CVE-2014-4288 — Race Condition in Oracle JDK
Severity
9.3CRITICALNVD
NVD7.6CNA7.6
EPSS
6.9%
top 8.55%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedOct 15
Latest updateMay 13
Description
Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2014-6493, CVE-2014-6503, and CVE-2014-6532.
CVSS vector
AV:N/AC:H/C:C/I:C/A:CExploitability: 4.9 | Impact: 10.0
Affected Packages2 packages
Patches
🔴Vulnerability Details
8GHSA▶
GHSA-jvx7-35cg-w97r: Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality, integrity, and availability via un↗2022-05-13
GHSA▶
GHSA-x9c3-pfjg-6f43: Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality, integrity, and availability via un↗2022-05-13
GHSA▶
GHSA-wqrv-8v5g-pgqj: Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality, integrity, and availability via un↗2022-05-13
GHSA▶
GHSA-9x5w-fgxg-c345: Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality, integrity, and availability via un↗2022-05-13
CVEList▶
CVE-2014-4288: Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality, integrity, and availability via un↗2014-10-15
📋Vendor Advisories
9💬Community
1Bugzilla▶
CVE-2014-4288 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment)↗2014-10-14