CVE-2014-2398 - Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JavaFX 2.2.51; and JRockit R2

CVE-2014-2398

Summary

Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JavaFX 2.2.51; and JRockit R27.8.1 and R28.3.1 allows remote authenticated users to affect integrity via unknown vectors related to Javadoc.

References

Vulnerable Configurations

cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
cpe:2.3:a:oracle:jrockit:r27.8.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jrockit:r27.8.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jrockit:r28.3.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jrockit:r28.3.1:*:*:*:*:*:*:*
cpe:2.3:a:oracle:javafx:2.2.51:*:*:*:*:*:*:*
cpe:2.3:a:oracle:javafx:2.2.51:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update51:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update51:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update51:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update51:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.8.0:-:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.8.0:-:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.8.0:-:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.8.0:-:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.5.0:update61:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.5.0:update61:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update71:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update71:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.5.0:update61:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.5.0:update61:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update71:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update71:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:forms_viewer:8.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:forms_viewer:8.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:forms_viewer:8.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:forms_viewer:8.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:forms_viewer:4.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:forms_viewer:4.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:forms_viewer:4.0.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:forms_viewer:4.0.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:forms_viewer:4.0.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:forms_viewer:4.0.0.2:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

CVSS

Base:	3.5 (as of 13-05-2022 - 14:57)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	SINGLE

Impact

Confidentiality	Integrity	Availability
NONE	PARTIAL	NONE

cvss-vector via4

AV:N/AC:M/Au:S/C:N/I:P/A:N

redhat via4

advisories

rhsa
id RHSA-2014:0413
rhsa
id RHSA-2014:0414
rhsa
id RHSA-2014:0675
rhsa
id RHSA-2014:0685

