CVE-2014-4266 : Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote attackers to affect integrity via unknown vectors

Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote attackers to affect integrity via unknown vectors related to Serviceability.

Published 2014-07-17 11:17:11

Updated 2022-05-13 14:57:17

Source Oracle

View at NVD, CVE.org

Threat overview for CVE-2014-4266

Top countries where our scanners detected CVE-2014-4266

Top open port discovered on systems with this issue 80

IPs affected by CVE-2014-4266 197

Threat actors abusing to this issue? Yes

Find out if you^* are affected by CVE-2014-4266!

^*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2014-4266

Probability of exploitation activity in the next 30 days: 0.93%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 83 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2014-4266

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
5.0	MEDIUM	AV:N/AC:L/Au:N/C:N/I:P/A:N	10.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: Partial Availability Impact: None

References for CVE-2014-4266

http://secunia.com/advisories/60817

Sign in

CVEs referencing this url
http://www-01.ibm.com/support/docview.wss?uid=swg21686383

IBM notice: The page you requested cannot be displayed

CVEs referencing this url
http://www.securitytracker.com/id/1030577

Oracle Java SE Multiple Flaws Let Remote Users Execute Arbitrary Code, Access and Modify Data, and Deny Service - SecurityTracker

CVEs referencing this url
http://www.debian.org/security/2014/dsa-2980

Debian -- Security Information -- DSA-2980-1 openjdk-6

CVEs referencing this url
http://www.vmware.com/security/advisories/VMSA-2014-0012.html

VMSA-2014-0012.1

CVEs referencing this url
https://access.redhat.com/errata/RHSA-2014:0902

RHSA-2014:0902 - Security Advisory - Red Hat Customer Portal

CVEs referencing this url
http://www-01.ibm.com/support/docview.wss?uid=swg21686824

IBM Security Bulletin: IBM Notes and Domino - Multiple vulnerabilities in IBM Java (Oracle July 2014 Critical Patch Update)

CVEs referencing this url
http://www-01.ibm.com/support/docview.wss?uid=swg21680334

IBM Security Bulletin: Multiple vulnerabilities in current releases of the IBM® SDK, Java™ Technology Edition

CVEs referencing this url
http://www.securityfocus.com/bid/68596

Oracle Java SE CVE-2014-4266 Remote Security Vulnerability
http://marc.info/?l=bugtraq&m=140852886808946&w=2

'[security bulletin] HPSBUX03091 SSRT101667 rev.1 - HP-UX running Java7, Remote Unauthorized Access, ' - MARC

CVEs referencing this url
http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html

Oracle Critical Patch Update - July 2014
Vendor Advisory

CVEs referencing this url
http://secunia.com/advisories/60129

Sign in

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html

[security-announce] SUSE-SU-2015:0344-1: important: Security update for

CVEs referencing this url
http://security.gentoo.org/glsa/glsa-201502-12.xml

Oracle JRE/JDK: Multiple vulnerabilities (GLSA 201502-12) — Gentoo security

CVEs referencing this url
http://secunia.com/advisories/59924

Sign in

CVEs referencing this url
http://secunia.com/advisories/59680

Sign in

CVEs referencing this url
http://seclists.org/fulldisclosure/2014/Dec/23

Full Disclosure: NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities

CVEs referencing this url
http://secunia.com/advisories/60622

Sign in

CVEs referencing this url
http://www.debian.org/security/2014/dsa-2987

Debian -- Security Information -- DSA-2987-1 openjdk-7

CVEs referencing this url
http://secunia.com/advisories/60485

Sign in

CVEs referencing this url
https://exchange.xforce.ibmcloud.com/vulnerabilities/94601

Oracle Java SE Serviceability unspecified CVE-2014-4266 Vulnerability Report
http://secunia.com/advisories/59987

Sign in

CVEs referencing this url
http://www.securityfocus.com/archive/1/534161/100/0/threaded

SecurityFocus

CVEs referencing this url
http://secunia.com/advisories/60812

Sign in

CVEs referencing this url

Products affected by CVE-2014-4266

Oracle » JDK » Version: 1.7.0 Update Update60
cpe:2.3:a:oracle:jdk:1.7.0:update60:*:*:*:*:*:*
Matching versions
Oracle » JDK » Version: 1.8.0 Update Update5
cpe:2.3:a:oracle:jdk:1.8.0:update5:*:*:*:*:*:*
Matching versions
Oracle » JRE » Version: 1.7.0 Update Update60
cpe:2.3:a:oracle:jre:1.7.0:update60:*:*:*:*:*:*
Matching versions
Oracle » JRE » Version: 1.8.0 Update Update5
cpe:2.3:a:oracle:jre:1.8.0:update5:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2014-4266

Threat overview for CVE-2014-4266

Exploit prediction scoring system (EPSS) score for CVE-2014-4266

CVSS scores for CVE-2014-4266

References for CVE-2014-4266

Products affected by CVE-2014-4266