CVE-2014-0411

N/A Unknown
Published: January 15, 2014 Modified: April 29, 2026
View on NVD

Description

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that this issue allows remote attackers to obtain sensitive information about encryption keys via a timing discrepancy during the TLS/SSL handshake.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/d533e96c7acc
Source: secalert_us@oracle.com
http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00009.html
Source: secalert_us@oracle.com
http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00012.html
Source: secalert_us@oracle.com
http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00024.html
Source: secalert_us@oracle.com
http://lists.opensuse.org/opensuse-updates/2014-01/msg00105.html
Source: secalert_us@oracle.com
http://lists.opensuse.org/opensuse-updates/2014-01/msg00107.html
Source: secalert_us@oracle.com
http://lists.opensuse.org/opensuse-updates/2014-02/msg00000.html
Source: secalert_us@oracle.com
http://marc.info/?l=bugtraq&m=139402697611681&w=2
Source: secalert_us@oracle.com
http://marc.info/?l=bugtraq&m=139402749111889&w=2
Source: secalert_us@oracle.com
http://osvdb.org/102028
Source: secalert_us@oracle.com
http://rhn.redhat.com/errata/RHSA-2014-0026.html
Source: secalert_us@oracle.com
http://rhn.redhat.com/errata/RHSA-2014-0027.html
Source: secalert_us@oracle.com
http://rhn.redhat.com/errata/RHSA-2014-0030.html
Source: secalert_us@oracle.com
http://rhn.redhat.com/errata/RHSA-2014-0097.html
Source: secalert_us@oracle.com
http://rhn.redhat.com/errata/RHSA-2014-0134.html
Source: secalert_us@oracle.com
http://rhn.redhat.com/errata/RHSA-2014-0135.html
Source: secalert_us@oracle.com
http://rhn.redhat.com/errata/RHSA-2014-0136.html
Source: secalert_us@oracle.com
http://secunia.com/advisories/56432
Source: secalert_us@oracle.com
http://secunia.com/advisories/56485
Source: secalert_us@oracle.com
http://secunia.com/advisories/56486
Source: secalert_us@oracle.com
http://secunia.com/advisories/56487
Source: secalert_us@oracle.com
http://secunia.com/advisories/56535
Source: secalert_us@oracle.com
http://secunia.com/advisories/57809
Source: secalert_us@oracle.com
http://secunia.com/advisories/59037
Source: secalert_us@oracle.com
http://secunia.com/advisories/59071
Source: secalert_us@oracle.com
http://secunia.com/advisories/59082
Source: secalert_us@oracle.com
http://secunia.com/advisories/59194
Source: secalert_us@oracle.com
http://secunia.com/advisories/59235
Source: secalert_us@oracle.com
http://secunia.com/advisories/59251
Source: secalert_us@oracle.com
http://secunia.com/advisories/59254
Source: secalert_us@oracle.com
http://secunia.com/advisories/59283
Source: secalert_us@oracle.com
http://secunia.com/advisories/59324
Source: secalert_us@oracle.com
http://secunia.com/advisories/59339
Source: secalert_us@oracle.com
http://secunia.com/advisories/59665
Source: secalert_us@oracle.com
http://secunia.com/advisories/59704
Source: secalert_us@oracle.com
http://secunia.com/advisories/59705
Source: secalert_us@oracle.com
http://secunia.com/advisories/59872
Source: secalert_us@oracle.com
http://secunia.com/advisories/60005
Source: secalert_us@oracle.com
http://secunia.com/advisories/60498
Source: secalert_us@oracle.com
http://secunia.com/advisories/60833
Source: secalert_us@oracle.com
http://secunia.com/advisories/60835
Source: secalert_us@oracle.com
http://secunia.com/advisories/60836
Source: secalert_us@oracle.com
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004656
Source: secalert_us@oracle.com
http://www-01.ibm.com/support/docview.wss?uid=swg21669519
Source: secalert_us@oracle.com
http://www-01.ibm.com/support/docview.wss?uid=swg21675938
Source: secalert_us@oracle.com
http://www-01.ibm.com/support/docview.wss?uid=swg21676190
Source: secalert_us@oracle.com
http://www-01.ibm.com/support/docview.wss?uid=swg21676373
Source: secalert_us@oracle.com
http://www-01.ibm.com/support/docview.wss?uid=swg21676978
Source: secalert_us@oracle.com
http://www-01.ibm.com/support/docview.wss?uid=swg21677388
Source: secalert_us@oracle.com
http://www-01.ibm.com/support/docview.wss?uid=swg21680234
Source: secalert_us@oracle.com
http://www-01.ibm.com/support/docview.wss?uid=swg21680387
Source: secalert_us@oracle.com
http://www-01.ibm.com/support/docview.wss?uid=swg21682668
Source: secalert_us@oracle.com
http://www-01.ibm.com/support/docview.wss?uid=swg21682669
Source: secalert_us@oracle.com
http://www-01.ibm.com/support/docview.wss?uid=swg21682670
Source: secalert_us@oracle.com
http://www-01.ibm.com/support/docview.wss?uid=swg21682671
Source: secalert_us@oracle.com
http://www-01.ibm.com/support/docview.wss?uid=swg21682904
Source: secalert_us@oracle.com
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096132
Source: secalert_us@oracle.com
http://www.ibm.com/support/docview.wss?uid=ssg1S1004745
Source: secalert_us@oracle.com
http://www.ibm.com/support/docview.wss?uid=swg21672078
Source: secalert_us@oracle.com
http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
Source: secalert_us@oracle.com
Vendor Advisory
http://www.securityfocus.com/bid/64758
Source: secalert_us@oracle.com
http://www.securityfocus.com/bid/64918
Source: secalert_us@oracle.com
http://www.securitytracker.com/id/1029608
Source: secalert_us@oracle.com
http://www.ubuntu.com/usn/USN-2089-1
Source: secalert_us@oracle.com
http://www.ubuntu.com/usn/USN-2124-1
Source: secalert_us@oracle.com
https://access.redhat.com/errata/RHSA-2014:0414
Source: secalert_us@oracle.com
https://bugzilla.redhat.com/show_bug.cgi?id=1053010
Source: secalert_us@oracle.com
https://exchange.xforce.ibmcloud.com/vulnerabilities/90357
Source: secalert_us@oracle.com
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777
Source: secalert_us@oracle.com
https://www.ibm.com/support/docview.wss?uid=swg21675223
Source: secalert_us@oracle.com
https://www.ibm.com/support/docview.wss?uid=swg21677913
Source: secalert_us@oracle.com
