CVE-2014-0460 — MEDIUM (5.8)

Q: How severe is CVE-2014-0460?

CVE-2014-0460 has been rated MEDIUM with a CVSS base score of 5.8/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2014-0460?

Check the references section above for vendor advisories and patch information. Affected products include: Oracle Jrockit, Canonical Ubuntu Linux, Juniper Junos Space, Oracle Jdk, Oracle Jre.

Vulnerability Description

Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via vectors related to JNDI.

CVSS Score

5.8

MEDIUM

AV:N/AC:M/Au:N/C:P/I:P/A:N

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

NONE

Affected Products

Vendor	Product	Versions
Oracle	Jrockit	r27.8.1
Canonical	Ubuntu Linux	10.04
Juniper	Junos Space	< 15.1
Oracle	Jdk	1.5.0
Oracle	Jre	1.5.0
Debian	Debian Linux	6.0

References

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698Third Party Advisory
http://marc.info/?l=bugtraq&m=140852886808946&w=2Issue TrackingMailing ListThird Party Advisory
http://marc.info/?l=bugtraq&m=140852974709252&w=2Issue TrackingMailing ListThird Party Advisory
http://rhn.redhat.com/errata/RHSA-2014-0675.htmlThird Party Advisory
http://rhn.redhat.com/errata/RHSA-2014-0685.htmlThird Party Advisory
http://secunia.com/advisories/58415Third Party Advisory
http://secunia.com/advisories/59022Third Party Advisory
http://secunia.com/advisories/59023Third Party Advisory
http://secunia.com/advisories/59058Third Party Advisory
http://secunia.com/advisories/59071Third Party Advisory
http://secunia.com/advisories/59082Third Party Advisory
http://secunia.com/advisories/59250Third Party Advisory
http://secunia.com/advisories/59255Third Party Advisory
http://secunia.com/advisories/59307Third Party Advisory
http://secunia.com/advisories/59436Third Party Advisory

FAQ

What is CVE-2014-0460?

CVE-2014-0460 is a vulnerability with a CVSS score of 5.8 (MEDIUM). Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality and integrity via vector...

How severe is CVE-2014-0460?

CVE-2014-0460 has been rated MEDIUM with a CVSS base score of 5.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2014-0460?

Check the references section above for vendor advisories and patch information. Affected products include: Oracle Jrockit, Canonical Ubuntu Linux, Juniper Junos Space, Oracle Jdk, Oracle Jre.