CVE Reference: CVE-2014-0411

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2014-0411

Description:
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that this issue allows remote attackers to obtain sensitive information about encryption keys via a timing discrepancy during the TLS/SSL handshake.

CVE Status:
Candidate

References:

XF
  http://xforce.iss.net/xforce/xfdb/90357

UBUNTU
  http://www.ubuntu.com/usn/USN-2089-1
  http://www.ubuntu.com/usn/USN-2124-1

SUSE
  http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00024.html
  http://lists.opensuse.org/opensuse-updates/2014-02/msg00000.html
  http://lists.opensuse.org/opensuse-updates/2014-01/msg00107.html
  http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00012.html
  http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00009.html
  http://lists.opensuse.org/opensuse-updates/2014-01/msg00105.html

ST
  1029608

SAID
  Secunia Advisory: SA56432
  Secunia Advisory: SA56485
  Secunia Advisory: SA56486
  Secunia Advisory: SA56487
  Secunia Advisory: SA56535
  Secunia Advisory: SA59071
  Secunia Advisory: SA59082
  Secunia Advisory: SA59254
  Secunia Advisory: SA59251
  Secunia Advisory: SA59704
  Secunia Advisory: SA57809
  Secunia Advisory: SA59037
  Secunia Advisory: SA59665
  Secunia Advisory: SA59872
  Secunia Advisory: SA60005
  Secunia Advisory: SA60498

REDHAT
  http://rhn.redhat.com/errata/RHSA-2014-0135.html
  http://rhn.redhat.com/errata/RHSA-2014-0134.html
  http://rhn.redhat.com/errata/RHSA-2014-0030.html
  http://rhn.redhat.com/errata/RHSA-2014-0136.html
  http://rhn.redhat.com/errata/RHSA-2014-0097.html
  http://rhn.redhat.com/errata/RHSA-2014-0027.html
  http://rhn.redhat.com/errata/RHSA-2014-0026.html

OSVDB
  102028

HP
  http://marc.info/?l=bugtraq&m=139402749111889&w=2
  http://marc.info/?l=bugtraq&m=139402697611681&w=2

CONFIRM
  http://www-01.ibm.com/support/docview.wss?uid=swg21680387
  http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096132
  http://www-01.ibm.com/support/docview.wss?uid=swg21680234
  http://www.ibm.com/support/docview.wss?uid=ssg1S1004745
  http://www-01.ibm.com/support/docview.wss?uid=swg21675938
  http://www-01.ibm.com/support/docview.wss?uid=swg21669519
  http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004656
  http://www.ibm.com/support/docview.wss?uid=swg21672078
  http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/d533e96c7acc
  http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html

BID
  64758
  64918


Return to the previous page.