CVE-2014-2403

MEDIUM

Description

Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality via vectors related to JAXP.

References

http://marc.info/?l=bugtraq&m=140852886808946&w=2

http://marc.info/?l=bugtraq&m=140852974709252&w=2

http://rhn.redhat.com/errata/RHSA-2014-0675.html

http://rhn.redhat.com/errata/RHSA-2014-0685.html

http://secunia.com/advisories/58415

http://security.gentoo.org/glsa/glsa-201406-32.xml

http://security.gentoo.org/glsa/glsa-201502-12.xml

http://www.debian.org/security/2014/dsa-2912

http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html

http://www.securityfocus.com/bid/66918

http://www.ubuntu.com/usn/USN-2187-1

http://www.ubuntu.com/usn/USN-2191-1

https://access.redhat.com/errata/RHSA-2014:0413

https://access.redhat.com/errata/RHSA-2014:0414

Details

Source: MITRE

Published: 2014-04-16

Updated: 2018-01-05

Type: NVD-CWE-noinfo

Risk Information

CVSS v2.0

Base Score: 5

Vector: (AV:N/AC:L/Au:N/C:P/I:N/A:N)

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

Tenable Plugins

View all (35 total)

ID	Name	Product	Family	Severity
81370	GLSA-201502-12 : Oracle JRE/JDK: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	critical
80046	openSUSE Security Update : java-1_7_0-openjdk (openSUSE-SU-2014:1638-1)	Nessus	SuSE Local Security Checks	critical
80045	openSUSE Security Update : java-1_7_0-openjdk (openSUSE-SU-2014:1645-1)	Nessus	SuSE Local Security Checks	critical
79011	RHEL 5 / 6 : java-1.6.0-sun (RHSA-2014:0414)	Nessus	Red Hat Local Security Checks	critical
79010	RHEL 5 / 6 : java-1.7.0-oracle (RHSA-2014:0413)	Nessus	Red Hat Local Security Checks	critical
77728	VMware Security Updates for vCenter Server (VMSA-2014-0008)	Nessus	Misc.	critical
77727	VMware vCenter Update Manager Multiple Java Vulnerabilities (VMSA-2014-0008)	Nessus	Windows	critical
76894	RHEL 7 : java-1.6.0-openjdk (RHSA-2014:0685)	Nessus	Red Hat Local Security Checks	critical
76889	RHEL 7 : java-1.7.0-openjdk (RHSA-2014:0675)	Nessus	Red Hat Local Security Checks	critical
76732	Oracle Linux 7 : java-1.6.0-openjdk (ELSA-2014-0685)	Nessus	Oracle Linux Local Security Checks	critical
76727	Oracle Linux 7 : java-1.7.0-openjdk (ELSA-2014-0675)	Nessus	Oracle Linux Local Security Checks	critical
76303	GLSA-201406-32 : IcedTea JDK: Multiple vulnerabilities (BEAST) (ROBOT)	Nessus	Gentoo Local Security Checks	critical
74078	Mandriva Linux Security Advisory : java-1.7.0-openjdk (MDVSA-2014:100)	Nessus	Mandriva Local Security Checks	critical
74007	SuSE 11.3 Security Update : OpenJDK (SAT Patch Number 9209)	Nessus	SuSE Local Security Checks	critical
73868	Debian DSA-2923-1 : openjdk-7 - security update	Nessus	Debian Local Security Checks	critical
73822	Ubuntu 10.04 LTS / 12.04 LTS : openjdk-6 vulnerabilities (USN-2191-1)	Nessus	Ubuntu Local Security Checks	critical
73801	Ubuntu 12.10 / 13.10 / 14.04 LTS : openjdk-7 vulnerabilities (USN-2187-1)	Nessus	Ubuntu Local Security Checks	critical
73691	Debian DSA-2912-1 : openjdk-6 - security update	Nessus	Debian Local Security Checks	critical
73655	Amazon Linux AMI : java-1.7.0-openjdk (ALAS-2014-327)	Nessus	Amazon Linux Local Security Checks	critical
73654	Amazon Linux AMI : java-1.6.0-openjdk (ALAS-2014-326)	Nessus	Amazon Linux Local Security Checks	critical
73608	RHEL 5 / 6 : java-1.7.0-oracle (RHSA-2014:0412)	Nessus	Red Hat Local Security Checks	critical
73605	Oracle Linux 5 : java-1.7.0-openjdk (ELSA-2014-0407)	Nessus	Oracle Linux Local Security Checks	critical
73590	Scientific Linux Security Update : java-1.7.0-openjdk on SL6.x i386/x86_64	Nessus	Scientific Linux Local Security Checks	critical
73589	Scientific Linux Security Update : java-1.7.0-openjdk on SL5.x i386/x86_64	Nessus	Scientific Linux Local Security Checks	critical
73588	Scientific Linux Security Update : java-1.6.0-openjdk on SL5.x, SL6.x i386/x86_64	Nessus	Scientific Linux Local Security Checks	critical
73587	RHEL 5 / 6 : java-1.6.0-openjdk (RHSA-2014:0408)	Nessus	Red Hat Local Security Checks	critical
73586	RHEL 5 : java-1.7.0-openjdk (RHSA-2014:0407)	Nessus	Red Hat Local Security Checks	critical
73585	RHEL 6 : java-1.7.0-openjdk (RHSA-2014:0406)	Nessus	Red Hat Local Security Checks	critical
73584	Oracle Linux 5 / 6 : java-1.6.0-openjdk (ELSA-2014-0408)	Nessus	Oracle Linux Local Security Checks	critical
73583	Oracle Linux 6 : java-1.7.0-openjdk (ELSA-2014-0406)	Nessus	Oracle Linux Local Security Checks	critical
73580	CentOS 5 / 6 : java-1.6.0-openjdk (CESA-2014:0408)	Nessus	CentOS Local Security Checks	critical
73579	CentOS 5 : java-1.7.0-openjdk (CESA-2014:0407)	Nessus	CentOS Local Security Checks	critical
73578	CentOS 6 : java-1.7.0-openjdk (CESA-2014:0406)	Nessus	CentOS Local Security Checks	critical
73571	Oracle Java SE Multiple Vulnerabilities (April 2014 CPU) (Unix)	Nessus	Misc.	critical
73570	Oracle Java SE Multiple Vulnerabilities (April 2014 CPU)	Nessus	Windows	critical