CVE-2014-2398LOW
Description
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JavaFX 2.2.51; and JRockit R27.8.1 and R28.3.1 allows remote authenticated users to affect integrity via unknown vectors related to Javadoc.
References
http://marc.info/?l=bugtraq&m=140852886808946&w=2
http://marc.info/?l=bugtraq&m=140852974709252&w=2
http://rhn.redhat.com/errata/RHSA-2014-0675.html
http://rhn.redhat.com/errata/RHSA-2014-0685.html
http://secunia.com/advisories/58415
http://secunia.com/advisories/59058
http://security.gentoo.org/glsa/glsa-201406-32.xml
http://security.gentoo.org/glsa/glsa-201502-12.xml
http://www.debian.org/security/2014/dsa-2912
http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html
http://www.securityfocus.com/bid/66920
http://www.ubuntu.com/usn/USN-2187-1
http://www.ubuntu.com/usn/USN-2191-1
http://www-01.ibm.com/support/docview.wss?uid=swg21672080
http://www-01.ibm.com/support/docview.wss?uid=swg21676746
Details
Source: MITRE
Published: 2014-04-16
Updated: 2020-09-08
Type: NVD-CWE-noinfo
Risk Information
CVSS v2.0
Base Score: 3.5
Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N
Impact Score: 2.9
Exploitability Score: 6.8
Severity: LOW
Vulnerable Software
Configuration 1
OR
Configuration 2
OR
cpe:2.3:a:oracle:jdk:1.5.0:update_61:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update_71:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update51:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.8.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.5.0:update_61:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update_71:*:*:*:*:*:*
Configuration 3
OR
Tenable Plugins
| ID | Name | Product | Family | Severity |
|---|---|---|---|---|
| 83625 | SUSE SLES10 Security Update : IBM Java 5 (SUSE-SU-2014:0732-1) | Nessus | SuSE Local Security Checks | critical |
| 81370 | GLSA-201502-12 : Oracle JRE/JDK: Multiple vulnerabilities | Nessus | Gentoo Local Security Checks | critical |
| 80046 | openSUSE Security Update : java-1_7_0-openjdk (openSUSE-SU-2014:1638-1) | Nessus | SuSE Local Security Checks | critical |
| 80045 | openSUSE Security Update : java-1_7_0-openjdk (openSUSE-SU-2014:1645-1) | Nessus | SuSE Local Security Checks | critical |
| 79039 | RHEL 5 / 6 : IBM Java Runtime in Satellite Server (RHSA-2014:0982) | Nessus | Red Hat Local Security Checks | critical |
| 79011 | RHEL 5 / 6 : java-1.6.0-sun (RHSA-2014:0414) | Nessus | Red Hat Local Security Checks | critical |
| 79010 | RHEL 5 / 6 : java-1.7.0-oracle (RHSA-2014:0413) | Nessus | Red Hat Local Security Checks | critical |
| 77812 | IBM Notes 9.0.x < 9.0.1 Fix Pack 2 Multiple Vulnerabilities | Nessus | Windows | critical |
| 77811 | IBM Domino 9.0.x < 9.0.1 Fix Pack 2 Multiple Vulnerabilities (credentialed check) (POODLE) | Nessus | Windows | critical |
| 77810 | IBM Domino 9.x < 9.0.1 Fix Pack 2 Multiple Vulnerabilities (uncredentialed check) | Nessus | Misc. | critical |
| 76900 | RHEL 7 : java-1.7.1-ibm (RHSA-2014:0705) | Nessus | Red Hat Local Security Checks | critical |
| 76894 | RHEL 7 : java-1.6.0-openjdk (RHSA-2014:0685) | Nessus | Red Hat Local Security Checks | critical |
| 76889 | RHEL 7 : java-1.7.0-openjdk (RHSA-2014:0675) | Nessus | Red Hat Local Security Checks | critical |
