Vulnerability Details : CVE-2014-4263
Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5, and JRockit R27.8.2 and R28.3.2, allows remote attackers to affect confidentiality and integrity via unknown vectors related to "Diffie-Hellman key agreement."
Threat overview for CVE-2014-4263
Top countries where our scanners detected CVE-2014-4263
Top open port discovered on systems with this issue
90
IPs affected by CVE-2014-4263 1,202
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2014-4263!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2014-4263
Probability of exploitation activity in the next 30 days: 0.88%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 82 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2014-4263
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
4.0
|
MEDIUM | AV:N/AC:H/Au:N/C:P/I:P/A:N |
4.9
|
4.9
|
NIST |
References for CVE-2014-4263
-
http://secunia.com/advisories/60817
Sign in
-
http://secunia.com/advisories/60002
Sign in
-
http://www-01.ibm.com/support/docview.wss?uid=swg21686383
IBM notice: The page you requested cannot be displayed
-
http://www.securitytracker.com/id/1030577
Oracle Java SE Multiple Flaws Let Remote Users Execute Arbitrary Code, Access and Modify Data, and Deny Service - SecurityTracker
-
https://access.redhat.com/errata/RHSA-2014:0908
RHSA-2014:0908 - Security Advisory - Red Hat Customer Portal
-
http://www.debian.org/security/2014/dsa-2980
Debian -- Security Information -- DSA-2980-1 openjdk-6
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/94606
Oracle Java SE and JRockit Security unspecified CVE-2014-4263 Vulnerability Report
-
http://secunia.com/advisories/60335
Sign in
-
http://www.vmware.com/security/advisories/VMSA-2014-0012.html
VMSA-2014-0012.1
-
https://access.redhat.com/errata/RHSA-2014:0902
RHSA-2014:0902 - Security Advisory - Red Hat Customer Portal
-
http://www-01.ibm.com/support/docview.wss?uid=swg21686824
IBM Security Bulletin: IBM Notes and Domino - Multiple vulnerabilities in IBM Java (Oracle July 2014 Critical Patch Update)
-
http://www-01.ibm.com/support/docview.wss?uid=swg21680334
IBM Security Bulletin: Multiple vulnerabilities in current releases of the IBM® SDK, Java™ Technology Edition
-
http://marc.info/?l=bugtraq&m=140852886808946&w=2
'[security bulletin] HPSBUX03091 SSRT101667 rev.1 - HP-UX running Java7, Remote Unauthorized Access, ' - MARC
-
http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
Oracle Critical Patch Update - July 2014Vendor Advisory
-
http://www-01.ibm.com/support/docview.wss?uid=swg21688893
IBM notice: The page you requested cannot be displayed
-
http://secunia.com/advisories/60129
Sign in
-
http://www.ibm.com/support/docview.wss?uid=swg21681644
IBM notice: The page you requested cannot be displayed
-
http://www-01.ibm.com/support/docview.wss?uid=swg21683429
IBM notice: The page you requested cannot be displayed
-
http://www-01.ibm.com/support/docview.wss?uid=swg21683338
IBM Security Bulletin: IBM InfoSphere Guardium Database Activity Monitor is affected by: CVE-2014-4263 and CVE-2014-4244
-
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00026.html
[security-announce] SUSE-SU-2015:0344-1: important: Security update for
-
http://security.gentoo.org/glsa/glsa-201502-12.xml
Oracle JRE/JDK: Multiple vulnerabilities (GLSA 201502-12) — Gentoo security
-
http://secunia.com/advisories/60031
Sign in
-
http://www-01.ibm.com/support/docview.wss?uid=swg21689593
IBM Security Bulletin: AppScan Standard can be affected by vulnerability in the current IBM SDK for Java (CVE-2014-0878, CVE-2014-4244, CVE-2014-4263)
-
http://rhn.redhat.com/errata/RHSA-2015-0264.html
RHSA-2015:0264 - Security Advisory - Red Hat Customer Portal
-
http://www-01.ibm.com/support/docview.wss?uid=swg21686142
IBM notice: The page you requested cannot be displayed
-
http://secunia.com/advisories/59924
Sign in
-
http://www-01.ibm.com/support/docview.wss?uid=swg21685178
