CVEs-PoC/2014/CVE-2014-0422.md at 9822fb37735000bda8766c00a6155fb6da059fd1

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-11 16:47:12 +02:00

Files

T

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

Description

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JNDI. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to missing package access checks in the Naming / JNDI component, which allows attackers to escape the sandbox.

POC

Reference

http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
http://www.ubuntu.com/usn/USN-2089-1
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777

Github

https://github.com/ARPSyndicate/cve-scores

1.1 KiB Raw Blame History

CVE-2014-0422

Description

POC

Reference

Github

1.1 KiB

Raw Blame History