CVE-2014-4268Oracle JDK vulnerability

13 documents7 sources
Severity
5.0MEDIUMNVD
OSV9.3
EPSS
3.8%
top 11.96%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Oracle JDKOracle JRE
Timeline
PublishedJul 17
Latest updateMay 13

Description

Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality via unknown vectors related to Swing.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

NVDoracle/jdk4 versions+3
NVDoracle/jre4 versions+3

🔴Vulnerability Details

6
GHSA
GHSA-p388-pw52-w2mq: Unspecified vulnerability in Oracle Java SE 52022-05-13
OSV
openjdk-7 update2014-09-17
OSV
openjdk-7 regression2014-08-26
OSV
openjdk-7 vulnerabilities2014-08-20
CVEList
CVE-2014-4268: Unspecified vulnerability in Oracle Java SE 52014-07-17

📋Vendor Advisories

5
Ubuntu
OpenJDK 7 update2014-09-17
Ubuntu
OpenJDK 7 regression2014-08-26
Ubuntu
OpenJDK 7 vulnerabilities2014-08-20
Ubuntu
OpenJDK 6 vulnerabilities2014-08-12
Red Hat
OpenJDK: Missing file choser access restrictions (Swing, 8035699)2014-07-15

💬Community

1
Bugzilla
CVE-2014-4268 OpenJDK: Missing file choser access restrictions (Swing, 8035699)2014-07-15
CVE-2014-4268 — Oracle JDK vulnerability | cvebase