CVE-2014-2403

medium

Description

Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality via vectors related to JAXP.

References

http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html

http://www.debian.org/security/2014/dsa-2912

http://www.ubuntu.com/usn/USN-2191-1

http://secunia.com/advisories/58415

http://www.ubuntu.com/usn/USN-2187-1

http://security.gentoo.org/glsa/glsa-201406-32.xml

http://security.gentoo.org/glsa/glsa-201502-12.xml

http://marc.info/?l=bugtraq&m=140852974709252&w=2

http://marc.info/?l=bugtraq&m=140852886808946&w=2

http://www.securityfocus.com/bid/66918

http://rhn.redhat.com/errata/RHSA-2014-0685.html

http://rhn.redhat.com/errata/RHSA-2014-0675.html

https://access.redhat.com/errata/RHSA-2014:0414

https://access.redhat.com/errata/RHSA-2014:0413

Details

Source: MITRE

Published: 2014-04-16

Updated: 2022-05-13

Type: NVD-CWE-noinfo

Risk Information

CVSS v2

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM