CVE-2014-6519

Unspecified vulnerability in Oracle Java SE 7u67 and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect integrity via unknown vectors related to Hotspot.

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:N/C:N/I:P/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://linux.oracle.com/errata/ELSA-2014-1633.html
http://linux.oracle.com/errata/ELSA-2014-1634.html
http://linux.oracle.com/errata/ELSA-2014-1636
http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00013.html
http://marc.info/?l=bugtraq&m=141775382904016&w=2
http://rhn.redhat.com/errata/RHSA-2014-1620.html
http://rhn.redhat.com/errata/RHSA-2014-1633.html
http://rhn.redhat.com/errata/RHSA-2014-1634.html
http://rhn.redhat.com/errata/RHSA-2014-1636.html
http://rhn.redhat.com/errata/RHSA-2014-1657.html
http://secunia.com/advisories/60414
http://secunia.com/advisories/60416
http://secunia.com/advisories/60417
http://secunia.com/advisories/61018
http://secunia.com/advisories/61020
http://secunia.com/advisories/61143
http://secunia.com/advisories/61164
http://secunia.com/advisories/61346
http://secunia.com/advisories/61609
http://secunia.com/advisories/61629
http://secunia.com/advisories/61928
http://security.gentoo.org/glsa/glsa-201502-12.xml
http://www.debian.org/security/2014/dsa-3077
http://www.debian.org/security/2014/dsa-3080
http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html	Patch Vendor Advisory
http://www.securityfocus.com/bid/70570
http://www.ubuntu.com/usn/USN-2386-1
http://www.ubuntu.com/usn/USN-2388-1
http://www.ubuntu.com/usn/USN-2388-2

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:oracle:jdk:1.7.0:update60::::::
	cpe:2.3:a:oracle:jre:1.7.0:update_67::::::
	cpe:2.3:a:oracle:jre:1.7.0:update60::::::
	cpe:2.3:a:oracle:jre:1.8.0:update_20::::::

History

13 May 2022, 14:57

Type	Values Removed	Values Added
CPE	cpe:2.3:a:oracle:jre:1.7.0:update_60::::::	cpe:2.3:a:oracle:jre:1.7.0:update60::::::

Information

Published : 2014-10-15 22:55

Updated : 2023-12-10 11:31

NVD link : CVE-2014-6519

Mitre link : CVE-2014-6519

CVE.ORG link : CVE-2014-6519

JSON object : View

Products Affected

oracle

jdk
jre

CWE

NVD-CWE-noinfo

{"id": "CVE-2014-6519", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2014-10-15T22:55:06.937", "references": [{"url": "http://linux.oracle.com/errata/ELSA-2014-1633.html", "source": "secalert_us@oracle.com"}, {"url": "http://linux.oracle.com/errata/ELSA-2014-1634.html", "source": "secalert_us@oracle.com"}, {"url": "http://linux.oracle.com/errata/ELSA-2014-1636", "source": "secalert_us@oracle.com"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00013.html", "source": "secalert_us@oracle.com"}, {"url": "http://marc.info/?l=bugtraq&m=141775382904016&w=2", "source": "secalert_us@oracle.com"}, {"url": "http://rhn.redhat.com/errata/RHSA-2014-1620.html", "source": "secalert_us@oracle.com"}, {"url": "http://rhn.redhat.com/errata/RHSA-2014-1633.html", "source": "secalert_us@oracle.com"}, {"url": "http://rhn.redhat.com/errata/RHSA-2014-1634.html", "source": "secalert_us@oracle.com"}, {"url": "http://rhn.redhat.com/errata/RHSA-2014-1636.html", "source": "secalert_us@oracle.com"}, {"url": "http://rhn.redhat.com/errata/RHSA-2014-1657.html", "source": "secalert_us@oracle.com"}, {"url": "http://secunia.com/advisories/60414", "source": "secalert_us@oracle.com"}, {"url": "http://secunia.com/advisories/60416", "source": "secalert_us@oracle.com"}, {"url": "http://secunia.com/advisories/60417", "source": "secalert_us@oracle.com"}, {"url": "http://secunia.com/advisories/61018", "source": "secalert_us@oracle.com"}, {"url": "http://secunia.com/advisories/61020", "source": "secalert_us@oracle.com"}, {"url": "http://secunia.com/advisories/61143", "source": "secalert_us@oracle.com"}, {"url": "http://secunia.com/advisories/61164", "source": "secalert_us@oracle.com"}, {"url": "http://secunia.com/advisories/61346", "source": "secalert_us@oracle.com"}, {"url": "http://secunia.com/advisories/61609", "source": "secalert_us@oracle.com"}, {"url": "http://secunia.com/advisories/61629", "source": "secalert_us@oracle.com"}, {"url": "http://secunia.com/advisories/61928", "source": "secalert_us@oracle.com"}, {"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml", "source": "secalert_us@oracle.com"}, {"url": "http://www.debian.org/security/2014/dsa-3077", "source": "secalert_us@oracle.com"}, {"url": "http://www.debian.org/security/2014/dsa-3080", "source": "secalert_us@oracle.com"}, {"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html", "tags": ["Patch", "Vendor Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://www.securityfocus.com/bid/70570", "source": "secalert_us@oracle.com"}, {"url": "http://www.ubuntu.com/usn/USN-2386-1", "source": "secalert_us@oracle.com"}, {"url": "http://www.ubuntu.com/usn/USN-2388-1", "source": "secalert_us@oracle.com"}, {"url": "http://www.ubuntu.com/usn/USN-2388-2", "source": "secalert_us@oracle.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Oracle Java SE 7u67 and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect integrity via unknown vectors related to Hotspot."}, {"lang": "es", "value": "Vulnerabilidad sin especificar en Oracle Java SE 7u67 y 8u20, y Java SE Embedded 7u60, permite a atacantes remotos afectar la integridad a trav\u00e9s de vectores desconocidos relacionados con el Hotspot."}], "lastModified": "2022-05-13T14:57:20.890", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update60:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B3D836B0-936A-445F-A08F-C962FC8B91EF"}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update_67:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CE789D26-302F-44CF-AF63-EA0BA73E49E9"}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update60:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A85E8DD9-9B00-4C7E-802D-6E6A1BD3B9C0"}, {"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update_20:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D776872E-A50A-498D-A68B-84DD910ED429"}], "operator": "OR"}]}], "sourceIdentifier": "secalert_us@oracle.com"}