CVE-2014-4263

Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5, and JRockit R27.8.2 and R28.3.2, allows remote attackers to affect confidentiality and integrity via unknown vectors related to "Diffie-Hellman key agreement."
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4 UNKNOWN
NETWORK
HIGH
AV:N/AC:H/Au:N/C:P/I:P/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 90%
Affected Products (NVD)
VendorProductVersion
oraclejrockit
r27.8.2
oraclejrockit
r28.3.2
oraclejdk
1.5.0
oraclejdk
1.6.0
oraclejdk
1.7.0
oraclejdk
1.8.0
oraclejre
1.5.0
oraclejre
1.6.0
oraclejre
1.7.0
oraclejre
1.8.0
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
openjdk-6
lucid
Fixed 6b32-1.13.4-1ubuntu1~0.10.04.1
released
precise
Fixed 6b32-1.13.4-1ubuntu1~0.12.04.1
released
trusty
Fixed 6b32-1.13.4-4ubuntu0.14.04.1
released
openjdk-6b18
lucid
ignored
precise
dne
trusty
dne
openjdk-7
lucid
dne
precise
Fixed 7u65-2.5.1-4ubuntu1~0.12.04.1
released
trusty
Fixed 7u65-2.5.1-1ubuntu1~0.14.04.1
released
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
java-1_7_0-openjdk
suse enterprise sap 12 SP5
1.7.0.231-43.27.2
fixed
suse enterprise server 12 SP2
1.7.0.111-33.1
fixed
suse enterprise server 12 SP5
1.7.0.231-43.27.2
fixed
java-1_7_0-openjdk-demo
suse enterprise sap 12 SP5
1.7.0.231-43.27.2
fixed
suse enterprise server 12 SP2
1.7.0.111-33.1
fixed
suse enterprise server 12 SP5
1.7.0.231-43.27.2
fixed
java-1_7_0-openjdk-devel
suse enterprise sap 12 SP5
1.7.0.231-43.27.2
fixed
suse enterprise server 12 SP2
1.7.0.111-33.1
fixed
suse enterprise server 12 SP5
1.7.0.231-43.27.2
fixed
java-1_7_0-openjdk-headless
suse enterprise sap 12 SP5
1.7.0.231-43.27.2
fixed
suse enterprise server 12 SP2
1.7.0.111-33.1
fixed
suse enterprise server 12 SP5
1.7.0.231-43.27.2
fixed
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
java-1.5.0-ibm
RHEL 6
1:1.5.0.16.7-1jpp.1.el6_5
fixed
java-1.5.0-ibm-demo
RHEL 6
1:1.5.0.16.7-1jpp.1.el6_5
fixed
java-1.5.0-ibm-devel
RHEL 6
1:1.5.0.16.7-1jpp.1.el6_5
fixed
java-1.5.0-ibm-javacomm
RHEL 6
1:1.5.0.16.7-1jpp.1.el6_5
fixed
java-1.5.0-ibm-jdbc
RHEL 6
1:1.5.0.16.7-1jpp.1.el6_5
fixed
java-1.5.0-ibm-plugin
RHEL 6
1:1.5.0.16.7-1jpp.1.el6_5
fixed
java-1.5.0-ibm-src
RHEL 6
1:1.5.0.16.7-1jpp.1.el6_5
fixed
java-1.6.0-ibm
RHEL 6
1:1.6.0.16.1-1jpp.1.el6_5
fixed
java-1.6.0-ibm-demo
RHEL 6
1:1.6.0.16.1-1jpp.1.el6_5
fixed
java-1.6.0-ibm-devel
RHEL 6
1:1.6.0.16.1-1jpp.1.el6_5
fixed
java-1.6.0-ibm-javacomm
RHEL 6
1:1.6.0.16.1-1jpp.1.el6_5
fixed
java-1.6.0-ibm-jdbc
RHEL 6
1:1.6.0.16.1-1jpp.1.el6_5
fixed
java-1.6.0-ibm-plugin
RHEL 6
1:1.6.0.16.1-1jpp.1.el6_5
fixed
java-1.6.0-ibm-src
RHEL 6
1:1.6.0.16.1-1jpp.1.el6_5
fixed
java-1.6.0-openjdk
RHEL 6
1:1.6.0.0-6.1.13.4.el6_5
fixed
RHEL 7
1:1.6.0.0-6.1.13.4.el7_0
fixed
java-1.6.0-openjdk-demo
RHEL 6
1:1.6.0.0-6.1.13.4.el6_5
fixed
RHEL 7
1:1.6.0.0-6.1.13.4.el7_0
fixed
java-1.6.0-openjdk-devel
