CVE-2014-0451
published 2014-04-16CVE-2014-0451: Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity…
high7.5CVSS 3.1
AVNACLAuNCPIPAP
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT, a different vulnerability than CVE-2014-2412.
Affected
16 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| oracle | jdk | — | — |
| oracle | jdk | — | — |
| oracle | jdk | — | — |
| oracle | jdk | — | — |
| oracle | jre | — | — |
| oracle | jre | — | — |
| oracle | jre | — | — |
| oracle | jre | — | — |
CVSS provenance
nvd7.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv10.0CRITICAL
VulDB
Oracle Java SE/Java SE Embedded 5.0u61/6u71/7u51/8 AWT cross site scripting (Nessus ID 73654 / ID 185086)
vuldb·2026-05-10·CVSS 7.5
CVE-2014-0451 [HIGH] Oracle Java SE/Java SE Embedded 5.0u61/6u71/7u51/8 AWT cross site scripting (Nessus ID 73654 / ID 185086)
A vulnerability classified as critical was found in Oracle Java SE and Java SE Embedded 5.0u61/6u71/7u51/8. Affected by this vulnerability is an unknown functionality of the component AWT. The manipulation results in basic cross site scripting.
This vulnerability is identified as CVE-2014-0451. The attack can be executed remotely. There is not any exploit available.
Upgrading the affected component is advised.
GHSA
GHSA-3fv5-2j3p-9qmm: Unspecified vulnerability in Oracle Java SE 5
ghsa_unreviewed·2022-05-10·CVSS 7.5
CVE-2014-0451 [HIGH] GHSA-3fv5-2j3p-9qmm: Unspecified vulnerability in Oracle Java SE 5
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT, a different vulnerability than CVE-2014-2412.
GHSA
GHSA-wf6j-4458-f5r7: Unspecified vulnerability in Oracle Java SE 5
ghsa_unreviewed·2022-05-10·CVSS 7.5
CVE-2014-2412 [HIGH] GHSA-wf6j-4458-f5r7: Unspecified vulnerability in Oracle Java SE 5
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, SE 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT, a different vulnerability than CVE-2014-0451.
OSV
openjdk-7 vulnerabilities
osv·2014-04-30·CVSS 10.0
CVE-2014-0429 [CRITICAL] openjdk-7 vulnerabilities
openjdk-7 vulnerabilities
Several vulnerabilities were discovered in the OpenJDK JRE related to
information disclosure, data integrity and availability. An attacker could
exploit these to cause a denial of service or expose sensitive data over
the network. (CVE-2014-0429, CVE-2014-0446, CVE-2014-0451, CVE-2014-0452,
CVE-2014-0454, CVE-2014-0455, CVE-2014-0456, CVE-2014-0457, CVE-2014-0458,
CVE-2014-0461, CVE-2014-2397, CVE-2014-2402, CVE-2014-2412, CVE-2014-2414,
CVE-2014-2421, CVE-2014-2423, CVE-2014-2427)
Two vulnerabilities were discovered in the OpenJDK JRE related to
information disclosure and data integrity. An attacker could exploit these
to expose sensitive data over the network. (CVE-2014-0453, CVE-2014-0460)
A vulnerability was discovered in the OpenJDK JRE related to availabi
OSV
CVE-2014-2412: Unspecified vulnerability in Oracle Java SE 5
osv·2014-04-15·CVSS 7.5
CVE-2014-2412 [HIGH] CVE-2014-2412: Unspecified vulnerability in Oracle Java SE 5
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, SE 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT, a different vulnerability than CVE-2014-0451.
OSV
CVE-2014-0451: Unspecified vulnerability in Oracle Java SE 5
osv·2014-04-15·CVSS 7.5
CVE-2014-0451 [HIGH] CVE-2014-0451: Unspecified vulnerability in Oracle Java SE 5
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT, a different vulnerability than CVE-2014-2412.
Ubuntu
OpenJDK 6 vulnerabilities
vendor_ubuntu·2014-05-01·CVSS 10.0
CVE-2014-0429 [CRITICAL] OpenJDK 6 vulnerabilities
Title: OpenJDK 6 vulnerabilities
Summary: Several security issues were fixed in OpenJDK 6.