| 76870 | AIX Java Advisory : java_apr2014_advisory.asc | Nessus | AIX Local Security Checks | critical |
| 76732 | Oracle Linux 7 : java-1.6.0-openjdk (ELSA-2014-0685) | Nessus | Oracle Linux Local Security Checks | critical |
| 76727 | Oracle Linux 7 : java-1.7.0-openjdk (ELSA-2014-0675) | Nessus | Oracle Linux Local Security Checks | critical |
| 76303 | GLSA-201406-32 : IcedTea JDK: Multiple vulnerabilities (BEAST) (ROBOT) | Nessus | Gentoo Local Security Checks | critical |
| 74284 | SuSE 11.3 Security Update : IBM Java 6 (SAT Patch Number 9256) | Nessus | SuSE Local Security Checks | critical |
| 74254 | SuSE 11.3 Security Update : IBM Java 7 (SAT Patch Number 9263) | Nessus | SuSE Local Security Checks | critical |
| 74078 | Mandriva Linux Security Advisory : java-1.7.0-openjdk (MDVSA-2014:100) | Nessus | Mandriva Local Security Checks | critical |
| 74032 | RHEL 5 / 6 : java-1.5.0-ibm (RHSA-2014:0509) | Nessus | Red Hat Local Security Checks | critical |
| 74031 | RHEL 5 / 6 : java-1.6.0-ibm (RHSA-2014:0508) | Nessus | Red Hat Local Security Checks | critical |
| 74007 | SuSE 11.3 Security Update : OpenJDK (SAT Patch Number 9209) | Nessus | SuSE Local Security Checks | critical |
| 74005 | RHEL 5 / 6 : java-1.7.0-ibm (RHSA-2014:0486) | Nessus | Red Hat Local Security Checks | critical |
| 73868 | Debian DSA-2923-1 : openjdk-7 - security update | Nessus | Debian Local Security Checks | critical |
| 73822 | Ubuntu 10.04 LTS / 12.04 LTS : openjdk-6 vulnerabilities (USN-2191-1) | Nessus | Ubuntu Local Security Checks | critical |
| 73801 | Ubuntu 12.10 / 13.10 / 14.04 LTS : openjdk-7 vulnerabilities (USN-2187-1) | Nessus | Ubuntu Local Security Checks | critical |
| 73691 | Debian DSA-2912-1 : openjdk-6 - security update | Nessus | Debian Local Security Checks | critical |
| 73655 | Amazon Linux AMI : java-1.7.0-openjdk (ALAS-2014-327) | Nessus | Amazon Linux Local Security Checks | critical |
| 73654 | Amazon Linux AMI : java-1.6.0-openjdk (ALAS-2014-326) | Nessus | Amazon Linux Local Security Checks | critical |
| 73612 | Oracle JRockit R27 < R27.8.2 / R28 < R28.3.2 Multiple Vulnerabilities (April 2014 CPU) | Nessus | Windows | critical |
| 73608 | RHEL 5 / 6 : java-1.7.0-oracle (RHSA-2014:0412) | Nessus | Red Hat Local Security Checks | critical |
| 73605 | Oracle Linux 5 : java-1.7.0-openjdk (ELSA-2014-0407) | Nessus | Oracle Linux Local Security Checks | critical |
| 73590 | Scientific Linux Security Update : java-1.7.0-openjdk on SL6.x i386/x86_64 (20140416) | Nessus | Scientific Linux Local Security Checks | critical |
| 73589 | Scientific Linux Security Update : java-1.7.0-openjdk on SL5.x i386/x86_64 (20140416) | Nessus | Scientific Linux Local Security Checks | critical |
| 73588 | Scientific Linux Security Update : java-1.6.0-openjdk on SL5.x, SL6.x i386/x86_64 (20140416) | Nessus | Scientific Linux Local Security Checks | critical |
| 73587 | RHEL 5 / 6 : java-1.6.0-openjdk (RHSA-2014:0408) | Nessus | Red Hat Local Security Checks | critical |
| 73586 | RHEL 5 : java-1.7.0-openjdk (RHSA-2014:0407) | Nessus | Red Hat Local Security Checks | critical |