RHEL 6
1:1.6.0.0-6.1.13.4.el6_5
fixed
RHEL 7
1:1.6.0.0-6.1.13.4.el7_0
fixed
java-1.6.0-openjdk-javadoc
RHEL 6
1:1.6.0.0-6.1.13.4.el6_5
fixed
RHEL 7
1:1.6.0.0-6.1.13.4.el7_0
fixed
java-1.6.0-openjdk-src
RHEL 6
1:1.6.0.0-6.1.13.4.el6_5
fixed
RHEL 7
1:1.6.0.0-6.1.13.4.el7_0
fixed
java-1.7.0-ibm
RHEL 6
1:1.7.0.7.1-1jpp.1.el6_5
fixed
java-1.7.0-ibm-demo
RHEL 6
1:1.7.0.7.1-1jpp.1.el6_5
fixed
java-1.7.0-ibm-devel
RHEL 6
1:1.7.0.7.1-1jpp.1.el6_5
fixed
java-1.7.0-ibm-jdbc
RHEL 6
1:1.7.0.7.1-1jpp.1.el6_5
fixed
java-1.7.0-ibm-plugin
RHEL 6
1:1.7.0.7.1-1jpp.1.el6_5
fixed
java-1.7.0-ibm-src
RHEL 6
1:1.7.0.7.1-1jpp.1.el6_5
fixed
java-1.7.0-openjdk
RHEL 6
1:1.7.0.65-2.5.1.2.el6_5
fixed
RHEL 7
1:1.7.0.65-2.5.1.2.el7_0
fixed
java-1.7.0-openjdk-accessibility
RHEL 7
1:1.7.0.65-2.5.1.2.el7_0
fixed
java-1.7.0-openjdk-demo
RHEL 6
1:1.7.0.65-2.5.1.2.el6_5
fixed
RHEL 7
1:1.7.0.65-2.5.1.2.el7_0
fixed
java-1.7.0-openjdk-devel
RHEL 6
1:1.7.0.65-2.5.1.2.el6_5
fixed
RHEL 7
1:1.7.0.65-2.5.1.2.el7_0
fixed
java-1.7.0-openjdk-headless
RHEL 7
1:1.7.0.65-2.5.1.2.el7_0
fixed
java-1.7.0-openjdk-javadoc
RHEL 6
1:1.7.0.65-2.5.1.2.el6_5
fixed
RHEL 7
1:1.7.0.65-2.5.1.2.el7_0
fixed
java-1.7.0-openjdk-src
RHEL 6
1:1.7.0.65-2.5.1.2.el6_5
fixed
RHEL 7
1:1.7.0.65-2.5.1.2.el7_0
fixed
java-1.7.1-ibm
RHEL 7
1:1.7.1.1.1-1jpp.1.el7_0
fixed
java-1.7.1-ibm-demo
RHEL 7
1:1.7.1.1.1-1jpp.1.el7_0
fixed
java-1.7.1-ibm-devel
RHEL 7
1:1.7.1.1.1-1jpp.1.el7_0
fixed
java-1.7.1-ibm-jdbc
RHEL 7
1:1.7.1.1.1-1jpp.1.el7_0
fixed
java-1.7.1-ibm-plugin
RHEL 7
1:1.7.1.1.1-1jpp.1.el7_0
fixed
java-1.7.1-ibm-src
RHEL 7
1:1.7.1.1.1-1jpp.1.el7_0
fixed
References
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html
http://marc.info/?l=bugtraq&m=140852886808946&w=2
http://marc.info/?l=bugtraq&m=140852974709252&w=2
http://rhn.redhat.com/errata/RHSA-2015-0264.html
http://seclists.org/fulldisclosure/2014/Dec/23
http://secunia.com/advisories/58830
http://secunia.com/advisories/59404
http://secunia.com/advisories/59503
http://secunia.com/advisories/59680
http://secunia.com/advisories/59924
http://secunia.com/advisories/59985
http://secunia.com/advisories/59986
http://secunia.com/advisories/59987
http://secunia.com/advisories/60002
http://secunia.com/advisories/60031
http://secunia.com/advisories/60032
http://secunia.com/advisories/60081
http://secunia.com/advisories/60129
http://secunia.com/advisories/60180
http://secunia.com/advisories/60245
http://secunia.com/advisories/60317
http://secunia.com/advisories/60326
http://secunia.com/advisories/60335
http://secunia.com/advisories/60485
http://secunia.com/advisories/60497
http://secunia.com/advisories/60622
http://secunia.com/advisories/60812
http://secunia.com/advisories/60817
http://secunia.com/advisories/60831
http://secunia.com/advisories/60839
http://secunia.com/advisories/60846
http://secunia.com/advisories/60890
