CVE-2014-6513: Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality, integrity, and…

CVE-2014-6513 [MEDIUM] OpenJDK 7 vulnerabilities Title: OpenJDK 7 vulnerabilities Summary: Several security issues were fixed in OpenJDK 7. USN-2388-1 fixed vulnerabilities in OpenJDK 7 for Ubuntu 14.04 LTS. This update provides the corresponding updates for Ubuntu 14.10. Original advisory details: A vulnerability was discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit this to expose sensitive data over the network. (CVE-2014-6457) Several vulnerabilities were discovered in the OpenJDK JRE related to data integrity. (CVE-2014-6502, CVE-2014-6512, CVE-2014-6519, CVE-2014-6527, CVE-2014-6558) Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure. An attacker could exploit these to expose sensitive data over the network. (CVE-2014-6504, CV

CVE-2014-6457 [MEDIUM] OpenJDK 7 vulnerabilities Title: OpenJDK 7 vulnerabilities Summary: Several security issues were fixed in OpenJDK 7. A vulnerability was discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit this to expose sensitive data over the network. (CVE-2014-6457) Several vulnerabilities were discovered in the OpenJDK JRE related to data integrity. (CVE-2014-6502, CVE-2014-6512, CVE-2014-6519, CVE-2014-6527, CVE-2014-6558) Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure. An attacker could exploit these to expose sensitive data over the network. (CVE-2014-6504, CVE-2014-6511, CVE-2014-6517, CVE-2014-6531) Two vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availabil

CVE-2014-6457 [MEDIUM] OpenJDK 6 vulnerabilities Title: OpenJDK 6 vulnerabilities Summary: Several security issues were fixed in OpenJDK 6. A vulnerability was discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit this to expose sensitive data over the network. (CVE-2014-6457) Several vulnerabilities were discovered in the OpenJDK JRE related to data integrity. (CVE-2014-6502, CVE-2014-6512, CVE-2014-6519, CVE-2014-6558) Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure. An attacker could exploit these to expose sensitive data over the network. (CVE-2014-6504, CVE-2014-6511, CVE-2014-6517, CVE-2014-6531) Two vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacke

CVE-2014-6513 [CRITICAL] OpenJDK: splash image handling memory corruption (AWT, 8042609) OpenJDK: splash image handling memory corruption (AWT, 8042609) Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. Statement: Not vulnerable. This issue did not affect the versions of OpenJDK as shipped with Red Hat Enterprise Linux. Package: java-1.6.0-ibm (Red Hat Enterprise Linux 5) - Not affected Package: java-1.6.0-openjdk (Red Hat Enterprise Linux 5) - Not affected Package: java-1.6.0-sun (Red Hat Enterprise Linux 5) - Not affected Package: java-1.7.0-ibm (Red Hat Enterprise Linux 5) - Not affected Package: java-1.7.0-openjdk (Red Hat Enterprise Linux 5) - Not affected Package: java-1.7.0-oracle (Red Hat Enterprise Linux 5) - Not

CVE-2014-6513 [CRITICAL] CVE-2014-6513: openjdk-8 - Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20, and Java SE Em... Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. Scope: local sid: resolved

CVE-2014-6513 [HIGH] GHSA-h75v-f2c8-xr3q: Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality, integr Unspecified vulnerability in Oracle Java SE 6u81, 7u67, and 8u20, and Java SE Embedded 7u60, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT.

CVE-2014-6457 [MEDIUM] openjdk-7 vulnerabilities openjdk-7 vulnerabilities A vulnerability was discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit this to expose sensitive data over the network. (CVE-2014-6457) Several vulnerabilities were discovered in the OpenJDK JRE related to data integrity. (CVE-2014-6502, CVE-2014-6512, CVE-2014-6519, CVE-2014-6527, CVE-2014-6558) Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure. An attacker could exploit these to expose sensitive data over the network. (CVE-2014-6504, CVE-2014-6511, CVE-2014-6517, CVE-2014-6531) Two vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service

CVE-2014-6513 [CRITICAL] CVE-2014-6513 OpenJDK: splash image handling memory corruption (AWT, 8042609) CVE-2014-6513 OpenJDK: splash image handling memory corruption (AWT, 8042609) A flaw was found in the way the AWT component of OpenJDK handled splash screen images. A specially crafted image could possibly cause JVM memory corruption. A malicious Java application or applet could use this flaw to execute arbitrary code with JVM privileges, bypassing Java sandbox restrictions. This issue affected native code for Windows platform. Linux builds of OpenJDK do not use the affected code and are unaffected by this issue. Discussion: Statement: Not vulnerable. This issue did not affect the versions of OpenJDK as shipped with Red Hat Enterprise Linux. --- Public now via Oracle Critical Patch Update - October 2014. Fixed in Oracle Java SE 6u85, 7u71, and 8u25. External References: http://www