rpms

java-1.7.0-openjdk-1:1.7.0.55-2.4.7.1.el6_5
java-1.7.0-openjdk-debuginfo-1:1.7.0.55-2.4.7.1.el6_5
java-1.7.0-openjdk-demo-1:1.7.0.55-2.4.7.1.el6_5
java-1.7.0-openjdk-devel-1:1.7.0.55-2.4.7.1.el6_5
java-1.7.0-openjdk-javadoc-1:1.7.0.55-2.4.7.1.el6_5
java-1.7.0-openjdk-src-1:1.7.0.55-2.4.7.1.el6_5
java-1.7.0-openjdk-1:1.7.0.55-2.4.7.1.el5_10
java-1.7.0-openjdk-debuginfo-1:1.7.0.55-2.4.7.1.el5_10
java-1.7.0-openjdk-demo-1:1.7.0.55-2.4.7.1.el5_10
java-1.7.0-openjdk-devel-1:1.7.0.55-2.4.7.1.el5_10
java-1.7.0-openjdk-javadoc-1:1.7.0.55-2.4.7.1.el5_10
java-1.7.0-openjdk-src-1:1.7.0.55-2.4.7.1.el5_10
java-1.6.0-openjdk-1:1.6.0.0-5.1.13.3.el5_10
java-1.6.0-openjdk-1:1.6.0.0-5.1.13.3.el6_5
java-1.6.0-openjdk-debuginfo-1:1.6.0.0-5.1.13.3.el5_10
java-1.6.0-openjdk-debuginfo-1:1.6.0.0-5.1.13.3.el6_5
java-1.6.0-openjdk-demo-1:1.6.0.0-5.1.13.3.el5_10
java-1.6.0-openjdk-demo-1:1.6.0.0-5.1.13.3.el6_5
java-1.6.0-openjdk-devel-1:1.6.0.0-5.1.13.3.el5_10
java-1.6.0-openjdk-devel-1:1.6.0.0-5.1.13.3.el6_5
java-1.6.0-openjdk-javadoc-1:1.6.0.0-5.1.13.3.el5_10
java-1.6.0-openjdk-javadoc-1:1.6.0.0-5.1.13.3.el6_5
java-1.6.0-openjdk-src-1:1.6.0.0-5.1.13.3.el5_10
java-1.6.0-openjdk-src-1:1.6.0.0-5.1.13.3.el6_5
java-1.7.0-oracle-1:1.7.0.55-1jpp.1.el6_5
java-1.7.0-oracle-1:1.7.0.55-1jpp.2.el5_10
java-1.7.0-oracle-devel-1:1.7.0.55-1jpp.1.el6_5
java-1.7.0-oracle-devel-1:1.7.0.55-1jpp.2.el5_10
java-1.7.0-oracle-javafx-1:1.7.0.55-1jpp.1.el6_5
java-1.7.0-oracle-javafx-1:1.7.0.55-1jpp.2.el5_10
java-1.7.0-oracle-jdbc-1:1.7.0.55-1jpp.1.el6_5
java-1.7.0-oracle-jdbc-1:1.7.0.55-1jpp.2.el5_10
java-1.7.0-oracle-plugin-1:1.7.0.55-1jpp.1.el6_5
java-1.7.0-oracle-plugin-1:1.7.0.55-1jpp.2.el5_10
java-1.7.0-oracle-src-1:1.7.0.55-1jpp.1.el6_5
java-1.7.0-oracle-src-1:1.7.0.55-1jpp.2.el5_10
java-1.7.0-oracle-1:1.7.0.55-1jpp.1.el6_5
java-1.7.0-oracle-1:1.7.0.55-1jpp.2.el5_10
java-1.7.0-oracle-devel-1:1.7.0.55-1jpp.1.el6_5
java-1.7.0-oracle-devel-1:1.7.0.55-1jpp.2.el5_10
java-1.7.0-oracle-javafx-1:1.7.0.55-1jpp.1.el6_5
java-1.7.0-oracle-javafx-1:1.7.0.55-1jpp.2.el5_10
java-1.7.0-oracle-jdbc-1:1.7.0.55-1jpp.1.el6_5
java-1.7.0-oracle-jdbc-1:1.7.0.55-1jpp.2.el5_10
java-1.7.0-oracle-plugin-1:1.7.0.55-1jpp.1.el6_5
java-1.7.0-oracle-plugin-1:1.7.0.55-1jpp.2.el5_10
java-1.7.0-oracle-src-1:1.7.0.55-1jpp.1.el6_5
java-1.7.0-oracle-src-1:1.7.0.55-1jpp.2.el5_10
java-1.6.0-sun-1:1.6.0.75-1jpp.1.el6_5
java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10
java-1.6.0-sun-demo-1:1.6.0.75-1jpp.1.el6_5
java-1.6.0-sun-demo-1:1.6.0.75-1jpp.3.el5_10
java-1.6.0-sun-devel-1:1.6.0.75-1jpp.1.el6_5
java-1.6.0-sun-devel-1:1.6.0.75-1jpp.3.el5_10
java-1.6.0-sun-jdbc-1:1.6.0.75-1jpp.1.el6_5
java-1.6.0-sun-jdbc-1:1.6.0.75-1jpp.3.el5_10
java-1.6.0-sun-plugin-1:1.6.0.75-1jpp.1.el6_5
java-1.6.0-sun-plugin-1:1.6.0.75-1jpp.3.el5_10
java-1.6.0-sun-src-1:1.6.0.75-1jpp.1.el6_5
java-1.6.0-sun-src-1:1.6.0.75-1jpp.3.el5_10
java-1.7.0-ibm-1:1.7.0.7.0-1jpp.1.el5_10
java-1.7.0-ibm-1:1.7.0.7.0-1jpp.1.el6_5
java-1.7.0-ibm-demo-1:1.7.0.7.0-1jpp.1.el5_10
java-1.7.0-ibm-demo-1:1.7.0.7.0-1jpp.1.el6_5
java-1.7.0-ibm-devel-1:1.7.0.7.0-1jpp.1.el5_10
java-1.7.0-ibm-devel-1:1.7.0.7.0-1jpp.1.el6_5
java-1.7.0-ibm-jdbc-1:1.7.0.7.0-1jpp.1.el5_10
java-1.7.0-ibm-jdbc-1:1.7.0.7.0-1jpp.1.el6_5
java-1.7.0-ibm-plugin-1:1.7.0.7.0-1jpp.1.el5_10
