Vulnerability Details : CVE-2014-4225
Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Patch installation scripts.
Exploit prediction scoring system (EPSS) score for CVE-2014-4225
Probability of exploitation activity in the next 30 days: 0.04%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 11 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2014-4225
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
6.9
|
MEDIUM | AV:L/AC:M/Au:N/C:C/I:C/A:C |
3.4
|
10.0
|
NIST |
References for CVE-2014-4225
-
http://www.vmware.com/security/advisories/VMSA-2014-0012.html
VMSA-2014-0012.1
-
http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
Oracle Critical Patch Update - July 2014Vendor Advisory
-
http://seclists.org/fulldisclosure/2014/Dec/23
Full Disclosure: NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/94608
Oracle Solaris Patch installation scripts unspecified CVE-2014-4225 Vulnerability Report
-
http://www.securityfocus.com/archive/1/534161/100/0/threaded
SecurityFocus
-
http://www.securityfocus.com/bid/68566
Oracle Solaris CVE-2014-4225 Local Security Vulnerability
-
http://www.securitytracker.com/id/1030588
Solaris Bugs Let Local Users Gain Elevated Privileges and Deny Service - SecurityTracker
Products affected by CVE-2014-4225
- cpe:2.3:o:sun:sunos:5.10:*:*:*:*:*:*:*