http://secunia.com/advisories/61215
http://secunia.com/advisories/61254
http://secunia.com/advisories/61264
http://secunia.com/advisories/61278
http://secunia.com/advisories/61293
http://secunia.com/advisories/61294
http://secunia.com/advisories/61469
http://secunia.com/advisories/61577
http://secunia.com/advisories/61640
http://secunia.com/advisories/61846
http://secunia.com/advisories/62314
http://secunia.com/advisories/62319
http://security.gentoo.org/glsa/glsa-201502-12.xml
http://www-01.ibm.com/support/docview.wss?uid=swg21680334
http://www-01.ibm.com/support/docview.wss?uid=swg21681379
http://www-01.ibm.com/support/docview.wss?uid=swg21681966
http://www-01.ibm.com/support/docview.wss?uid=swg21683338
http://www-01.ibm.com/support/docview.wss?uid=swg21683429
http://www-01.ibm.com/support/docview.wss?uid=swg21683438
http://www-01.ibm.com/support/docview.wss?uid=swg21683484
http://www-01.ibm.com/support/docview.wss?uid=swg21685121
http://www-01.ibm.com/support/docview.wss?uid=swg21685122
http://www-01.ibm.com/support/docview.wss?uid=swg21685178
http://www-01.ibm.com/support/docview.wss?uid=swg21685242
http://www-01.ibm.com/support/docview.wss?uid=swg21686142
http://www-01.ibm.com/support/docview.wss?uid=swg21686383
http://www-01.ibm.com/support/docview.wss?uid=swg21686824
http://www-01.ibm.com/support/docview.wss?uid=swg21688893
http://www-01.ibm.com/support/docview.wss?uid=swg21689593
http://www-01.ibm.com/support/docview.wss?uid=swg21691089
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096529
http://www.debian.org/security/2014/dsa-2980
http://www.debian.org/security/2014/dsa-2987
http://www.ibm.com/support/docview.wss?uid=swg21681644
http://www.ibm.com/support/docview.wss?uid=swg21683518
http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
http://www.securityfocus.com/archive/1/534161/100/0/threaded
http://www.securityfocus.com/bid/68636
http://www.securitytracker.com/id/1030577
http://www.vmware.com/security/advisories/VMSA-2014-0012.html
https://access.redhat.com/errata/RHSA-2014:0902
https://access.redhat.com/errata/RHSA-2014:0908
https://exchange.xforce.ibmcloud.com/vulnerabilities/94606
https://kc.mcafee.com/corporate/index?page=content&id=SB10083
https://www.ibm.com/support/docview.wss?uid=swg21680418
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html
http://marc.info/?l=bugtraq&m=140852886808946&w=2
http://marc.info/?l=bugtraq&m=140852974709252&w=2
http://rhn.redhat.com/errata/RHSA-2015-0264.html
http://seclists.org/fulldisclosure/2014/Dec/23
http://secunia.com/advisories/58830
http://secunia.com/advisories/59404
http://secunia.com/advisories/59503
http://secunia.com/advisories/59680
http://secunia.com/advisories/59924
http://secunia.com/advisories/59985
http://secunia.com/advisories/59986
http://secunia.com/advisories/59987
http://secunia.com/advisories/60002
http://secunia.com/advisories/60031