| 73585 | RHEL 6 : java-1.7.0-openjdk (RHSA-2014:0406) | Nessus | Red Hat Local Security Checks | critical |
| 73584 | Oracle Linux 5 / 6 : java-1.6.0-openjdk (ELSA-2014-0408) | Nessus | Oracle Linux Local Security Checks | critical |
| 73583 | Oracle Linux 6 : java-1.7.0-openjdk (ELSA-2014-0406) | Nessus | Oracle Linux Local Security Checks | critical |
| 73580 | CentOS 5 / 6 : java-1.6.0-openjdk (CESA-2014:0408) | Nessus | CentOS Local Security Checks | critical |
| 73579 | CentOS 5 : java-1.7.0-openjdk (CESA-2014:0407) | Nessus | CentOS Local Security Checks | critical |
| 73578 | CentOS 6 : java-1.7.0-openjdk (CESA-2014:0406) | Nessus | CentOS Local Security Checks | critical |
| 73571 | Oracle Java SE Multiple Vulnerabilities (April 2014 CPU) (Unix) | Nessus | Misc. | critical |
| 73570 | Oracle Java SE Multiple Vulnerabilities (April 2014 CPU) | Nessus | Windows | critical |
| 27034 | Solaris 9 (x86) : 125139-97 | Nessus | Solaris Local Security Checks | critical |
| 27033 | Solaris 9 (x86) : 125138-97 | Nessus | Solaris Local Security Checks | critical |
| 27021 | Solaris 9 (sparc) : 125137-97 | Nessus | Solaris Local Security Checks | critical |
| 27020 | Solaris 9 (sparc) : 125136-97 | Nessus | Solaris Local Security Checks | critical |
| 27016 | Solaris 8 (x86) : 125139-97 | Nessus | Solaris Local Security Checks | critical |
| 27015 | Solaris 8 (x86) : 125138-97 | Nessus | Solaris Local Security Checks | critical |
| 27009 | Solaris 8 (sparc) : 125137-97 | Nessus | Solaris Local Security Checks | critical |
| 27008 | Solaris 8 (sparc) : 125136-97 | Nessus | Solaris Local Security Checks | critical |
| 26996 | Solaris 10 (x86) : 125139-97 (deprecated) | Nessus | Solaris Local Security Checks | critical |
| 26995 | Solaris 10 (x86) : 125138-97 (deprecated) | Nessus | Solaris Local Security Checks | critical |
| 26985 | Solaris 10 (sparc) : 125137-97 (deprecated) | Nessus | Solaris Local Security Checks | critical |
| 26984 | Solaris 10 (sparc) : 125136-97 (deprecated) | Nessus | Solaris Local Security Checks | critical |
| 19583 | Solaris 9 (x86) : 118669-86 | Nessus | Solaris Local Security Checks | critical |
| 19582 | Solaris 8 (x86) : 118669-86 | Nessus | Solaris Local Security Checks | critical |
| 19580 | Solaris 10 (x86) : 118669-86 (deprecated) | Nessus | Solaris Local Security Checks | critical |
| 19461 | Solaris 9 (x86) : 118668-86 | Nessus | Solaris Local Security Checks | critical |
| 19460 | Solaris 9 (sparc) : 118667-86 | Nessus | Solaris Local Security Checks | critical |
| 19459 | Solaris 9 (sparc) : 118666-86 | Nessus | Solaris Local Security Checks | critical |
| 19457 | Solaris 8 (x86) : 118668-86 | Nessus | Solaris Local Security Checks | critical |
| 19456 | Solaris 8 (sparc) : 118667-86 | Nessus | Solaris Local Security Checks | critical |
| 19455 | Solaris 8 (sparc) : 118666-86 | Nessus | Solaris Local Security Checks | critical |
| 19450 | Solaris 10 (x86) : 118668-86 (deprecated) | Nessus | Solaris Local Security Checks | critical |
| 19444 | Solaris 10 (sparc) : 118667-86 (deprecated) | Nessus | Solaris Local Security Checks | critical |
| 19443 | Solaris 10 (sparc) : 118666-86 (deprecated) | Nessus | Solaris Local Security Checks | critical |