CVE-2014-2403

high

Description

Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality via vectors related to JAXP.

References

Advisories
More

https://access.redhat.com/errata/RHSA-2014:0414

https://access.redhat.com/errata/RHSA-2014:0413

http://www.ubuntu.com/usn/USN-2191-1

http://www.ubuntu.com/usn/USN-2187-1

http://www.securityfocus.com/bid/66918

http://www.debian.org/security/2014/dsa-2912

http://security.gentoo.org/glsa/glsa-201502-12.xml

http://security.gentoo.org/glsa/glsa-201406-32.xml

http://secunia.com/advisories/58415

http://rhn.redhat.com/errata/RHSA-2014-0685.html

http://rhn.redhat.com/errata/RHSA-2014-0675.html

http://marc.info/?l=bugtraq&m=140852974709252&w=2

http://marc.info/?l=bugtraq&m=140852886808946&w=2

http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html

Details

Source: Mitre, NVD

Published: 2014-04-16

Updated: 2025-04-12

Risk Information

CVSS v2

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Severity: Medium

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Severity: High

EPSS

EPSS: 0.01973

Detections

Analytics