http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/d533e96c7acc
Source: af854a3a-2127-422b-91ae-364da2661108
http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00009.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00012.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00024.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://lists.opensuse.org/opensuse-updates/2014-01/msg00105.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://lists.opensuse.org/opensuse-updates/2014-01/msg00107.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://lists.opensuse.org/opensuse-updates/2014-02/msg00000.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://marc.info/?l=bugtraq&m=139402697611681&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
http://marc.info/?l=bugtraq&m=139402749111889&w=2
Source: af854a3a-2127-422b-91ae-364da2661108
http://osvdb.org/102028
Source: af854a3a-2127-422b-91ae-364da2661108
http://rhn.redhat.com/errata/RHSA-2014-0026.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://rhn.redhat.com/errata/RHSA-2014-0027.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://rhn.redhat.com/errata/RHSA-2014-0030.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://rhn.redhat.com/errata/RHSA-2014-0097.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://rhn.redhat.com/errata/RHSA-2014-0134.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://rhn.redhat.com/errata/RHSA-2014-0135.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://rhn.redhat.com/errata/RHSA-2014-0136.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/56432
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/56485
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/56486
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/56487
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/56535
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/57809
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/59037
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/59071
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/59082
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/59194
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/59235
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/59251
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/59254
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/59283
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/59324
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/59339
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/59665
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/59704
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/59705
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/59872
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/60005
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/60498
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/60833
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/60835
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/60836
Source: af854a3a-2127-422b-91ae-364da2661108
http://www-01.ibm.com/support/docview.wss?uid=ssg1S1004656
Source: af854a3a-2127-422b-91ae-364da2661108
http://www-01.ibm.com/support/docview.wss?uid=swg21669519
Source: af854a3a-2127-422b-91ae-364da2661108
http://www-01.ibm.com/support/docview.wss?uid=swg21675938
Source: af854a3a-2127-422b-91ae-364da2661108
http://www-01.ibm.com/support/docview.wss?uid=swg21676190
Source: af854a3a-2127-422b-91ae-364da2661108
http://www-01.ibm.com/support/docview.wss?uid=swg21676373
Source: af854a3a-2127-422b-91ae-364da2661108
http://www-01.ibm.com/support/docview.wss?uid=swg21676978
Source: af854a3a-2127-422b-91ae-364da2661108
http://www-01.ibm.com/support/docview.wss?uid=swg21677388
Source: af854a3a-2127-422b-91ae-364da2661108
http://www-01.ibm.com/support/docview.wss?uid=swg21680234
Source: af854a3a-2127-422b-91ae-364da2661108
http://www-01.ibm.com/support/docview.wss?uid=swg21680387
Source: af854a3a-2127-422b-91ae-364da2661108
http://www-01.ibm.com/support/docview.wss?uid=swg21682668
Source: af854a3a-2127-422b-91ae-364da2661108
http://www-01.ibm.com/support/docview.wss?uid=swg21682669
Source: af854a3a-2127-422b-91ae-364da2661108
http://www-01.ibm.com/support/docview.wss?uid=swg21682670
Source: af854a3a-2127-422b-91ae-364da2661108
http://www-01.ibm.com/support/docview.wss?uid=swg21682671
Source: af854a3a-2127-422b-91ae-364da2661108
http://www-01.ibm.com/support/docview.wss?uid=swg21682904
Source: af854a3a-2127-422b-91ae-364da2661108
http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5096132
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.ibm.com/support/docview.wss?uid=ssg1S1004745
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.ibm.com/support/docview.wss?uid=swg21672078
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.securityfocus.com/bid/64758
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/64918
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securitytracker.com/id/1029608
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.ubuntu.com/usn/USN-2089-1
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.ubuntu.com/usn/USN-2124-1
Source: af854a3a-2127-422b-91ae-364da2661108
https://access.redhat.com/errata/RHSA-2014:0414
Source: af854a3a-2127-422b-91ae-364da2661108
https://bugzilla.redhat.com/show_bug.cgi?id=1053010
Source: af854a3a-2127-422b-91ae-364da2661108
https://exchange.xforce.ibmcloud.com/vulnerabilities/90357
Source: af854a3a-2127-422b-91ae-364da2661108
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777
Source: af854a3a-2127-422b-91ae-364da2661108
https://www.ibm.com/support/docview.wss?uid=swg21675223
Source: af854a3a-2127-422b-91ae-364da2661108
https://www.ibm.com/support/docview.wss?uid=swg21677913
Source: af854a3a-2127-422b-91ae-364da2661108

142 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
1.4%
80th percentile
Exploitation Status
Not in CISA KEV

Affected Vendors

oracle