漏洞信息详情
Oracle Java SE和JRockit 安全漏洞
- CNNVD编号:CNNVD-201407-458
- 危害等级: 中危
- CVE编号: CVE-2014-4263
- 漏洞类型: 其他
- 发布时间: 2014-07-21
- 威胁类型: 远程
- 更新时间: 2020-10-23
- 厂 商: oracle
- 漏洞来源:
漏洞简介
Oracle Java SE和JRockit都是美国甲骨文(Oracle)公司的产品。Java SE(Java 平台标准版)用于开发和部署桌面、服务器以及嵌入设备和实时环境中的Java应用程序。JRockit是一款内置于Oracle融合中间件中的Java虚拟机。
Oracle Java SE的Oracle Java SE和JRockit组件中的Security子组件存在安全漏洞。远程攻击者可利用该漏洞读取、更新、插入或删除数据,影响数据的保密性和完整性。以下产品及版本受到影响:Oracle Java SE 5.0u65,6u75,7u60,8u5;JRockit R27.8.2,R28.3.2。
漏洞公告
目前厂商已经发布了升级补丁以修复此安全问题,补丁获取链接:
http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.HTML
参考网址
来源:BUGTRAQ
链接:http://www.securityfocus.com/archive/1/534161/100/0/threaded
来源:CONFIRM
链接:https://www.ibm.com/support/docview.wss?uid=swg21681644
来源:CONFIRM
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21680334
来源:REDHAT
链接:http://rhn.redhat.com/errata/RHSA-2015-0264.HTML
来源:CONFIRM
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21683484
来源:CONFIRM
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21688893
来源:REDHAT
链接:https://access.redhat.com/errata/RHSA-2014:0902
来源:REDHAT
链接:https://access.redhat.com/errata/RHSA-2014:0908
来源:SECUNIA
链接:http://secunia.com/advisories/60245
来源:HP
链接:http://marc.info/?l=bugtraq&m=140852886808946&w=2
来源:SECUNIA
链接:http://secunia.com/advisories/60846
来源:SECUNIA
链接:http://secunia.com/advisories/61577
来源:SECUNIA
链接:http://secunia.com/advisories/60129
来源:SECUNIA
链接:http://secunia.com/advisories/61215
来源:SECUNIA
链接:http://secunia.com/advisories/60326
来源:HP
链接:http://marc.info/?l=bugtraq&m=140852974709252&w=2
来源:SECUNIA
链接:http://secunia.com/advisories/61254
来源:SECUNIA
链接:http://secunia.com/advisories/60002
来源:SECUNIA
链接:http://secunia.com/advisories/61293
来源:SECUNIA
链接:http://secunia.com/advisories/60485
来源:SECUNIA
链接:http://secunia.com/advisories/61294
来源:CONFIRM
链接:https://kc.mcafee.com/corporate/index?page=content&id=SB10083
来源:SECUNIA
链接:http://secunia.com/advisories/60180
来源:CONFIRM
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21683338
来源:SECUNIA
链接:http://secunia.com/advisories/60817
来源:XF
链接:https://exchange.xforce.ibmcloud.com/vulnerabilities/94606
来源:CONFIRM
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21689593
来源:FULLDISC
链接:http://seclists.org/fulldisclosure/2014/Dec/23
来源:SECUNIA
链接:http://secunia.com/advisories/59985
来源:SECUNIA
链接:http://secunia.com/advisories/60335
来源:GENTOO
链接:http://security.gentoo.org/glsa/glsa-201502-12.xml
来源:SUSE
链接:http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.HTML
来源:SECUNIA
链接:http://secunia.com/advisories/59503
来源:SECUNIA
链接:http://secunia.com/advisories/59987
来源:SECUNIA
链接:http://secunia.com/advisories/62319
来源:SECUNIA
链接:http://secunia.com/advisories/59986
来源:SECUNIA
链接:http://secunia.com/advisories/60812
来源:SECUNIA
链接:http://secunia.com/advisories/62314
来源:CONFIRM
链接:https://www.vmware.com/security/advisories/VMSA-2014-0012.HTML
来源:SECUNIA
链接:http://secunia.com/advisories/61469
来源:SECUNIA
链接:http://secunia.com/advisories/61264
来源:SECUNIA
链接:http://secunia.com/advisories/60497
来源:SECUNIA
链接:http://secunia.com/advisories/60890
来源:SECUNIA
链接:http://secunia.com/advisories/59680
来源:CONFIRM
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21685122
来源:CONFIRM
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21685121
来源:CONFIRM
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21685242
来源:SECUNIA
链接:http://secunia.com/advisories/60622
来源:BID
链接:https://www.securityfocus.com/bid/68636
来源:DEBIAN
链接:https://www.debian.org/security/2014/dsa-2980
来源:CONFIRM
链接:http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.HTML
来源:CONFIRM
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21681966
来源:SECUNIA
链接:http://secunia.com/advisories/61278
来源:CONFIRM
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21683429
来源:CONFIRM
链接:https://www.ibm.com/support/docview.wss?uid=swg21680418
来源:CONFIRM
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21691089
来源:DEBIAN
链接:https://www.debian.org/security/2014/dsa-2987
来源:SECUNIA
链接:http://secunia.com/advisories/60081
来源:CONFIRM
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21686824
来源:CONFIRM
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21681379
来源:SECTRACK
链接:http://www.securitytracker.com/id/1030577
来源:SECUNIA
链接:http://secunia.com/advisories/60839
来源:CONFIRM
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21686383
来源:CONFIRM
链接:http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096529
来源:CONFIRM
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21686142
来源:CONFIRM
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21685178
来源:SECUNIA
链接:http://secunia.com/advisories/58830
来源:SECUNIA
链接:http://secunia.com/advisories/60831
来源:SECUNIA
链接:http://secunia.com/advisories/59404
来源:SECUNIA
链接:http://secunia.com/advisories/61846
来源:SUSE
链接:http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.HTML
来源:SECUNIA
链接:http://secunia.com/advisories/60317
来源:SUSE
链接:http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.HTML
来源:SECUNIA
链接:http://secunia.com/advisories/59924
来源:SECUNIA
链接:http://secunia.com/advisories/60031
来源:CONFIRM
链接:http://www-01.ibm.com/support/docview.wss?uid=swg21683438
来源:SECUNIA
链接:http://secunia.com/advisories/61640
来源:CONFIRM
链接:https://www.ibm.com/support/docview.wss?uid=swg21683518
来源:SECUNIA
链接:http://secunia.com/advisories/60032
受影响实体
- Oracle Jre:1.7.0:Update_60
- Oracle Jre:1.8.0:Update_5
- Oracle Jre:1.6.0:Update_75
- Oracle Jre:1.5.0:Update_65
- Oracle Jdk:1.8.0:Update_5
补丁
- jdk-7u65-linux-x64
- jdk-8-windows-x64
- jdk-7u65-macosx-x64
- jdk-8u11-linux-x64
- jdk-7u65-windows-x64
评论