http://secunia.com/advisories/60032
http://secunia.com/advisories/60081
http://secunia.com/advisories/60129
http://secunia.com/advisories/60180
http://secunia.com/advisories/60245
http://secunia.com/advisories/60317
http://secunia.com/advisories/60326
http://secunia.com/advisories/60335
http://secunia.com/advisories/60485
http://secunia.com/advisories/60497
http://secunia.com/advisories/60622
http://secunia.com/advisories/60812
http://secunia.com/advisories/60817
http://secunia.com/advisories/60831
http://secunia.com/advisories/60839
http://secunia.com/advisories/60846
http://secunia.com/advisories/60890
http://secunia.com/advisories/61215
http://secunia.com/advisories/61254
http://secunia.com/advisories/61264
http://secunia.com/advisories/61278
http://secunia.com/advisories/61293
http://secunia.com/advisories/61294
http://secunia.com/advisories/61469
http://secunia.com/advisories/61577
http://secunia.com/advisories/61640
http://secunia.com/advisories/61846
http://secunia.com/advisories/62314
http://secunia.com/advisories/62319
http://security.gentoo.org/glsa/glsa-201502-12.xml
http://www-01.ibm.com/support/docview.wss?uid=swg21680334
http://www-01.ibm.com/support/docview.wss?uid=swg21681379
http://www-01.ibm.com/support/docview.wss?uid=swg21681966
http://www-01.ibm.com/support/docview.wss?uid=swg21683338
http://www-01.ibm.com/support/docview.wss?uid=swg21683429
http://www-01.ibm.com/support/docview.wss?uid=swg21683438
http://www-01.ibm.com/support/docview.wss?uid=swg21683484
http://www-01.ibm.com/support/docview.wss?uid=swg21685121
http://www-01.ibm.com/support/docview.wss?uid=swg21685122
http://www-01.ibm.com/support/docview.wss?uid=swg21685178
http://www-01.ibm.com/support/docview.wss?uid=swg21685242
http://www-01.ibm.com/support/docview.wss?uid=swg21686142
http://www-01.ibm.com/support/docview.wss?uid=swg21686383
http://www-01.ibm.com/support/docview.wss?uid=swg21686824
http://www-01.ibm.com/support/docview.wss?uid=swg21688893
http://www-01.ibm.com/support/docview.wss?uid=swg21689593
http://www-01.ibm.com/support/docview.wss?uid=swg21691089
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096529
http://www.debian.org/security/2014/dsa-2980
http://www.debian.org/security/2014/dsa-2987
http://www.ibm.com/support/docview.wss?uid=swg21681644
http://www.ibm.com/support/docview.wss?uid=swg21683518
http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
http://www.securityfocus.com/archive/1/534161/100/0/threaded
http://www.securityfocus.com/bid/68636
http://www.securitytracker.com/id/1030577
http://www.vmware.com/security/advisories/VMSA-2014-0012.html
https://access.redhat.com/errata/RHSA-2014:0902
https://access.redhat.com/errata/RHSA-2014:0908
https://exchange.xforce.ibmcloud.com/vulnerabilities/94606
https://kc.mcafee.com/corporate/index?page=content&id=SB10083
https://www.ibm.com/support/docview.wss?uid=swg21680418