java-1.7.0-ibm-plugin-1:1.7.0.7.0-1jpp.1.el6_5
java-1.7.0-ibm-src-1:1.7.0.7.0-1jpp.1.el5_10
java-1.7.0-ibm-src-1:1.7.0.7.0-1jpp.1.el6_5
java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5_10
java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6_5
java-1.6.0-ibm-accessibility-1:1.6.0.16.0-1jpp.1.el5_10
java-1.6.0-ibm-demo-1:1.6.0.16.0-1jpp.1.el5_10
java-1.6.0-ibm-demo-1:1.6.0.16.0-1jpp.1.el6_5
java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5_10
java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6_5
java-1.6.0-ibm-javacomm-1:1.6.0.16.0-1jpp.1.el5_10
java-1.6.0-ibm-javacomm-1:1.6.0.16.0-1jpp.1.el6_5
java-1.6.0-ibm-jdbc-1:1.6.0.16.0-1jpp.1.el5_10
java-1.6.0-ibm-jdbc-1:1.6.0.16.0-1jpp.1.el6_5
java-1.6.0-ibm-plugin-1:1.6.0.16.0-1jpp.1.el5_10
java-1.6.0-ibm-plugin-1:1.6.0.16.0-1jpp.1.el6_5
java-1.6.0-ibm-src-1:1.6.0.16.0-1jpp.1.el5_10
java-1.6.0-ibm-src-1:1.6.0.16.0-1jpp.1.el6_5
java-1.5.0-ibm-1:1.5.0.16.6-1jpp.1.el5_10
java-1.5.0-ibm-1:1.5.0.16.6-1jpp.1.el6_5
java-1.5.0-ibm-accessibility-1:1.5.0.16.6-1jpp.1.el5_10
java-1.5.0-ibm-demo-1:1.5.0.16.6-1jpp.1.el5_10
java-1.5.0-ibm-demo-1:1.5.0.16.6-1jpp.1.el6_5
java-1.5.0-ibm-devel-1:1.5.0.16.6-1jpp.1.el5_10
java-1.5.0-ibm-devel-1:1.5.0.16.6-1jpp.1.el6_5
java-1.5.0-ibm-javacomm-1:1.5.0.16.6-1jpp.1.el5_10
java-1.5.0-ibm-javacomm-1:1.5.0.16.6-1jpp.1.el6_5
java-1.5.0-ibm-jdbc-1:1.5.0.16.6-1jpp.1.el5_10
java-1.5.0-ibm-jdbc-1:1.5.0.16.6-1jpp.1.el6_5
java-1.5.0-ibm-plugin-1:1.5.0.16.6-1jpp.1.el5_10
java-1.5.0-ibm-plugin-1:1.5.0.16.6-1jpp.1.el6_5
java-1.5.0-ibm-src-1:1.5.0.16.6-1jpp.1.el5_10
java-1.5.0-ibm-src-1:1.5.0.16.6-1jpp.1.el6_5
java-1.7.0-openjdk-1:1.7.0.55-2.4.7.2.el7_0
java-1.7.0-openjdk-accessibility-1:1.7.0.55-2.4.7.2.el7_0
java-1.7.0-openjdk-debuginfo-1:1.7.0.55-2.4.7.2.el7_0
java-1.7.0-openjdk-demo-1:1.7.0.55-2.4.7.2.el7_0
java-1.7.0-openjdk-devel-1:1.7.0.55-2.4.7.2.el7_0
java-1.7.0-openjdk-headless-1:1.7.0.55-2.4.7.2.el7_0
java-1.7.0-openjdk-javadoc-1:1.7.0.55-2.4.7.2.el7_0
java-1.7.0-openjdk-src-1:1.7.0.55-2.4.7.2.el7_0
java-1.6.0-openjdk-1:1.6.0.0-6.1.13.3.el7_0
java-1.6.0-openjdk-debuginfo-1:1.6.0.0-6.1.13.3.el7_0
java-1.6.0-openjdk-demo-1:1.6.0.0-6.1.13.3.el7_0
java-1.6.0-openjdk-devel-1:1.6.0.0-6.1.13.3.el7_0
java-1.6.0-openjdk-javadoc-1:1.6.0.0-6.1.13.3.el7_0
java-1.6.0-openjdk-src-1:1.6.0.0-6.1.13.3.el7_0
java-1.7.1-ibm-1:1.7.1.1.0-1jpp.2.el7_0
java-1.7.1-ibm-demo-1:1.7.1.1.0-1jpp.2.el7_0
java-1.7.1-ibm-devel-1:1.7.1.1.0-1jpp.2.el7_0
java-1.7.1-ibm-jdbc-1:1.7.1.1.0-1jpp.2.el7_0
java-1.7.1-ibm-plugin-1:1.7.1.1.0-1jpp.2.el7_0
java-1.7.1-ibm-src-1:1.7.1.1.0-1jpp.2.el7_0
java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el5
java-1.6.0-ibm-1:1.6.0.16.0-1jpp.1.el6
java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el5
java-1.6.0-ibm-devel-1:1.6.0.16.0-1jpp.1.el6

refmap via4

bid	66920
confirm	http://www-01.ibm.com/support/docview.wss?uid=swg21672080 http://www-01.ibm.com/support/docview.wss?uid=swg21676746 http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html
debian	DSA-2912
gentoo	GLSA-201406-32 GLSA-201502-12
hp	HPSBUX03091 HPSBUX03092 SSRT101667 SSRT101668
secunia	58415 59058
ubuntu	USN-2187-1 USN-2191-1

Last major update

13-05-2022 - 14:57

Published

16-04-2014 - 01:55

Last modified

13-05-2022 - 14:57