GLSA-201502-12

http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html

66886

The remote host is affected by the vulnerability described in GLSA-201502-12 (Oracle JRE/JDK: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in Oracle&rsquo;s Java SE       Development Kit and Runtime Environment. Please review the CVE       identifiers referenced below for details.
  Impact :

    A context-dependent attacker may be able to execute arbitrary code,       disclose, update, insert, or delete certain data.
  Workaround :

    There is no known workaround at this time.

The version of Oracle (formerly Sun) Java SE or Java for Business installed on the remote host is earlier than 8 Update 5, 7 Update 55, 6 Update 75, or 5 Update 65.  It is, therefore, potentially affected by security issues in the following components :

  - 2D
  - AWT
  - Deployment
  - Hotspot
  - JAX-WS
  - JAXB
  - JAXP
  - JNDI
  - JavaFX
  - Javadoc
  - Libraries
  - Scripting
  - Security
  - Sound

ID	Name	Product	Family	Severity
81370	GLSA-201502-12 : Oracle JRE/JDK: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	critical
73571	Oracle Java SE Multiple Vulnerabilities (April 2014 CPU) (Unix)	Nessus	Misc.	critical
73570	Oracle Java SE Multiple Vulnerabilities (April 2014 CPU)	Nessus	Windows	critical

CVE-2014-2410

Description

References

Details

Risk Information

CVSS v2.0

Vulnerable Software

Configuration 1

Tenable Plugins