CVE-2014-4218: Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect integrity via unknown vectors related to Libraries.

CVE-2014-2483 [CRITICAL] OpenJDK 7 update Title: OpenJDK 7 update Summary: This update provides stability updates for OpenJDK 7. USN-2319-1 fixed vulnerabilities in OpenJDK 7. This update provides stability fixes for the arm64 and ppc64el architectures. Original advisory details: Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. (CVE-2014-2483, CVE-2014-2490, CVE-2014-4216, CVE-2014-4219, CVE-2014-4223, CVE-2014-4262) Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit these to expose sensitive data over the network. (CVE-2014-4209, CVE-2014-4244, CVE-2014-4263)

[CRITICAL] OpenJDK 7 regression Title: OpenJDK 7 regression Summary: USN-2319-1 introduced a regression in OpenJDK 7. USN-2319-1 fixed vulnerabilities in OpenJDK 7. Due to an upstream regression, verifying of the init method call would fail when it was done from inside a branch when stack frames are activated. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. (CVE-2014-2483, CVE-2014-2490, CVE-2014-4216, CVE-2014-4219, CVE-2014-4223, CVE-2014-4262) Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and d

CVE-2014-2483 [CRITICAL] OpenJDK 7 vulnerabilities Title: OpenJDK 7 vulnerabilities Summary: Several security issues were fixed in OpenJDK 7. Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. (CVE-2014-2483, CVE-2014-2490, CVE-2014-4216, CVE-2014-4219, CVE-2014-4223, CVE-2014-4262) Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit these to expose sensitive data over the network. (CVE-2014-4209, CVE-2014-4244, CVE-2014-4263) Two vulnerabilities were discovered in the OpenJDK JRE related to data integrity. (CVE-2014-4218, CVE-2014-4266) A vulnerability was discovered in t

CVE-2014-2490 [CRITICAL] OpenJDK 6 vulnerabilities Title: OpenJDK 6 vulnerabilities Summary: Several security issues were fixed in OpenJDK 6. Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. (CVE-2014-2490, CVE-2014-4216, CVE-2014-4219, CVE-2014-4262) Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit these to expose sensitive data over the network. (CVE-2014-4209, CVE-2014-4244, CVE-2014-4263) Two vulnerabilities were discovered in the OpenJDK JRE related to data integrity. (CVE-2014-4218, CVE-2014-4266) Two vulnerabilities were discovered in the OpenJDK JRE related to

CVE-2014-4218 [MEDIUM] OpenJDK: Clone interfaces passed to proxy methods (Libraries, 8035009) OpenJDK: Clone interfaces passed to proxy methods (Libraries, 8035009) Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect integrity via unknown vectors related to Libraries.

CVE-2014-4218 [MEDIUM] GHSA-7qv6-5jq4-2xp7: Unspecified vulnerability in Oracle Java SE 5 Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect integrity via unknown vectors related to Libraries.

CVE-2014-2483 [CRITICAL] openjdk-7 update openjdk-7 update USN-2319-1 fixed vulnerabilities in OpenJDK 7. This update provides stability fixes for the arm64 and ppc64el architectures. Original advisory details: Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. (CVE-2014-2483, CVE-2014-2490, CVE-2014-4216, CVE-2014-4219, CVE-2014-4223, CVE-2014-4262) Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit these to expose sensitive data over the network. (CVE-2014-4209, CVE-2014-4244, CVE-2014-4263) Two vulnerabilities were discovered in the OpenJDK JRE related to data

[CRITICAL] openjdk-7 regression openjdk-7 regression USN-2319-1 fixed vulnerabilities in OpenJDK 7. Due to an upstream regression, verifying of the init method call would fail when it was done from inside a branch when stack frames are activated. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. (CVE-2014-2483, CVE-2014-2490, CVE-2014-4216, CVE-2014-4219, CVE-2014-4223, CVE-2014-4262) Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit these to expose sensitive

CVE-2014-2483 [CRITICAL] openjdk-7 vulnerabilities openjdk-7 vulnerabilities Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. (CVE-2014-2483, CVE-2014-2490, CVE-2014-4216, CVE-2014-4219, CVE-2014-4223, CVE-2014-4262) Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit these to expose sensitive data over the network. (CVE-2014-4209, CVE-2014-4244, CVE-2014-4263) Two vulnerabilities were discovered in the OpenJDK JRE related to data integrity. (CVE-2014-4218, CVE-2014-4266) A vulnerability was discovered in the OpenJDK JRE related to availability. An attacker could exploit

CVE-2014-4218 [MEDIUM] CVE-2014-4218: Unspecified vulnerability in Oracle Java SE 5 Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect integrity via unknown vectors related to Libraries.

CVE-2014-4218 [MEDIUM] CVE-2014-4218 OpenJDK: Clone interfaces passed to proxy methods (Libraries, 8035009) CVE-2014-4218 OpenJDK: Clone interfaces passed to proxy methods (Libraries, 8035009) It was discovered that the Libraries component did not properly clone the interface array before passing it to proxy methods. An untrusted Java application or applet could possibly use this flaw to bypass intended security restrictions. Discussion: This issue has been addressed in following products: Red Hat Enterprise Linux 5 Via RHSA-2014:0890 https://rhn.redhat.com/errata/RHSA-2014-0890.html --- This issue has been addressed in following products: Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 7 Via RHSA-2014:0889 https://rhn.redhat.com/errata/RHSA-2014-0889.html --- Fixed now in Oracle Java SE 5u71, 6.0u81, 7.0u65, and 8.0u11 via Critical Patch Update July 2014. Fixed in IcedTea 1.13.4