CVE-2014-2401

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JavaFX 2.2.51; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality via unknown vectors related to 2D.

References

http://marc.info/?l=bugtraq&m=140852886808946&w=2

http://marc.info/?l=bugtraq&m=140852974709252&w=2

http://secunia.com/advisories/58974

http://secunia.com/advisories/59058

http://security.gentoo.org/glsa/glsa-201502-12.xml

http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html

http://www.securityfocus.com/bid/66911

http://www-01.ibm.com/support/docview.wss?uid=swg21672080

http://www-01.ibm.com/support/docview.wss?uid=swg21676746

https://access.redhat.com/errata/RHSA-2014:0413

https://access.redhat.com/errata/RHSA-2014:0414

https://www.ibm.com/support/docview.wss?uid=swg21675973

Details

Source: MITRE

Published: 2014-04-16

Updated: 2020-09-08

Risk Information

CVSS v2

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:oracle:jdk:1.5.0:update_61:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.6.0:update_71:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.7.0:update51:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.8.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.5.0:update_61:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.6.0:update_71:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.7.0:update_51:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.8.0:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:a:oracle:javafx:2.2.51:*:*:*:*:*:*:*

Tenable Plugins

View all (44 total)

IDNameProductFamilySeverity
83625SUSE SLES10 Security Update : IBM Java 5 (SUSE-SU-2014:0732-1)NessusSuSE Local Security Checks
critical
81370GLSA-201502-12 : Oracle JRE/JDK: Multiple vulnerabilitiesNessusGentoo Local Security Checks
critical
79039RHEL 5 / 6 : IBM Java Runtime in Satellite Server (RHSA-2014:0982)NessusRed Hat Local Security Checks
critical
79011RHEL 5 / 6 : java-1.6.0-sun (RHSA-2014:0414)NessusRed Hat Local Security Checks
medium
79010RHEL 5 / 6 : java-1.7.0-oracle (RHSA-2014:0413)NessusRed Hat Local Security Checks
critical
77812IBM Notes 9.0.x < 9.0.1 Fix Pack 2 Multiple VulnerabilitiesNessusWindows
critical
77811IBM Domino 9.0.x < 9.0.1 Fix Pack 2 Multiple Vulnerabilities (credentialed check) (POODLE)NessusWindows
critical
77810IBM Domino 9.x < 9.0.1 Fix Pack 2 Multiple Vulnerabilities (uncredentialed check)NessusMisc.
critical
77728VMware Security Updates for vCenter Server (VMSA-2014-0008)NessusMisc.
critical
77727VMware vCenter Update Manager Multiple Java Vulnerabilities (VMSA-2014-0008)NessusWindows
critical
76900RHEL 7 : java-1.7.1-ibm (RHSA-2014:0705)NessusRed Hat Local Security Checks
critical
76870AIX Java Advisory : java_apr2014_advisory.ascNessusAIX Local Security Checks
critical
74284SuSE 11.3 Security Update : IBM Java 6 (SAT Patch Number 9256)NessusSuSE Local Security Checks
critical
74254SuSE 11.3 Security Update : IBM Java 7 (SAT Patch Number 9263)NessusSuSE Local Security Checks
critical
74032RHEL 5 / 6 : java-1.5.0-ibm (RHSA-2014:0509)NessusRed Hat Local Security Checks
critical
74031RHEL 5 / 6 : java-1.6.0-ibm (RHSA-2014:0508)NessusRed Hat Local Security Checks
critical
74005RHEL 5 / 6 : java-1.7.0-ibm (RHSA-2014:0486)NessusRed Hat Local Security Checks
critical
73608RHEL 5 / 6 : java-1.7.0-oracle (RHSA-2014:0412)NessusRed Hat Local Security Checks
critical
73571Oracle Java SE Multiple Vulnerabilities (April 2014 CPU) (Unix)NessusMisc.
critical
73570Oracle Java SE Multiple Vulnerabilities (April 2014 CPU)NessusWindows
critical
27034Solaris 9 (x86) : 125139-97NessusSolaris Local Security Checks
critical
27033Solaris 9 (x86) : 125138-97NessusSolaris Local Security Checks
critical
27021Solaris 9 (sparc) : 125137-97NessusSolaris Local Security Checks
critical
27020Solaris 9 (sparc) : 125136-97NessusSolaris Local Security Checks
critical
27016Solaris 8 (x86) : 125139-97NessusSolaris Local Security Checks
critical
27015Solaris 8 (x86) : 125138-97NessusSolaris Local Security Checks
critical
27009Solaris 8 (sparc) : 125137-97NessusSolaris Local Security Checks
critical
27008Solaris 8 (sparc) : 125136-97NessusSolaris Local Security Checks
critical
26996Solaris 10 (x86) : 125139-97 (deprecated)NessusSolaris Local Security Checks
critical
26995Solaris 10 (x86) : 125138-97 (deprecated)NessusSolaris Local Security Checks
critical
26985Solaris 10 (sparc) : 125137-97 (deprecated)NessusSolaris Local Security Checks
critical
26984Solaris 10 (sparc) : 125136-97 (deprecated)NessusSolaris Local Security Checks
critical
19583Solaris 9 (x86) : 118669-86NessusSolaris Local Security Checks
critical
19582Solaris 8 (x86) : 118669-86NessusSolaris Local Security Checks
critical
19580Solaris 10 (x86) : 118669-86 (deprecated)NessusSolaris Local Security Checks
critical
19461Solaris 9 (x86) : 118668-86NessusSolaris Local Security Checks
critical
19460Solaris 9 (sparc) : 118667-86NessusSolaris Local Security Checks
critical
19459Solaris 9 (sparc) : 118666-86NessusSolaris Local Security Checks
critical
19457Solaris 8 (x86) : 118668-86NessusSolaris Local Security Checks
critical
19456Solaris 8 (sparc) : 118667-86NessusSolaris Local Security Checks
critical
19455Solaris 8 (sparc) : 118666-86NessusSolaris Local Security Checks
critical
19450Solaris 10 (x86) : 118668-86 (deprecated)NessusSolaris Local Security Checks
critical
19444Solaris 10 (sparc) : 118667-86 (deprecated)NessusSolaris Local Security Checks
critical
19443Solaris 10 (sparc) : 118666-86 (deprecated)NessusSolaris Local Security Checks
critical