Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
0

CVE-2014-1876

Disclosure Date: February 10, 2014
CVE-2014-1876
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

The unpacker::redirect_stdio function in unpack.cpp in unpack200 in OpenJDK 6, 7, and 8; Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 does not securely create temporary files when a log file cannot be opened, which allows local users to overwrite arbitrary files via a symlink attack on /tmp/unpack.log.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics
Base Score:
None
Impact Score:
Unknown
Exploitability Score:
Unknown
Vector:
Unknown
Attack Vector (AV):
Unknown
Attack Complexity (AC):
Unknown
Privileges Required (PR):
Unknown
User Interaction (UI):
Unknown
Scope (S):
Unknown
Confidentiality (C):
Unknown
Integrity (I):
Unknown
Availability (A):
Unknown

General Information

Offensive Application
Unknown
Utility Class
Unknown
Ports
Unknown
OS
Unknown
Vulnerable Versions
n/a
Prerequisites
Unknown
Discovered By
Unknown
PoC Author
Unknown
Metasploit Module
Unknown
Reporter
Unknown

References

Canonical
CVE-2014-1876 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1876)
BID-65568 (http://www.securityfocus.com/bid/65568)
Advisory
USN-2187-1 (http://www.ubuntu.com/usn/USN-2187-1)
http://rhn.redhat.com/errata/RHSA-2014-0675.html
https://access.redhat.com/errata/RHSA-2014:0414
GLSA-201406-32 (http://security.gentoo.org/glsa/glsa-201406-32.xml)
USN-2191-1 (http://www.ubuntu.com/usn/USN-2191-1)
HPSBUX03091 (http://marc.info?l=bugtraq&m=140852886808946&w=2)
http://www-01.ibm.com/support/docview.wss?uid=swg21672080
https://access.redhat.com/errata/RHSA-2014:0413
SECUNIA-59058 (http://secunia.com/advisories/59058)
HPSBUX03092 (http://marc.info?l=bugtraq&m=140852974709252&w=2)
http://rhn.redhat.com/errata/RHSA-2014-0685.html
DSA-2912 (http://www.debian.org/security/2014/dsa-2912)
http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html
SECUNIA-58415 (http://secunia.com/advisories/58415)
[oss-security] 20140207 Re: CVE request and heads-up on insecure temp file handling in unpack200 (OpenJDK, Oracle Java) (http://seclists.org/oss-sec/2014/q1/285)
http://www-01.ibm.com/support/docview.wss?uid=swg21676746
[oss-security] 20140203 CVE request and heads-up on insecure temp file handling in unpack200 (OpenJDK, Oracle Java) (http://seclists.org/oss-sec/2014/q1/242)
http://www-01.ibm.com/support/docview.wss?uid=swg21679713
OSVDB-102808 (http://osvdb.org/102808)
Miscellaneous
https://bugzilla.redhat.com/show_bug.cgi?id=1060907
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737562

Additional Info

Authenticated
Unknown
Exploitable
Unknown
Reliability
Unknown
Stability
Unknown
Available Mitigations
Unknown
Shelf Life
Unknown
Userbase/Installbase
Unknown
Patch Effectiveness
Unknown
Technical Analysis