Π›ΠΎΠ³ΠΎΡ‚ΠΈΠΏ exploitDog
Консоль
Π›ΠΎΠ³ΠΎΡ‚ΠΈΠΏ exploitDog

exploitDog

ubuntu Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2014-0411

ΠžΠΏΡƒΠ±Π»ΠΈΠΊΠΎΠ²Π°Π½ΠΎ: 15 янв. 2014
Π˜ΡΡ‚ΠΎΡ‡Π½ΠΈΠΊ: ubuntu
ΠŸΡ€ΠΈΠΎΡ€ΠΈΡ‚Π΅Ρ‚: medium
EPSS Низкий
CVSS2: 4

ОписаниС

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that this issue allows remote attackers to obtain sensitive information about encryption keys via a timing discrepancy during the TLS/SSL handshake.

Π Π΅Π»ΠΈΠ·Π‘Ρ‚Π°Ρ‚ΡƒΡΠŸΡ€ΠΈΠΌΠ΅Ρ‡Π°Π½ΠΈΠ΅
devel

not-affected

6b30-1.13.1-1ubuntu1
lucid

released

6b30-1.13.1-1ubuntu2~0.10.04.1
precise

released

6b30-1.13.1-1ubuntu2~0.12.04.1
quantal

released

6b30-1.13.1-1ubuntu2~0.12.10.1
raring

ignored

end of life, was deferred
saucy

released

6b30-1.13.1-1ubuntu2~0.13.10.1
upstream

needs-triage

ΠŸΠΎΠΊΠ°Π·Ρ‹Π²Π°Ρ‚ΡŒ ΠΏΠΎ

Π Π΅Π»ΠΈΠ·Π‘Ρ‚Π°Ρ‚ΡƒΡΠŸΡ€ΠΈΠΌΠ΅Ρ‡Π°Π½ΠΈΠ΅
devel

not-affected

7u51-2.4.4-1ubuntu1
lucid

DNE

precise

released

7u51-2.4.4-0ubuntu0.12.04.2
quantal

released

7u51-2.4.4-0ubuntu0.12.10.2
raring

released

7u51-2.4.4-0ubuntu0.13.04.2
saucy

released

7u51-2.4.4-0ubuntu0.13.10.1
upstream

released

7u51-2.4.4-1

ΠŸΠΎΠΊΠ°Π·Ρ‹Π²Π°Ρ‚ΡŒ ΠΏΠΎ

Бсылки Π½Π° источники

EPSS

ΠŸΡ€ΠΎΡ†Π΅Π½Ρ‚ΠΈΠ»ΡŒ: 82%
0.01675
Низкий

4 Medium

CVSS2

БвязанныС уязвимости

redhat Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2014-0411

redhat
ΠΏΠΎΡ‡Ρ‚ΠΈ 12 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that this issue allows remote attackers to obtain sensitive information about encryption keys via a timing discrepancy during the TLS/SSL handshake.

nvd Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2014-0411

nvd
ΠΏΠΎΡ‡Ρ‚ΠΈ 12 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that this issue allows remote attackers to obtain sensitive information about encryption keys via a timing discrepancy during the TLS/SSL handshake.

debian Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2014-0411

debian
ΠΏΠΎΡ‡Ρ‚ΠΈ 12 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JR ...

github Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

GHSA-mqjj-vv82-vh6r

github
большС 3 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that this issue allows remote attackers to obtain sensitive information about encryption keys via a timing discrepancy during the TLS/SSL handshake.

fstec Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

BDU:2014-00433

fstec
ΠΏΠΎΡ‡Ρ‚ΠΈ 12 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

Π£ΡΠ·Π²ΠΈΠΌΠΎΡΡ‚ΡŒ срСдства Ρ€Π°Π·Ρ€Π°Π±ΠΎΡ‚ΠΊΠΈ ΠΏΡ€ΠΈΠ»ΠΎΠΆΠ΅Π½ΠΈΠΉ Java Development Kit, ΠΏΠΎΠ·Π²ΠΎΠ»ΡΡŽΡ‰Π°Ρ ΡƒΠ΄Π°Π»Π΅Π½Π½ΠΎΠΌΡƒ Π·Π»ΠΎΡƒΠΌΡ‹ΡˆΠ»Π΅Π½Π½ΠΈΠΊΡƒ Π½Π°Ρ€ΡƒΡˆΠΈΡ‚ΡŒ ΠΊΠΎΠ½Ρ„ΠΈΠ΄Π΅Π½Ρ†ΠΈΠ°Π»ΡŒΠ½ΠΎΡΡ‚ΡŒ ΠΈ Ρ†Π΅Π»ΠΎΡΡ‚Π½ΠΎΡΡ‚ΡŒ Π΄Π°Π½Π½Ρ‹Ρ…

EPSS

ΠŸΡ€ΠΎΡ†Π΅Π½Ρ‚ΠΈΠ»ΡŒ: 82%
0.01675
Низкий

4 Medium

CVSS2

Π£ΡΠ·Π²ΠΈΠΌΠΎΡΡ‚ΡŒ CVE-2014-0411