Several vulnerabilities were discovered in the OpenJDK JRE related to
information disclosure, data integrity and availability. An attacker could
exploit these to cause a denial of service or expose sensitive data over
the network. (CVE-2014-0429, CVE-2014-0446, CVE-2014-0451, CVE-2014-0452,
CVE-2014-0456, CVE-2014-0457, CVE-2014-0458, CVE-2014-0461, CVE-2014-0462,
CVE-2014-2397, CVE-2014-2405, CVE-2014-2412, CVE-2014-2414, CVE-2014-2421,
CVE-2014-2423, CVE-2014-2427)
Two vulnerabilities were discovered in the OpenJDK JRE related to
information disclosure and data integrity. An attacker could exploit these
to expose sensitive data over the network. (CVE-2014-0453, CVE-2014-0460)
A vulnerability wa
Ubuntu
OpenJDK 7 vulnerabilities
vendor_ubuntu·2014-04-30·CVSS 10.0
CVE-2014-0429 [CRITICAL] OpenJDK 7 vulnerabilities
Title: OpenJDK 7 vulnerabilities
Summary: Several security issues were fixed in OpenJDK 7.
Several vulnerabilities were discovered in the OpenJDK JRE related to
information disclosure, data integrity and availability. An attacker could
exploit these to cause a denial of service or expose sensitive data over
the network. (CVE-2014-0429, CVE-2014-0446, CVE-2014-0451, CVE-2014-0452,
CVE-2014-0454, CVE-2014-0455, CVE-2014-0456, CVE-2014-0457, CVE-2014-0458,
CVE-2014-0461, CVE-2014-2397, CVE-2014-2402, CVE-2014-2412, CVE-2014-2414,
CVE-2014-2421, CVE-2014-2423, CVE-2014-2427)
Two vulnerabilities were discovered in the OpenJDK JRE related to
information disclosure and data integrity. An attacker could exploit these
to expose sensitive data over the network. (CVE-2014-0453, CVE-2014-0460)
A v
Red Hat
OpenJDK: AWT incorrect FlavorMap seperation (AWT, 8026797)
vendor_redhat·2014-04-15·CVSS 7.5
CVE-2014-0451 [HIGH] OpenJDK: AWT incorrect FlavorMap seperation (AWT, 8026797)
OpenJDK: AWT incorrect FlavorMap seperation (AWT, 8026797)
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT, a different vulnerability than CVE-2014-2412.
Package: java-1.7.0-oracle (Red Hat Enterprise Linux 7) - Not affected
Red Hat
OpenJDK: AWT thread context handling (AWT, 8025010)
vendor_redhat·2014-04-15·CVSS 7.5
CVE-2014-2412 [HIGH] OpenJDK: AWT thread context handling (AWT, 8025010)
OpenJDK: AWT thread context handling (AWT, 8025010)
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, SE 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT, a different vulnerability than CVE-2014-0451.
Package: java-1.7.0-oracle (Red Hat Enterprise Linux 7) - Not affected
No detection rules found.
No public exploits indexed.
http://marc.info/?l=bugtraq&m=140852886808946&w=2http://marc.info/?l=bugtraq&m=140852974709252&w=2http://rhn.redhat.com/errata/RHSA-2014-0675.htmlhttp://rhn.redhat.com/errata/RHSA-2014-0685.htmlhttp://secunia.com/advisories/58415http://security.gentoo.org/glsa/glsa-201406-32.xmlhttp://security.gentoo.org/glsa/glsa-201502-12.xmlhttp://www-01.ibm.com/support/docview.wss?uid=swg21672080http://www.debian.org/security/2014/dsa-2912http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.htmlhttp://www.securityfocus.com/bid/66879http://www.ubuntu.com/usn/USN-2187-1http://www.ubuntu.com/usn/USN-2191-1https://access.redhat.com/errata/RHSA-2014:0413https://access.redhat.com/errata/RHSA-2014:0414http://marc.info/?l=bugtraq&m=140852886808946&w=2http://marc.info/?l=bugtraq&m=140852974709252&w=2http://rhn.redhat.com/errata/RHSA-2014-0675.htmlhttp://rhn.redhat.com/errata/RHSA-2014-0685.htmlhttp://secunia.com/advisories/58415http://security.gentoo.org/glsa/glsa-201406-32.xmlhttp://security.gentoo.org/glsa/glsa-201502-12.xmlhttp://www-01.ibm.com/support/docview.wss?uid=swg21672080http://www.debian.org/security/2014/dsa-2912http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.htmlhttp://www.securityfocus.com/bid/66879http://www.ubuntu.com/usn/USN-2187-1http://www.ubuntu.com/usn/USN-2191-1https://access.redhat.com/errata/RHSA-2014:0413https://access.redhat.com/errata/RHSA-2014:0414
2014-04-16
Published