", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2014:0413"}], "sourceIdentifier": "secalert_us@oracle.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}