CVE-2014-4288: Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality, integrity, and availability via unknown…

CVE-2014-4288 [HIGH] GHSA-jvx7-35cg-w97r: Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality, integrity, and availability via un Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2014-6493, CVE-2014-6503, and CVE-2014-6532.

CVE-2014-6493 [HIGH] GHSA-x9c3-pfjg-6f43: Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality, integrity, and availability via un Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2014-4288, CVE-2014-6503, and CVE-2014-6532.

CVE-2014-6503 [HIGH] GHSA-wqrv-8v5g-pgqj: Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality, integrity, and availability via un Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2014-4288, CVE-2014-6493, and CVE-2014-6532.

CVE-2014-6532 [HIGH] GHSA-9x5w-fgxg-c345: Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality, integrity, and availability via un Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2014-4288, CVE-2014-6493, and CVE-2014-6503.

CVE-2014-6532 [HIGH] JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment) JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment) Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2014-4288, CVE-2014-6493, and CVE-2014-6503.

CVE-2014-6493 [HIGH] JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment) JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment) Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2014-4288, CVE-2014-6503, and CVE-2014-6532.

CVE-2014-4288 [HIGH] JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment) JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment) Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2014-6493, CVE-2014-6503, and CVE-2014-6532.

CVE-2014-6503 [HIGH] JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment) JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment) Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2014-4288, CVE-2014-6493, and CVE-2014-6532.

CVE-2014-5033 [HIGH] CWE-362 polkit-qt: insecure calling of polkit polkit-qt: insecure calling of polkit KDE kdelibs before 4.14 and kauth before 5.1 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process, related to CVE-2013-4288 and "PID reuse race conditions." It was found that polkit-qt handled authorization requests with PolicyKit via a D-Bus API that is vulnerable to a race condition. A local user could use this flaw to bypass intended PolicyKit authorizations.

CVE-2014-6532 [HIGH] CVE-2014-6532: openjdk-8 - Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows remote a... Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2014-4288, CVE-2014-6493, and CVE-2014-6503. Scope: local sid: resolved

CVE-2014-6493 [HIGH] CVE-2014-6493: openjdk-8 - Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows remote a... Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2014-4288, CVE-2014-6503, and CVE-2014-6532. Scope: local sid: resolved

CVE-2014-6503 [HIGH] CVE-2014-6503: openjdk-8 - Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows remote a... Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2014-4288, CVE-2014-6493, and CVE-2014-6532. Scope: local sid: resolved

CVE-2014-4288 [HIGH] CVE-2014-4288: openjdk-8 - Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows remote a... Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2014-6493, CVE-2014-6503, and CVE-2014-6532. Scope: local sid: resolved

CVE-2014-4288 [HIGH] CVE-2014-4288 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment) CVE-2014-4288 Oracle JDK: unspecified vulnerability fixed in 6u85, 7u71 and 8u25 (Deployment) Oracle Java SE 6u85, 7u71 and 8u25 fixes an unspecified vulnerability in the Deployment component (CVE-2014-4288). Upstream has CVSSv2 scored this issue as: 7.6/AV:N/AC:H/Au:N/C:C/I:C/A:C External Reference: http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html#AppendixJAVA Discussion: This issue has been addressed in the following products: Oracle Java for Red Hat Enterprise Linux 7 Oracle Java for Red Hat Enterprise Linux 6 Oracle Java for Red Hat Enterprise Linux 5 Via RHSA-2014:1658 https://rhn.redhat.com/errata/RHSA-2014-1658.html --- This issue has been addressed in the following products: Oracle Java for Red Hat Enterprise Linux 7 Oracle Java for Red Hat Enterp