Executive Summary

Informations
Name CVE-2014-0878 First vendor Publication 2014-05-26
Vendor Cve Last vendor Modification 2017-08-29

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:N)
Cvss Base Score 5.8 Attack Range Network
Cvss Impact Score 4.9 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

The IBMSecureRandom component in the IBMJCE and IBMSecureRandom cryptographic providers in IBM SDK Java Technology Edition 5.0 before Service Refresh 16 FP6, 6 before Service Refresh 16, 6.0.1 before Service Refresh 8, 7 before Service Refresh 7, and 7R1 before Service Refresh 1 makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms by predicting the random number generator's output.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0878

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-310 Cryptographic Issues

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:25167
 
Oval ID: oval:org.mitre.oval:def:25167
Title: SUSE-SU-2014:0733-1 -- Security update for IBM Java 7
Description: IBM Java 7 was updated to version SR7, which received security and bug fixes.
Family: unix Class: patch
Reference(s): SUSE-SU-2014:0733-1
CVE-2013-6629
CVE-2013-6954
CVE-2014-0429
CVE-2014-0446
CVE-2014-0448
CVE-2014-0449
CVE-2014-0451
CVE-2014-0452
CVE-2014-0457
CVE-2014-0458
CVE-2014-0459
CVE-2014-0460
CVE-2014-0461
CVE-2014-1876
CVE-2014-2398
CVE-2014-2401
CVE-2014-2402
CVE-2014-2409
CVE-2014-2412
CVE-2014-2414
CVE-2014-2420
CVE-2014-2421
CVE-2014-2423
CVE-2014-2427
CVE-2014-2428
CVE-2014-0455
CVE-2014-0428
CVE-2014-0453
CVE-2014-0454
CVE-2014-0878
Version: 3
Platform(s): SUSE Linux Enterprise Server 11
Product(s): IBM Java 7
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25310
 
Oval ID: oval:org.mitre.oval:def:25310
Title: SUSE-SU-2014:0733-2 -- Security update for IBM Java 7
Description: IBM Java 7 was updated to version SR7, which received security and bug fixes.
Family: unix Class: patch
Reference(s): SUSE-SU-2014:0733-2
CVE-2013-6629
CVE-2013-6954
CVE-2014-0429
CVE-2014-0446
CVE-2014-0448
CVE-2014-0449
CVE-2014-0451
CVE-2014-0452
CVE-2014-0457
CVE-2014-0458
CVE-2014-0459
CVE-2014-0460
CVE-2014-0461
CVE-2014-1876
CVE-2014-2398
CVE-2014-2401
CVE-2014-2402
CVE-2014-2409
CVE-2014-2412
CVE-2014-2414
CVE-2014-2420
CVE-2014-2421
CVE-2014-2423
CVE-2014-2427
CVE-2014-2428
CVE-2014-0455
CVE-2014-0428
CVE-2014-0453
CVE-2014-0454
CVE-2014-0878
Version: 3
Platform(s): SUSE Linux Enterprise Server 11
Product(s): IBM Java 7
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25385
 
Oval ID: oval:org.mitre.oval:def:25385
Title: SUSE-SU-2014:0728-2 -- Security update for IBM Java 6
Description: IBM Java 6 was updated to version 6 SR16 to fix several security issues and various other bugs.
Family: unix Class: patch
Reference(s): SUSE-SU-2014:0728-2
CVE-2013-6629
CVE-2013-6954
CVE-2014-0429
CVE-2014-0446
CVE-2014-0449
CVE-2014-0451
CVE-2014-0452
CVE-2014-0457
CVE-2014-0458
CVE-2014-0459
CVE-2014-0460
CVE-2014-0461
CVE-2014-1876
CVE-2014-2398
CVE-2014-2401
CVE-2014-2409
CVE-2014-2412
CVE-2014-2414
CVE-2014-2420
CVE-2014-2421
CVE-2014-2423
CVE-2014-2427
CVE-2014-2428
CVE-2014-0428
CVE-2014-0453
CVE-2014-0878
Version: 3
Platform(s): SUSE Linux Enterprise Server 11
SUSE Linux Enterprise Server 10
Product(s): IBM Java 6
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25410
 
Oval ID: oval:org.mitre.oval:def:25410
Title: SUSE-SU-2014:0732-1 -- Security update for IBM Java 5
Description: IBM Java 5 was updated to SR 16 FP 6 to fix several bugs and security issues.
Family: unix Class: patch
Reference(s): SUSE-SU-2014:0732-1
CVE-2013-6629
CVE-2014-0429
CVE-2014-0446
CVE-2014-0451
CVE-2014-0457
CVE-2014-0460
CVE-2014-1876
CVE-2014-2398
CVE-2014-2401
CVE-2014-2412
CVE-2014-2421
CVE-2014-2427
CVE-2014-0453
CVE-2014-0878
Version: 3
Platform(s): SUSE Linux Enterprise Server 10
Product(s): IBM Java 5
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:25419
 
