CVE-2014-2413: Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Embedded 7u51, allows remote attackers to affect integrity via unknown vectors related to…

CVE-2014-0429 [CRITICAL] OpenJDK 7 vulnerabilities Title: OpenJDK 7 vulnerabilities Summary: Several security issues were fixed in OpenJDK 7. Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. (CVE-2014-0429, CVE-2014-0446, CVE-2014-0451, CVE-2014-0452, CVE-2014-0454, CVE-2014-0455, CVE-2014-0456, CVE-2014-0457, CVE-2014-0458, CVE-2014-0461, CVE-2014-2397, CVE-2014-2402, CVE-2014-2412, CVE-2014-2414, CVE-2014-2421, CVE-2014-2423, CVE-2014-2427) Two vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit these to expose sensitive data over the network. (CVE-2014-0453, CVE-2014-0460) A v

CVE-2014-2413 [MEDIUM] OpenJDK: method handle call hierachy bypass (Libraries, 8032686) OpenJDK: method handle call hierachy bypass (Libraries, 8032686) Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Embedded 7u51, allows remote attackers to affect integrity via unknown vectors related to Libraries. Package: java-1.5.0-ibm (Red Hat Enterprise Linux 5) - Not affected Package: java-1.6.0-ibm (Red Hat Enterprise Linux 5) - Not affected Package: java-1.6.0-openjdk (Red Hat Enterprise Linux 5) - Not affected Package: java-1.7.0-ibm (Red Hat Enterprise Linux 5) - Not affected Package: java-1.5.0-ibm (Red Hat Enterprise Linux 6) - Not affected Package: java-1.6.0-ibm (Red Hat Enterprise Linux 6) - Not affected Package: java-1.6.0-openjdk (Red Hat Enterprise Linux 6) - Not affected Package: java-1.7.0-ibm (Red Hat Enterprise Linux 6) - Not affected Pack

CVE-2014-2413 [MEDIUM] Oracle Java SE/Java SE Embedded 7u51/8 Library cross site scripting (Nessus ID 73655 / ID 350404) A vulnerability was found in Oracle Java SE and Java SE Embedded 7u51/8. It has been declared as problematic. This impacts an unknown function of the component Library Handler. Such manipulation leads to basic cross site scripting. This vulnerability is documented as CVE-2014-2413. The attack can be executed remotely. There is not any exploit available. It is recommended to upgrade the affected component.

CVE-2014-2413 [MEDIUM] GHSA-5w7v-c7hh-c845: Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Embedded 7u51, allows remote attackers to affect integrity via unknown vectors rel Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Embedded 7u51, allows remote attackers to affect integrity via unknown vectors related to Libraries.

CVE-2014-0429 [CRITICAL] openjdk-7 vulnerabilities openjdk-7 vulnerabilities Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. (CVE-2014-0429, CVE-2014-0446, CVE-2014-0451, CVE-2014-0452, CVE-2014-0454, CVE-2014-0455, CVE-2014-0456, CVE-2014-0457, CVE-2014-0458, CVE-2014-0461, CVE-2014-2397, CVE-2014-2402, CVE-2014-2412, CVE-2014-2414, CVE-2014-2421, CVE-2014-2423, CVE-2014-2427) Two vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit these to expose sensitive data over the network. (CVE-2014-0453, CVE-2014-0460) A vulnerability was discovered in the OpenJDK JRE related to availabi

CVE-2014-2413 [MEDIUM] CVE-2014-2413: Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Embedded 7u51, allows remote attackers to affect integrity via unknown vectors rel Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Embedded 7u51, allows remote attackers to affect integrity via unknown vectors related to Libraries.

CVE-2014-2413 [MEDIUM] CVE-2014-2413 OpenJDK: method handle call hierachy bypass (Libraries, 8032686) CVE-2014-2413 OpenJDK: method handle call hierachy bypass (Libraries, 8032686) It was discovered that direct method handles are not properly protected against a certain use case. An untrusted Java application or applet could possibly use this flaw to bypass call hierachies. Discussion: Fixed now in Oracle Java SE 7u55 and 8u5 via Oracle Critical Patch Update Advisory - April 2014. Fixed in IcedTea7 2.4.7: http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2014-April/027222.html External References: http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA --- This issue has been addressed in following products: Red Hat Enterprise Linux 5 Via RHSA-2014:0407 https://rhn.redhat.com/errata/RHSA-2014-0407.html --- This issue has been addressed in fol