CVE-2014-2413 — Oracle JDK vulnerability

8 documents7 sources

Severity

4.3MEDIUMNVD

OSV10.0

EPSS

0.5%

top 35.26%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Canonical Ubuntu Linux Oracle JDK Oracle JRE

Timeline

PublishedApr 16

Latest updateMay 10

Description

Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Embedded 7u51, allows remote attackers to affect integrity via unknown vectors related to Libraries.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages2 packages

▶NVDoracle/jdk1.7.0, 1.8.0+1

▶NVDoracle/jre1.7.0, 1.8.0+1

Also affects: Ubuntu Linux 12.10, 13.10, 14.04

🔴Vulnerability Details

GHSA

GHSA-5w7v-c7hh-c845: Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Embedded 7u51, allows remote attackers to affect integrity via unknown vectors rel↗2022-05-10

▶

OSV

openjdk-7 vulnerabilities↗2014-04-30

▶

CVEList

CVE-2014-2413: Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Embedded 7u51, allows remote attackers to affect integrity via unknown vectors rel↗2014-04-16

▶

OSV

CVE-2014-2413: Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Embedded 7u51, allows remote attackers to affect integrity via unknown vectors rel↗2014-04-15

▶

📋Vendor Advisories

Ubuntu

OpenJDK 7 vulnerabilities↗2014-04-30

▶

Red Hat

OpenJDK: method handle call hierachy bypass (Libraries, 8032686)↗2014-04-15

▶

💬Community

Bugzilla

CVE-2014-2413 OpenJDK: method handle call hierachy bypass (Libraries, 8032686)↗2014-04-14

▶