CVE-2014-1876

OpenJDK/Oracle Java - Local Privilege Escalation

Title source: llm

Description

The unpacker::redirect_stdio function in unpack.cpp in unpack200 in OpenJDK 6, 7, and 8; Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 does not securely create temporary files when a log file cannot be opened, which allows local users to overwrite arbitrary files via a symlink attack on /tmp/unpack.log.

References (22)

Core 22

Core References

Vendor Advisory vendor-advisory x_refsource_ubuntu

http://www.ubuntu.com/usn/USN-2187-1

Vendor Advisory vendor-advisory x_refsource_redhat

http://rhn.redhat.com/errata/RHSA-2014-0675.html

Vendor Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2014:0414

Third Party Advisory vendor-advisory x_refsource_gentoo

http://security.gentoo.org/glsa/glsa-201406-32.xml

Vendor Advisory vendor-advisory x_refsource_ubuntu

http://www.ubuntu.com/usn/USN-2191-1

Mailing List vendor-advisory x_refsource_hp

http://marc.info/?l=bugtraq&m=140852886808946&w=2

Various Sources x_refsource_confirm

http://www-01.ibm.com/support/docview.wss?uid=swg21672080

Vendor Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2014:0413

Issue Tracking x_refsource_misc

https://bugzilla.redhat.com/show_bug.cgi?id=1060907

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/59058

Mailing List vendor-advisory x_refsource_hp

http://marc.info/?l=bugtraq&m=140852974709252&w=2

Vendor Advisory vendor-advisory x_refsource_redhat

http://rhn.redhat.com/errata/RHSA-2014-0685.html

Third Party Advisory vendor-advisory x_refsource_debian

http://www.debian.org/security/2014/dsa-2912

Vendor Advisory x_refsource_confirm

http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/58415

Issue Tracking x_refsource_misc

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737562

Mailing List mailing-list x_refsource_mlist

http://seclists.org/oss-sec/2014/q1/285

Various Sources x_refsource_confirm

http://www-01.ibm.com/support/docview.wss?uid=swg21676746

Mailing List mailing-list x_refsource_mlist

http://seclists.org/oss-sec/2014/q1/242

Various Sources x_refsource_confirm

http://www-01.ibm.com/support/docview.wss?uid=swg21679713

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/65568

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://osvdb.org/102808

Scores

EPSS 0.0046

EPSS Percentile 36.1%

Details

CWE

CWE-59

Status published

Products (3)

oracle/openjdk 1.6.0

oracle/openjdk 1.7.0

oracle/openjdk 1.8.0

Published Feb 10, 2014

Tracked Since Feb 18, 2026