| Vulnerability Name: | CVE-2014-4208 (CCN-94607) | ||||||||||||||||||||||||||||||||||||||||||||||||
| Assigned: | 2014-07-15 | ||||||||||||||||||||||||||||||||||||||||||||||||
| Published: | 2014-07-15 | ||||||||||||||||||||||||||||||||||||||||||||||||
| Updated: | 2022-05-13 | ||||||||||||||||||||||||||||||||||||||||||||||||
| Summary: | Unspecified vulnerability in the Java SE component in Oracle Java SE 7u60 and 8u5 allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2014-4220. | ||||||||||||||||||||||||||||||||||||||||||||||||
| CVSS v3 Severity: | 3.7 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)
| ||||||||||||||||||||||||||||||||||||||||||||||||
| CVSS v2 Severity: | 2.6 Low (CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N) 1.9 Low (Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)
1.9 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)
1.9 Low (REDHAT Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N/E:U/RL:OF/RC:C)
| ||||||||||||||||||||||||||||||||||||||||||||||||
| Vulnerability Type: | CWE-noinfo | ||||||||||||||||||||||||||||||||||||||||||||||||
| Vulnerability Consequences: | Other | ||||||||||||||||||||||||||||||||||||||||||||||||
| References: | Source: MITRE Type: CNA CVE-2014-4208 Source: SUSE Type: UNKNOWN SUSE-SU-2015:0344 Source: HP Type: UNKNOWN HPSBUX03091 Source: CCN Type: RHSA-2014-1041 Critical: java-1.7.0-ibm security update Source: CCN Type: RHSA-2014-1042 Critical: java-1.7.1-ibm security update Source: FULLDISC Type: UNKNOWN 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities Source: SECUNIA Type: UNKNOWN 59680 Source: SECUNIA Type: UNKNOWN 59924 Source: SECUNIA Type: UNKNOWN 59987 Source: SECUNIA Type: UNKNOWN 60081 Source: SECUNIA Type: UNKNOWN 60317 Source: SECUNIA Type: UNKNOWN 60622 Source: SECUNIA Type: UNKNOWN 60817 Source: SECUNIA Type: UNKNOWN 61293 Source: SECUNIA Type: UNKNOWN 61577 Source: SECUNIA Type: UNKNOWN 61640 Source: GENTOO Type: UNKNOWN GLSA-201502-12 Source: CONFIRM Type: UNKNOWN http://www-01.ibm.com/support/docview.wss?uid=swg21680334 Source: CONFIRM Type: UNKNOWN http://www-01.ibm.com/support/docview.wss?uid=swg21686142 Source: CONFIRM Type: UNKNOWN http://www-01.ibm.com/support/docview.wss?uid=swg21686383 Source: CONFIRM Type: UNKNOWN http://www-01.ibm.com/support/docview.wss?uid=swg21686824 Source: CCN Type: IBM Security Bulletin 1020258 Multiple vulnerabilities in the IBM SDK Java Technology for IBM i Source: CCN Type: IBM Security Bulletin 1680333 Multiple vulnerabilities in current releases of the IBM WebSphere Real Time Source: CCN Type: IBM Security Bulletin 1680334 Multiple vulnerabilities in current releases of the IBM SDK, Java Technology Edition Source: CCN Type: IBM Security Bulletin 1682038 Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime, affect IBM Endpoint Manager for Remote Control Source: CCN Type: IBM Security Bulletin 1682102 Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime, affect Tivoli Endpoint Manager for Remote Control Source: CCN Type: IBM Security Bulletin 1685312 IBM Tivoli Composite Application Manager for Transactions affected by multiple vulnerabilities in IBM JRE (Multiple CVEs) Source: CCN Type: IBM Security Bulletin 1685333 Multiple vulnerabilities in IBM Java SDK affect Asset and Service Management Source: CCN Type: IBM Security Bulletin 1685866 Vulnerabilities in IBM Tivoli System Automation for Integrated Operations Management (Several CVE's) Source: CCN Type: IBM Security Bulletin 1686142 Content Manager Enterprise Edition with use of IBM SDK Java Technology Edition (CVE-2014-4263, CVE-2014-4244, CVE-2014-4208) Source: CCN Type: IBM Security Bulletin 1686194 Multiple vulnerabilities in IBM Java Runtime affect IBM Tivoli Application Dependency Discovery Manager (TADDM) (CVE-2014-4227, CVE-2014-4262, CVE-2014-4219, CVE-2014-4209, CVE-2014-4220, CVE-2014-4268, CVE-2014-4218, CVE-2014-4252, C Source: CCN Type: IBM Security Bulletin 1686383 CICS Transaction Gateway for Multiplatforms Source: CCN Type: IBM Security Bulletin 1686824 IBM Notes and Domino - Multiple vulnerabilities in IBM Java (Oracle July 2014 Critical Patch Update) Source: CCN Type: IBM Security Bulletin 1687297 Security Bulletin: IBM Tivoli Monitoring clients affected by vulnerabilities in IBM SDK, Java Technology Edition Source: CCN Type: IBM Security Bulletin 1688312 Multiple vulnerabilities in IBM Java Runtime affect IBM Cognos Business Viewpoint (CVE-2014-3086, CVE-2014-4227, CVE-2014-4262, CVE-2014-4220, CVE-2014-4218, CVE-2014-4252, CVE-2014-4265, CVE-2014-4221, CVE-2014-4263, CVE-2014-4244) Source: CCN Type: IBM Security Bulletin 1688343 IBM Smart Analytics System 5600 is affected by multiple vulnerabilities in the IBM SDK Java Technology Edition, Version 6 Source: CCN Type: IBM Security Bulletin 1694020 Vulnerability fixes for Rational Lifecycle Integration Adapter for HP ALM (CVE-2014-3065, CVE-2014-3566, CVE-2014-6457, CVE-2014-4208, CVE-2014-2490, CVE-2014-4263) Source: CCN Type: Oracle Critical Patch Update Advisory - July 2014 Oracle Critical Patch Update Advisory - July 2014 Source: CONFIRM Type: Vendor Advisory http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html Source: BUGTRAQ Type: UNKNOWN 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities Source: BID Type: UNKNOWN 68580 Source: CCN Type: BID-68580 Oracle Java SE CVE-2014-4208 Remote Security Vulnerability Source: SECTRACK Type: UNKNOWN 1030577 Source: CONFIRM Type: UNKNOWN http://www.vmware.com/security/advisories/VMSA-2014-0012.html Source: REDHAT Type: UNKNOWN RHSA-2014:0902 Source: XF Type: UNKNOWN oracle-cpujul2014-cve20144208(94607) Source: XF Type: UNKNOWN oracle-cpujul2014-cve20144208(94607) Source: CCN Type: IBM Security Bulletin 5097375 SSLv3 Vulnerability and multiple vulnerabilities in OpenSSL and IBM Java SDK affect IBM Systems Director Storage Control. | ||||||||||||||||||||||||||||||||||||||||||||||||
| Vulnerable Configuration: | Configuration 1: Configuration RedHat 1: Configuration RedHat 2: Configuration RedHat 3:  Denotes that component is vulnerable | ||||||||||||||||||||||||||||||||||||||||||||||||
| Oval Definitions | |||||||||||||||||||||||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||||||||||||||||||||||
| BACK | |||||||||||||||||||||||||||||||||||||||||||||||||