CVE-2014-2412

high

Description

Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, SE 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT, a different vulnerability than CVE-2014-0451.

References

http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html

http://www.debian.org/security/2014/dsa-2912

http://www.ubuntu.com/usn/USN-2191-1

http://secunia.com/advisories/58415

http://www.ubuntu.com/usn/USN-2187-1

http://www.securityfocus.com/bid/66873

http://www-01.ibm.com/support/docview.wss?uid=swg21672080

http://security.gentoo.org/glsa/glsa-201406-32.xml

http://security.gentoo.org/glsa/glsa-201502-12.xml

http://marc.info/?l=bugtraq&m=140852974709252&w=2

http://marc.info/?l=bugtraq&m=140852886808946&w=2

http://rhn.redhat.com/errata/RHSA-2014-0685.html

http://rhn.redhat.com/errata/RHSA-2014-0675.html

https://access.redhat.com/errata/RHSA-2014:0414

https://access.redhat.com/errata/RHSA-2014:0413

Details

Source: MITRE

Published: 2014-04-16

Updated: 2022-05-13

Risk Information

CVSS v2

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH