Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-2403

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2014-2403
Last Modified 20 Feb 2015 09:59:36
Published 15 Apr 2014 09:55:10
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2014-2403

Summary

Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality via vectors related to JAXP.

Vulnerable Systems

Application

  • Oracle Jdk 1.6.0

  • Oracle Jdk 1.7.0

  • Oracle Jdk 1.8.0

  • Oracle Jre 1.6.0

  • Oracle Jre 1.7.0

  • Oracle Jre 1.8.0


References

CONFIRM - http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html

UBUNTU - USN-2191-1

DEBIAN - DSA-2912

SECUNIA - 58415

UBUNTU - USN-2187-1

GENTOO - GLSA-201406-32

GENTOO - GLSA-201502-12

Related Patches

Oracle Java JRE 1.7.0_55 for Windows (Update) (All Languages) (See Notes)

Oracle Java JRE 1.7.0_55 for Mac OS X (Update)

Oracle Java JRE 1.8.0_05 for Windows (Update) (All Languages) (See Notes)

Oracle Java JRE 1.8.0_05 for Mac OS X (Update)

Oracle Java JRE 1.7.0_55 for Windows (Update) (64Bit) (All Languages) (See Notes)


Last Updated: 27 May 2016 11:03:25