CVE-2014-2401

MEDIUM

Description

Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JavaFX 2.2.51; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality via unknown vectors related to 2D.

References

http://marc.info/?l=bugtraq&m=140852886808946&w=2

http://marc.info/?l=bugtraq&m=140852974709252&w=2

http://secunia.com/advisories/58974

http://secunia.com/advisories/59058

http://security.gentoo.org/glsa/glsa-201502-12.xml

http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html

http://www.securityfocus.com/bid/66911

http://www-01.ibm.com/support/docview.wss?uid=swg21672080

http://www-01.ibm.com/support/docview.wss?uid=swg21676746

https://access.redhat.com/errata/RHSA-2014:0413

https://access.redhat.com/errata/RHSA-2014:0414

https://www.ibm.com/support/docview.wss?uid=swg21675973

Details

Source: MITRE

Published: 2014-04-16

Updated: 2020-09-08

Risk Information

CVSS v2.0

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:oracle:jdk:1.5.0:update_61:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.6.0:update_71:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.7.0:update51:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.8.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.5.0:update_61:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.6.0:update_71:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.7.0:update_51:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.8.0:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:a:oracle:javafx:2.2.51:*:*:*:*:*:*:*

Tenable Plugins

View all (44 total)

IDNameProductFamilySeverity
83625SUSE SLES10 Security Update : IBM Java 5 (SUSE-SU-2014:0732-1)NessusSuSE Local Security Checks
critical
81370GLSA-201502-12 : Oracle JRE/JDK: Multiple vulnerabilitiesNessusGentoo Local Security Checks
critical
79039RHEL 5 / 6 : IBM Java Runtime in Satellite Server (RHSA-2014:0982)NessusRed Hat Local Security Checks
critical
79011RHEL 5 / 6 : java-1.6.0-sun (RHSA-2014:0414)NessusRed Hat Local Security Checks
critical
79010RHEL 5 / 6 : java-1.7.0-oracle (RHSA-2014:0413)NessusRed Hat Local Security Checks
critical
77812IBM Notes 9.0.x < 9.0.1 Fix Pack 2 Multiple VulnerabilitiesNessusWindows
critical
77811IBM Domino 9.0.x < 9.0.1 Fix Pack 2 Multiple Vulnerabilities (credentialed check) (POODLE)NessusWindows
critical
77810IBM Domino 9.x < 9.0.1 Fix Pack 2 Multiple Vulnerabilities (uncredentialed check)NessusMisc.
critical
77728VMware Security Updates for vCenter Server (VMSA-2014-0008)NessusMisc.
critical
77727VMware vCenter Update Manager Multiple Java Vulnerabilities (VMSA-2014-0008)NessusWindows
critical
76900RHEL 7 : java-1.7.1-ibm (RHSA-2014:0705)NessusRed Hat Local Security Checks
critical
76870AIX Java Advisory : java_apr2014_advisory.ascNessusAIX Local Security Checks
critical
74284SuSE 11.3 Security Update : IBM Java 6 (SAT Patch Number 9256)NessusSuSE Local Security Checks
critical
74254SuSE 11.3 Security Update : IBM Java 7 (SAT Patch Number 9263)NessusSuSE Local Security Checks
critical
74032RHEL 5 / 6 : java-1.5.0-ibm (RHSA-2014:0509)NessusRed Hat Local Security Checks
critical
74031RHEL 5 / 6 : java-1.6.0-ibm (RHSA-2014:0508)NessusRed Hat Local Security Checks
critical
74005RHEL 5 / 6 : java-1.7.0-ibm (RHSA-2014:0486)NessusRed Hat Local Security Checks
critical
73608RHEL 5 / 6 : java-1.7.0-oracle (RHSA-2014:0412)NessusRed Hat Local Security Checks
critical
73571Oracle Java SE Multiple Vulnerabilities (April 2014 CPU) (Unix)NessusMisc.
critical
73570Oracle Java SE Multiple Vulnerabilities (April 2014 CPU)NessusWindows
critical
27034Solaris 9 (x86) : 125139-97NessusSolaris Local Security Checks
critical
27033Solaris 9 (x86) : 125138-97NessusSolaris Local Security Checks
critical
27021Solaris 9 (sparc) : 125137-97NessusSolaris Local Security Checks
critical
27020Solaris 9 (sparc) : 125136-97NessusSolaris Local Security Checks
critical
27016Solaris 8 (x86) : 125139-97NessusSolaris Local Security Checks
critical
27015Solaris 8 (x86) : 125138-97NessusSolaris Local Security Checks
critical
27009Solaris 8 (sparc) : 125137-97NessusSolaris Local Security Checks
critical
27008Solaris 8 (sparc) : 125136-97NessusSolaris Local Security Checks
critical
26996Solaris 10 (x86) : 125139-97 (deprecated)NessusSolaris Local Security Checks
critical
26995Solaris 10 (x86) : 125138-97 (deprecated)NessusSolaris Local Security Checks
critical
26985Solaris 10 (sparc) : 125137-97 (deprecated)NessusSolaris Local Security Checks
critical
26984Solaris 10 (sparc) : 125136-97 (deprecated)NessusSolaris Local Security Checks
critical
19583Solaris 9 (x86) : 118669-86NessusSolaris Local Security Checks
critical
19582Solaris 8 (x86) : 118669-86NessusSolaris Local Security Checks
critical
19580Solaris 10 (x86) : 118669-86 (deprecated)NessusSolaris Local Security Checks
critical
19461Solaris 9 (x86) : 118668-86NessusSolaris Local Security Checks
critical
19460Solaris 9 (sparc) : 118667-86NessusSolaris Local Security Checks
critical
19459Solaris 9 (sparc) : 118666-86NessusSolaris Local Security Checks
critical
19457Solaris 8 (x86) : 118668-86NessusSolaris Local Security Checks
critical
19456Solaris 8 (sparc) : 118667-86NessusSolaris Local Security Checks
critical
19455Solaris 8 (sparc) : 118666-86NessusSolaris Local Security Checks
critical
19450Solaris 10 (x86) : 118668-86 (deprecated)NessusSolaris Local Security Checks
critical
19444Solaris 10 (sparc) : 118667-86 (deprecated)NessusSolaris Local Security Checks
critical
19443Solaris 10 (sparc) : 118666-86 (deprecated)NessusSolaris Local Security Checks
critical