CVE-2014-6492

Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20, when running on Firefox, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.

CVSS v2.0 7.6 HIGH

7.6^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:H/Au:N/C:C/I:C/A:C

Exploitability : 4.9 / Impact : 10.0

Access Vector NETWORK

Access Complexity HIGH

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html
http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html
http://marc.info/?l=bugtraq&m=141775382904016&w=2
http://rhn.redhat.com/errata/RHSA-2014-1657.html
http://rhn.redhat.com/errata/RHSA-2014-1658.html
http://rhn.redhat.com/errata/RHSA-2014-1876.html
http://rhn.redhat.com/errata/RHSA-2014-1877.html
http://rhn.redhat.com/errata/RHSA-2014-1880.html
http://rhn.redhat.com/errata/RHSA-2014-1882.html
http://rhn.redhat.com/errata/RHSA-2015-0264.html
http://secunia.com/advisories/61163
http://secunia.com/advisories/61164
http://secunia.com/advisories/61609
http://security.gentoo.org/glsa/glsa-201502-12.xml
http://www-01.ibm.com/support/docview.wss?uid=swg21688283
http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html	Patch Vendor Advisory
http://www.securityfocus.com/bid/70456

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:a:oracle:jdk:1.6.0:update81::::::
	cpe:2.3:a:oracle:jdk:1.8.0:update20::::::
	cpe:2.3:a:oracle:jre:1.6.0:update_81::::::
	cpe:2.3:a:oracle:jre:1.7.0:update_67::::::
	cpe:2.3:a:oracle:jre:1.8.0:update_20::::::

cpe:2.3:a:mozilla:firefox:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2014-10-15 22:55

Updated : 2022-05-13 14:35

NVD link : CVE-2014-6492

Mitre link : CVE-2014-6492

CVE.ORG link : CVE-2014-6492

JSON object : View

Products Affected

oracle

jre
jdk

mozilla

firefox

CWE

NVD-CWE-noinfo

{"id": "CVE-2014-6492", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.6, "accessVector": "NETWORK", "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "HIGH", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 4.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2014-10-15T22:55:05.887", "references": [{"url": "http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00021.html", "source": "secalert_us@oracle.com"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00002.html", "source": "secalert_us@oracle.com"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html", "source": "secalert_us@oracle.com"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00027.html", "source": "secalert_us@oracle.com"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html", "source": "secalert_us@oracle.com"}, {"url": "http://marc.info/?l=bugtraq&m=141775382904016&w=2", "source": "secalert_us@oracle.com"}, {"url": "http://rhn.redhat.com/errata/RHSA-2014-1657.html", "source": "secalert_us@oracle.com"}, {"url": "http://rhn.redhat.com/errata/RHSA-2014-1658.html", "source": "secalert_us@oracle.com"}, {"url": "http://rhn.redhat.com/errata/RHSA-2014-1876.html", "source": "secalert_us@oracle.com"}, {"url": "http://rhn.redhat.com/errata/RHSA-2014-1877.html", "source": "secalert_us@oracle.com"}, {"url": "http://rhn.redhat.com/errata/RHSA-2014-1880.html", "source": "secalert_us@oracle.com"}, {"url": "http://rhn.redhat.com/errata/RHSA-2014-1882.html", "source": "secalert_us@oracle.com"}, {"url": "http://rhn.redhat.com/errata/RHSA-2015-0264.html", "source": "secalert_us@oracle.com"}, {"url": "http://secunia.com/advisories/61163", "source": "secalert_us@oracle.com"}, {"url": "http://secunia.com/advisories/61164", "source": "secalert_us@oracle.com"}, {"url": "http://secunia.com/advisories/61609", "source": "secalert_us@oracle.com"}, {"url": "http://security.gentoo.org/glsa/glsa-201502-12.xml", "source": "secalert_us@oracle.com"}, {"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21688283", "source": "secalert_us@oracle.com"}, {"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html", "tags": ["Patch", "Vendor Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://www.securityfocus.com/bid/70456", "source": "secalert_us@oracle.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20, when running on Firefox, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment."}, {"lang": "es", "value": "Vulnerabilidad sin especificar en Oracle Java SE 6u81, 7u67, y 8u20, cuando se ejecuta Firefox, permite a atacantes remotos afectar a la confidencialidad, la integridad, la disponibilidad a trav\u00e9s de vectores desconocidos relacionados con Deployment."}], "lastModified": "2022-05-13T14:35:35.163", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update81:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A96B7B6D-890C-4CAF-A273-01E17D3FDBBA"}, {"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update20:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1F19BFEB-7202-4156-893E-576486FCCA63"}, {"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update_81:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6D7DEDD2-FEF2-4FEC-B9BF-C1C3FA247A02"}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update_67:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CE789D26-302F-44CF-AF63-EA0BA73E49E9"}, {"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update_20:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D776872E-A50A-498D-A68B-84DD910ED429"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:mozilla:firefox:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "97D4FFCF-5309-43B6-9FD5-680C6D535A7F"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "secalert_us@oracle.com"}