CVE-2014-2401

MEDIUM

Description

Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JavaFX 2.2.51; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality via unknown vectors related to 2D.

References

http://marc.info/?l=bugtraq&m=140852886808946&w=2

http://marc.info/?l=bugtraq&m=140852974709252&w=2

http://secunia.com/advisories/58974

http://secunia.com/advisories/59058

http://security.gentoo.org/glsa/glsa-201502-12.xml

http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html

http://www.securityfocus.com/bid/66911

http://www-01.ibm.com/support/docview.wss?uid=swg21672080

http://www-01.ibm.com/support/docview.wss?uid=swg21676746

https://access.redhat.com/errata/RHSA-2014:0413

https://access.redhat.com/errata/RHSA-2014:0414

https://www.ibm.com/support/docview.wss?uid=swg21675973

Details

Source: MITRE

Published: 2014-04-16

Updated: 2018-01-05

Type: NVD-CWE-noinfo

Risk Information

CVSS v2.0

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

Vulnerable Software

Configuration 1

cpe:2.3:a:oracle:jdk:1.5.0:update_61:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.6.0:update_71:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.7.0:update_51:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.8.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.5.0:update_61:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.6.0:update_71:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.7.0:update_51:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.8.0:*:*:*:*:*:*:*

Configuration 2

cpe:2.3:a:oracle:javafx:2.2.51:*:*:*:*:*:*:*

Tenable Plugins

View all (44 total)

ID	Name	Product	Family	Severity
83625	SUSE SLES10 Security Update : IBM Java 5 (SUSE-SU-2014:0732-1)	Nessus	SuSE Local Security Checks	critical
81370	GLSA-201502-12 : Oracle JRE/JDK: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	critical
79039	RHEL 5 / 6 : IBM Java Runtime in Satellite Server (RHSA-2014:0982)	Nessus	Red Hat Local Security Checks	critical
79011	RHEL 5 / 6 : java-1.6.0-sun (RHSA-2014:0414)	Nessus	Red Hat Local Security Checks	critical
79010	RHEL 5 / 6 : java-1.7.0-oracle (RHSA-2014:0413)	Nessus	Red Hat Local Security Checks	critical
77812	IBM Notes 9.0.x < 9.0.1 Fix Pack 2 Multiple Vulnerabilities	Nessus	Windows	critical
77811	IBM Domino 9.0.x < 9.0.1 Fix Pack 2 Multiple Vulnerabilities (credentialed check) (POODLE)	Nessus	Windows	critical
77810	IBM Domino 9.x < 9.0.1 Fix Pack 2 Multiple Vulnerabilities (uncredentialed check)	Nessus	Misc.	critical
77728	VMware Security Updates for vCenter Server (VMSA-2014-0008)	Nessus	Misc.	critical
77727	VMware vCenter Update Manager Multiple Java Vulnerabilities (VMSA-2014-0008)	Nessus	Windows	critical
76900	RHEL 7 : java-1.7.1-ibm (RHSA-2014:0705)	Nessus	Red Hat Local Security Checks	critical
76870	AIX Java Advisory : java_apr2014_advisory.asc	Nessus	AIX Local Security Checks	critical
74284	SuSE 11.3 Security Update : IBM Java 6 (SAT Patch Number 9256)	Nessus	SuSE Local Security Checks	critical
74254	SuSE 11.3 Security Update : IBM Java 7 (SAT Patch Number 9263)	Nessus	SuSE Local Security Checks	critical
74032	RHEL 5 / 6 : java-1.5.0-ibm (RHSA-2014:0509)	Nessus	Red Hat Local Security Checks	critical
74031	RHEL 5 / 6 : java-1.6.0-ibm (RHSA-2014:0508)	Nessus	Red Hat Local Security Checks	critical
74005	RHEL 5 / 6 : java-1.7.0-ibm (RHSA-2014:0486)	Nessus	Red Hat Local Security Checks	critical
73608	RHEL 5 / 6 : java-1.7.0-oracle (RHSA-2014:0412)	Nessus	Red Hat Local Security Checks	critical
73571	Oracle Java SE Multiple Vulnerabilities (April 2014 CPU) (Unix)	Nessus	Misc.	critical
73570	Oracle Java SE Multiple Vulnerabilities (April 2014 CPU)	Nessus	Windows	critical
27034	Solaris 9 (x86) : 125139-97	Nessus	Solaris Local Security Checks	critical
27033	Solaris 9 (x86) : 125138-97	Nessus	Solaris Local Security Checks	critical
27021	Solaris 9 (sparc) : 125137-97	Nessus	Solaris Local Security Checks	critical
27020	Solaris 9 (sparc) : 125136-97	Nessus	Solaris Local Security Checks	critical
27016	Solaris 8 (x86) : 125139-97	Nessus	Solaris Local Security Checks	critical
27015	Solaris 8 (x86) : 125138-97	Nessus	Solaris Local Security Checks	critical
27009	Solaris 8 (sparc) : 125137-97	Nessus	Solaris Local Security Checks	critical
27008	Solaris 8 (sparc) : 125136-97	Nessus	Solaris Local Security Checks	critical
26996	Solaris 10 (x86) : 125139-97 (deprecated)	Nessus	Solaris Local Security Checks	critical
26995	Solaris 10 (x86) : 125138-97 (deprecated)	Nessus	Solaris Local Security Checks	critical
26985	Solaris 10 (sparc) : 125137-97 (deprecated)	Nessus	Solaris Local Security Checks	critical
26984	Solaris 10 (sparc) : 125136-97 (deprecated)	Nessus	Solaris Local Security Checks	critical
19583	Solaris 9 (x86) : 118669-86	Nessus	Solaris Local Security Checks	critical
19582	Solaris 8 (x86) : 118669-86	Nessus	Solaris Local Security Checks	critical
19580	Solaris 10 (x86) : 118669-86 (deprecated)	Nessus	Solaris Local Security Checks	critical
19461	Solaris 9 (x86) : 118668-86	Nessus	Solaris Local Security Checks	critical
19460	Solaris 9 (sparc) : 118667-86	Nessus	Solaris Local Security Checks	critical
19459	Solaris 9 (sparc) : 118666-86	Nessus	Solaris Local Security Checks	critical
19457	Solaris 8 (x86) : 118668-86	Nessus	Solaris Local Security Checks	critical
19456	Solaris 8 (sparc) : 118667-86	Nessus	Solaris Local Security Checks	critical
19455	Solaris 8 (sparc) : 118666-86	Nessus	Solaris Local Security Checks	critical
19450	Solaris 10 (x86) : 118668-86 (deprecated)	Nessus	Solaris Local Security Checks	critical
19444	Solaris 10 (sparc) : 118667-86 (deprecated)	Nessus	Solaris Local Security Checks	critical
19443	Solaris 10 (sparc) : 118666-86 (deprecated)	Nessus	Solaris Local Security Checks	critical