CVE-2014-2490: Unspecified vulnerability in the Java SE component in Oracle Java SE 7u60 and SE 8u5 allows remote attackers to affect confidentiality, integrity, and…

CVE-2014-2483 [CRITICAL] OpenJDK 7 update Title: OpenJDK 7 update Summary: This update provides stability updates for OpenJDK 7. USN-2319-1 fixed vulnerabilities in OpenJDK 7. This update provides stability fixes for the arm64 and ppc64el architectures. Original advisory details: Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. (CVE-2014-2483, CVE-2014-2490, CVE-2014-4216, CVE-2014-4219, CVE-2014-4223, CVE-2014-4262) Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit these to expose sensitive data over the network. (CVE-2014-4209, CVE-2014-4244, CVE-2014-4263)

[CRITICAL] OpenJDK 7 regression Title: OpenJDK 7 regression Summary: USN-2319-1 introduced a regression in OpenJDK 7. USN-2319-1 fixed vulnerabilities in OpenJDK 7. Due to an upstream regression, verifying of the init method call would fail when it was done from inside a branch when stack frames are activated. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. (CVE-2014-2483, CVE-2014-2490, CVE-2014-4216, CVE-2014-4219, CVE-2014-4223, CVE-2014-4262) Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and d

CVE-2014-2483 [CRITICAL] OpenJDK 7 vulnerabilities Title: OpenJDK 7 vulnerabilities Summary: Several security issues were fixed in OpenJDK 7. Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. (CVE-2014-2483, CVE-2014-2490, CVE-2014-4216, CVE-2014-4219, CVE-2014-4223, CVE-2014-4262) Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit these to expose sensitive data over the network. (CVE-2014-4209, CVE-2014-4244, CVE-2014-4263) Two vulnerabilities were discovered in the OpenJDK JRE related to data integrity. (CVE-2014-4218, CVE-2014-4266) A vulnerability was discovered in t

CVE-2014-2490 [CRITICAL] OpenJDK 6 vulnerabilities Title: OpenJDK 6 vulnerabilities Summary: Several security issues were fixed in OpenJDK 6. Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. (CVE-2014-2490, CVE-2014-4216, CVE-2014-4219, CVE-2014-4262) Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit these to expose sensitive data over the network. (CVE-2014-4209, CVE-2014-4244, CVE-2014-4263) Two vulnerabilities were discovered in the OpenJDK JRE related to data integrity. (CVE-2014-4218, CVE-2014-4266) Two vulnerabilities were discovered in the OpenJDK JRE related to

CVE-2014-2490 [CRITICAL] CWE-134 OpenJDK: Event logger format string vulnerability (Hotspot, 8037076) OpenJDK: Event logger format string vulnerability (Hotspot, 8037076) Unspecified vulnerability in the Java SE component in Oracle Java SE 7u60 and SE 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. Package: java-1.6.0-sun (Red Hat Enterprise Linux 5) - Not affected Package: java-1.6.0-sun (Red Hat Enterprise Linux 6) - Not affected Package: java-1.6.0-sun (Red Hat Enterprise Linux 7) - Not affected

CVE-2014-2490 [HIGH] GHSA-5vjw-xx6j-g68j: Unspecified vulnerability in the Java SE component in Oracle Java SE 7u60 and SE 8u5 allows remote attackers to affect confidentiality, integrity, and Unspecified vulnerability in the Java SE component in Oracle Java SE 7u60 and SE 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.

CVE-2014-2483 [CRITICAL] openjdk-7 update openjdk-7 update USN-2319-1 fixed vulnerabilities in OpenJDK 7. This update provides stability fixes for the arm64 and ppc64el architectures. Original advisory details: Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. (CVE-2014-2483, CVE-2014-2490, CVE-2014-4216, CVE-2014-4219, CVE-2014-4223, CVE-2014-4262) Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit these to expose sensitive data over the network. (CVE-2014-4209, CVE-2014-4244, CVE-2014-4263) Two vulnerabilities were discovered in the OpenJDK JRE related to data

[CRITICAL] openjdk-7 regression openjdk-7 regression USN-2319-1 fixed vulnerabilities in OpenJDK 7. Due to an upstream regression, verifying of the init method call would fail when it was done from inside a branch when stack frames are activated. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. (CVE-2014-2483, CVE-2014-2490, CVE-2014-4216, CVE-2014-4219, CVE-2014-4223, CVE-2014-4262) Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit these to expose sensitive

CVE-2014-2483 [CRITICAL] openjdk-7 vulnerabilities openjdk-7 vulnerabilities Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. (CVE-2014-2483, CVE-2014-2490, CVE-2014-4216, CVE-2014-4219, CVE-2014-4223, CVE-2014-4262) Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit these to expose sensitive data over the network. (CVE-2014-4209, CVE-2014-4244, CVE-2014-4263) Two vulnerabilities were discovered in the OpenJDK JRE related to data integrity. (CVE-2014-4218, CVE-2014-4266) A vulnerability was discovered in the OpenJDK JRE related to availability. An attacker could exploit

CVE-2014-2490 [CRITICAL] CVE-2014-2490: Unspecified vulnerability in the Java SE component in Oracle Java SE 7u60 and SE 8u5 allows remote attackers to affect confidentiality, integrity, and Unspecified vulnerability in the Java SE component in Oracle Java SE 7u60 and SE 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.

CVE-2014-2490 [CRITICAL] CVE-2014-2490 OpenJDK: Event logger format string vulnerability (Hotspot, 8037076) CVE-2014-2490 OpenJDK: Event logger format string vulnerability (Hotspot, 8037076) It was discovered that the event logger contains a format string error. An untrusted Java application or applet could possibly use this flaw to cause the Java Virtual Machine to crash, or, potentially, execute arbitrary code with the privileges of the Java Virtual Machine. Discussion: This issue has been addressed in following products: Red Hat Enterprise Linux 5 Via RHSA-2014:0890 https://rhn.redhat.com/errata/RHSA-2014-0890.html --- This issue has been addressed in following products: Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 7 Via RHSA-2014:0889 https://rhn.redhat.com/errata/RHSA-2014-0889.html --- Fixed now in Oracle Java SE 5u71, 6.0u81, 7.0u65, and 8.0u11 via Critical Patch Update