PT-2014-1241 · Oracle+4 · Java Se Embedded+6

Publicado

2014-04-15

·

Atualizado

2022-05-13

·

CVE-2014-2428

CVSS v2.0

7.6

Alta

VetorAV:N/AC:H/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 6u71 through 8 Java SE Embedded version 7u51
Description The issue allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. This can be exploited by remote attackers to disrupt the confidentiality, integrity, and availability of data.
Recommendations For Oracle Java SE versions 6u71 through 8, update to a version that is not affected by this issue. For Java SE Embedded version 7u51, update to a version that is not affected by this issue. As a temporary workaround, consider restricting access to the Deployment component until a patch is available.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-461

Identificadores relacionados

BDU:2014-00449
BDU:2014-00450
CVE-2014-2428
HPSBUX03091
HPSBUX03092
RHSA-2014:0412
RHSA-2014:0413
RHSA-2014:0414
RHSA-2014:0486
RHSA-2014:0508
RHSA-2014:0705
RHSA-2014:0982
RHSA-2014_0412
RHSA-2014_0413
RHSA-2014_0414
RHSA-2014_0486
RHSA-2014_0508
RHSA-2014_0705

Produtos afetados

Hp-Ux
Ibm Aix
Java Platform
Java Se
Java Se Embedded
Red Hat
Suse