CVE-2014-2412Oracle JDK vulnerability

14 documents7 sources
Severity
7.5HIGHNVD
OSV10.0
EPSS
4.3%
top 11.08%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Canonical Ubuntu LinuxDebian LinuxOracle JDK+1 more
Timeline
PublishedApr 16
Latest updateMay 10

Description

Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, SE 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT, a different vulnerability than CVE-2014-0451.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

NVDoracle/jdk4 versions+3
NVDoracle/jre4 versions+3

Also affects: Debian Linux 6.0, 7.0, 8.0, Ubuntu Linux 10.04, 12.04, 12.10, 13.10, 14.04

🔴Vulnerability Details

7
GHSA
GHSA-3fv5-2j3p-9qmm: Unspecified vulnerability in Oracle Java SE 52022-05-10
GHSA
GHSA-wf6j-4458-f5r7: Unspecified vulnerability in Oracle Java SE 52022-05-10
OSV
openjdk-7 vulnerabilities2014-04-30
CVEList
CVE-2014-0451: Unspecified vulnerability in Oracle Java SE 52014-04-16
CVEList
CVE-2014-2412: Unspecified vulnerability in Oracle Java SE 52014-04-16

📋Vendor Advisories

4
Ubuntu
OpenJDK 6 vulnerabilities2014-05-01
Ubuntu
OpenJDK 7 vulnerabilities2014-04-30
Red Hat
OpenJDK: AWT incorrect FlavorMap seperation (AWT, 8026797)2014-04-15
Red Hat
OpenJDK: AWT thread context handling (AWT, 8025010)2014-04-15

💬Community

1
Bugzilla
CVE-2014-2412 OpenJDK: AWT thread context handling (AWT, 8025010)2014-04-14
CVE-2014-2412 — Oracle JDK vulnerability | cvebase