IBM Security Bulletin: IBM Operational Decision Manager, WebSphere ILOG JRules and WebSphere Business Events: Multiple security vulnerabilities in IBM JRE (CVE-2014-4244,CVE-2014-4263)
-
http://secunia.com/advisories/59680
Sign in
-
http://secunia.com/advisories/59985
Sign in
-
https://www.ibm.com/support/docview.wss?uid=swg21680418
IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect WebSphere Application Server July 2014 CPU
-
http://seclists.org/fulldisclosure/2014/Dec/23
Full Disclosure: NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities
-
http://secunia.com/advisories/60622
Sign in
-
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html
[security-announce] SUSE-SU-2015:0392-1: important: Security update for
-
http://secunia.com/advisories/61264
Sign in
-
http://www.debian.org/security/2014/dsa-2987
Debian -- Security Information -- DSA-2987-1 openjdk-7
-
http://www-01.ibm.com/support/docview.wss?uid=swg21681966
IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affects IBM InfoSphere Information Server and IBM InfoSphere Data Click (CVE-2014-04263, CVE-2014-4244)
-
http://secunia.com/advisories/60485
Sign in
-
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096529
IBM Systems Director is affected by vulnerability in IBM Java SDK (CVE-2014-4263)
-
http://www-01.ibm.com/support/docview.wss?uid=swg21683438
IBM notice: The page you requested cannot be displayed
-
http://secunia.com/advisories/60839
Sign in
-
http://www-01.ibm.com/support/docview.wss?uid=swg21681379
IBM Security Bulletin: Multiple Vulnerabilities in IBM Java SDK affect IBM Multi-Enterprise Integration Gateway (CVE-2014-4263, CVE-2014-4244)
-
http://marc.info/?l=bugtraq&m=140852974709252&w=2
'[security bulletin] HPSBUX03092 SSRT101668 rev.1 - HP-UX running Java6, Remote Unauthorized Access, ' - MARC
-
http://www-01.ibm.com/support/docview.wss?uid=swg21683484
IBM notice: The page you requested cannot be displayed
-
http://secunia.com/advisories/59987
Sign in
-
http://www.securityfocus.com/archive/1/534161/100/0/threaded
SecurityFocus
-
http://secunia.com/advisories/60497
Sign in
-
http://secunia.com/advisories/60032
Sign in
-
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00033.html
[security-announce] SUSE-SU-2015:0376-1: important: Security update for
-
http://www.securityfocus.com/bid/68636
Oracle Java SE CVE-2014-4263 Remote Security Vulnerability
-
http://www-01.ibm.com/support/docview.wss?uid=swg21685121
IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Rational Performance Tester (CVE-2014-4244, CVE-2014-4263)
-
http://www.ibm.com/support/docview.wss?uid=swg21683518
IBM notice: The page you requested cannot be displayed
-
http://secunia.com/advisories/59986
Sign in
-
http://www-01.ibm.com/support/docview.wss?uid=swg21685122
IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Rational Service Tester (CVE-2014-4244, CVE-2014-4263)
-
http://secunia.com/advisories/59404
Sign in
-
http://secunia.com/advisories/60812
Sign in
-
http://secunia.com/advisories/61254
Sign in
- https://kc.mcafee.com/corporate/index?page=content&id=SB10083
-
http://www-01.ibm.com/support/docview.wss?uid=swg21691089
IBM notice: The page you requested cannot be displayed
-
http://www-01.ibm.com/support/docview.wss?uid=swg21685242
IBM notice: The page you requested cannot be displayed
Products affected by CVE-2014-4263
- cpe:2.3:a:oracle:jrockit:r27.8.2:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:jrockit:r28.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update60:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.8.0:update5:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.5.0:update65:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.6.0:update75:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update60:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.5.0:update65:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.6.0:update75:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.8.0:update5:*:*:*:*:*:*