Oval ID: oval:org.mitre.oval:def:25419
Title: SUSE-SU-2014:0728-3 -- Security update for IBM Java 6
Description: BM Java 6 was updated to version 6 SR16 to fix several security issues and various other bugs.
Family: unix Class: patch
Reference(s): SUSE-SU-2014:0728-3
CVE-2013-6629
CVE-2013-6954
CVE-2014-0429
CVE-2014-0446
CVE-2014-0449
CVE-2014-0451
CVE-2014-0452
CVE-2014-0457
CVE-2014-0458
CVE-2014-0459
CVE-2014-0460
CVE-2014-0461
CVE-2014-1876
CVE-2014-2398
CVE-2014-2401
CVE-2014-2409
CVE-2014-2412
CVE-2014-2414
CVE-2014-2420
CVE-2014-2421
CVE-2014-2423
CVE-2014-2427
CVE-2014-2428
CVE-2014-0428
CVE-2014-0453
CVE-2014-0878
Version: 3
Platform(s): SUSE Linux Enterprise Server 11
Product(s): IBM Java 6
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 53

Nessus® Vulnerability Scanner

Date Description
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2014-0732-1.nasl - Type : ACT_GATHER_INFO
2014-11-08 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0982.nasl - Type : ACT_GATHER_INFO
2014-08-04 Name : The remote application server is affected by multiple vulnerabilities.
File : websphere_8_0_0_9.nasl - Type : ACT_GATHER_INFO
2014-08-01 Name : The remote application server is affected by multiple vulnerabilities.
File : websphere_7_0_0_33.nasl - Type : ACT_GATHER_INFO
2014-07-30 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0705.nasl - Type : ACT_GATHER_INFO
2014-07-28 Name : The remote AIX host has a version of Java SDK installed that is potentially a...
File : aix_java_apr2014_advisory.nasl - Type : ACT_GATHER_INFO
2014-06-03 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_java-1_6_0-ibm-140514.nasl - Type : ACT_GATHER_INFO
2014-06-01 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_java-1_7_0-ibm-140515.nasl - Type : ACT_GATHER_INFO
2014-05-16 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0508.nasl - Type : ACT_GATHER_INFO
2014-05-16 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0509.nasl - Type : ACT_GATHER_INFO
2014-05-14 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-0486.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

Source Url
BID http://www.securityfocus.com/bid/67601
CONFIRM http://www-01.ibm.com/support/docview.wss?uid=swg21672043
http://www-01.ibm.com/support/docview.wss?uid=swg21673836
http://www-01.ibm.com/support/docview.wss?uid=swg21674539
http://www-01.ibm.com/support/docview.wss?uid=swg21676672
http://www-01.ibm.com/support/docview.wss?uid=swg21676703
http://www-01.ibm.com/support/docview.wss?uid=swg21676746
http://www-01.ibm.com/support/docview.wss?uid=swg21679610
http://www-01.ibm.com/support/docview.wss?uid=swg21679713
http://www-01.ibm.com/support/docview.wss?uid=swg21680750
http://www-01.ibm.com/support/docview.wss?uid=swg21681256
http://www-01.ibm.com/support/docview.wss?uid=swg21683484
http://www-01.ibm.com/support/docview.wss?uid=swg21686717
http://www-01.ibm.com/support/docview.wss?uid=swg21689593
http://www.ibm.com/support/docview.wss?uid=swg21675343
http://www.ibm.com/support/docview.wss?uid=swg21675588
http://www.ibm.com/support/docview.wss?uid=swg21677387
SECUNIA http://secunia.com/advisories/59022
http://secunia.com/advisories/59023
http://secunia.com/advisories/59058
http://secunia.com/advisories/61264
XF https://exchange.xforce.ibmcloud.com/vulnerabilities/91084

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
Date Informations
2020-05-23 00:39:42
  • Multiple Updates
2017-08-29 09:24:26
  • Multiple Updates
2017-01-07 09:25:20
  • Multiple Updates
2016-04-28 13:28:16
  • Multiple Updates
2016-04-27 00:10:22
  • Multiple Updates
2016-04-26 13:27:45
  • Multiple Updates
2015-05-21 13:31:09
  • Multiple Updates
2015-01-03 09:23:35
  • Multiple Updates
2014-12-24 09:23:22
  • Multiple Updates
2014-11-19 09:23:05
  • Multiple Updates
2014-11-08 13:31:38
  • Multiple Updates
2014-09-04 13:25:22
  • Multiple Updates
2014-08-05 13:25:50
  • Multiple Updates
2014-08-02 13:24:17
  • Multiple Updates
2014-07-31 13:25:12
  • Multiple Updates
2014-07-29 13:25:38
  • Multiple Updates
2014-07-17 09:22:29
  • Multiple Updates
2014-06-21 09:25:16
  • Multiple Updates
2014-06-04 13:23:55
  • Multiple Updates
2014-06-02 13:24:07
  • Multiple Updates
2014-05-28 00:20:34
  • Multiple Updates
2014-05-27 00:20:26
  • First insertion