CVE-2014-2421

10 documents7 sources

Severity

10.0CRITICAL

EPSS

5.8%

top 9.47%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Forms Viewer Juniper Junos Space Canonical Ubuntu Linux +4 more

Timeline

PublishedApr 16

Latest updateMay 10

Description

Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JavaFX 2.2.51; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages6 packages

▶NVDoracle/jdk4 versions+3

▶NVDoracle/jre4 versions+3

▶NVDoracle/jrockitr27.8.1, r28.3.1+1

▶NVDibm/forms_viewer4.0.0 — 4.0.0.3+1

▶NVDjuniper/junos_space< 15.1

Also affects: Debian Linux 6.0, 7.0, 8.0, Ubuntu Linux 10.04, 12.04, 12.10, 13.10, 14.04

🔴Vulnerability Details

GHSA

GHSA-xpc4-vv94-q5pm: Unspecified vulnerability in Oracle Java SE 5↗2022-05-10

▶

OSV

openjdk-7 vulnerabilities↗2014-04-30

▶

CVEList

CVE-2014-2421: Unspecified vulnerability in Oracle Java SE 5↗2014-04-16

▶

OSV

CVE-2014-2421: Unspecified vulnerability in Oracle Java SE 5↗2014-04-15

▶

📋Vendor Advisories

Ubuntu

OpenJDK 6 vulnerabilities↗2014-05-01

▶

Ubuntu

OpenJDK 7 vulnerabilities↗2014-04-30

▶

Red Hat

OpenJDK: JPEG decoder input stream handling (2D, 8029854)↗2014-04-15

▶

💬Community

Bugzilla

CVE-2014-2421 OpenJDK: JPEG decoder input stream handling (2D, 8029854)↗2014-04-14

▶

Bugzilla

CVE-2013-2421 OpenJDK: Hotspot MethodHandle lookup error (Hotspot, 8009699)↗2013-04-16

▶