CVE-2014-0408: Unspecified vulnerability in Oracle Java SE 7u45, when running on OS X, allows remote attackers to affect confidentiality, integrity, and availability via…

CVE-2013-5817 [MEDIUM] OpenJDK 7 vulnerabilities Title: OpenJDK 7 vulnerabilities Summary: Several security issues were fixed in OpenJDK 7. Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit these to expose sensitive data over the network. (CVE-2013-3829, CVE-2013-5783, CVE-2013-5804, CVE-2014-0411) Several vulnerabilities were discovered in the OpenJDK JRE related to availability. An attacker could exploit these to cause a denial of service. (CVE-2013-4002, CVE-2013-5803, CVE-2013-5823, CVE-2013-5825, CVE-2013-5896, CVE-2013-5910) Several vulnerabilities were discovered in the OpenJDK JRE related to data integrity. (CVE-2013-5772, CVE-2013-5774, CVE-2013-5784, CVE-2013-5797, CVE-2013-5820, CVE-2014-0376, CVE-2014-0416) Several vulnerabilities we

CVE-2014-0408 [CRITICAL] OpenJDK: JObjC code issues (Hotspot, 8021266) OpenJDK: JObjC code issues (Hotspot, 8021266) Unspecified vulnerability in Oracle Java SE 7u45, when running on OS X, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. Statement: Not vulnerable. This issue did not affect the versions of OpenJDK and Oracle JDK as shipped with Red Hat Enterprise Linux 5 and 6. Package: java-1.6.0-openjdk (Red Hat Enterprise Linux 5) - Not affected Package: java-1.7.0-openjdk (Red Hat Enterprise Linux 5) - Not affected Package: java-1.7.0-oracle (Red Hat Enterprise Linux 5) - Not affected Package: java-1.6.0-openjdk (Red Hat Enterprise Linux 6) - Not affected Package: java-1.7.0-openjdk (Red Hat Enterprise Linux 6) - Not affected Package: java-1.7.0-oracle (Red Hat Enterprise Linux 6

CVE-2014-0408 [HIGH] GHSA-jhmh-wxf9-fc28: Unspecified vulnerability in Oracle Java SE 7u45, when running on OS X, allows remote attackers to affect confidentiality, integrity, and availability Unspecified vulnerability in Oracle Java SE 7u45, when running on OS X, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.

CVE-2014-3566 openjdk-7 vulnerabilities openjdk-7 vulnerabilities Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. (CVE-2014-3566, CVE-2014-6587, CVE-2014-6601, CVE-2015-0395, CVE-2015-0408, CVE-2015-0412) Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure. An attacker could exploit these to expose sensitive data over the network. (CVE-2014-6585, CVE-2014-6591, CVE-2015-0400, CVE-2015-0407) A vulnerability was discovered in the OpenJDK JRE related to information disclosure and integrity. An attacker could exploit this to expose sensitive data over the network. (CVE-2014-6593) A vulnerability was discovere

CVE-2014-0408 [CRITICAL] CVE-2014-0408 OpenJDK: JObjC code issues (Hotspot, 8021266) CVE-2014-0408 OpenJDK: JObjC code issues (Hotspot, 8021266) An unspecified issue related to ObjC code was discovered in the Hotspot component of OpenJDK when use on the Apple MacOS X platform. An untrusted Java application or applet could possibly use this flaw to bypass Java sandbox restrictions. This issue was platform specific and did not affect Linux OpenJDK packages. Statement: Not vulnerable. This issue did not affect the versions of OpenJDK and Oracle JDK as shipped with Red Hat Enterprise Linux 5 and 6. Discussion: Public now via Oracle CPU January 2014. Fixed in Oracle JDK 7u51. External References: http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html