PT-2014-1635 · Oracle+4 · Java Se+5

Published

2014-10-14

Updated

2022-05-13

CVE-2014-4288

CVSS v2.0

7.6

High

Vector

AV:N/AC:H/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Java SE (affected versions not specified)

Description The issue allows a remote attacker to compromise the confidentiality, integrity, and availability of data using the Deployment subcomponent. It is part of Oracle's October 2014 Critical Patch Update and also involves the POODLE SSLv3 vulnerability.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-17

Related Identifiers

BDU:2015-00553

CVE-2014-4288

HPSBUX03218

RHSA-2014:1657

RHSA-2014:1658

RHSA-2014:1876

RHSA-2014:1877

RHSA-2014:1880

RHSA-2014:1882

RHSA-2014_1657

RHSA-2014_1658

RHSA-2014_1877

RHSA-2014_1880

RHSA-2014_1882

RHSA-2015:0264

SUSE-SU-2014_1392-1

Affected Products

Hp-Ux

Ibm Aix

Java Platform

Java Se

Red Hat

Suse

PT-2014-1635 · Oracle+4 · Java Se+5

CVE-2014-4288

Weakness Enumeration

Related Identifiers

Affected Products

References · 142