CVE-2014-2403 - Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows rem

CVE-2014-2403

Summary

Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality via vectors related to JAXP.

References

Vulnerable Configurations

cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update51:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update51:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update51:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update51:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.8.0:-:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.8.0:-:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.8.0:-:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.8.0:-:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update71:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update71:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update71:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update71:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*

CVSS

Base:	5.0 (as of 13-05-2022 - 14:57)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	NONE	NONE

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:N/A:N

redhat via4

advisories

rhsa
id RHSA-2014:0413
rhsa
id RHSA-2014:0414
rhsa
id RHSA-2014:0675
rhsa
id RHSA-2014:0685

rpms

java-1.7.0-openjdk-1:1.7.0.55-2.4.7.1.el6_5
java-1.7.0-openjdk-debuginfo-1:1.7.0.55-2.4.7.1.el6_5
java-1.7.0-openjdk-demo-1:1.7.0.55-2.4.7.1.el6_5
java-1.7.0-openjdk-devel-1:1.7.0.55-2.4.7.1.el6_5
java-1.7.0-openjdk-javadoc-1:1.7.0.55-2.4.7.1.el6_5
java-1.7.0-openjdk-src-1:1.7.0.55-2.4.7.1.el6_5
java-1.7.0-openjdk-1:1.7.0.55-2.4.7.1.el5_10
java-1.7.0-openjdk-debuginfo-1:1.7.0.55-2.4.7.1.el5_10
java-1.7.0-openjdk-demo-1:1.7.0.55-2.4.7.1.el5_10
java-1.7.0-openjdk-devel-1:1.7.0.55-2.4.7.1.el5_10
java-1.7.0-openjdk-javadoc-1:1.7.0.55-2.4.7.1.el5_10
java-1.7.0-openjdk-src-1:1.7.0.55-2.4.7.1.el5_10
java-1.6.0-openjdk-1:1.6.0.0-5.1.13.3.el5_10
java-1.6.0-openjdk-1:1.6.0.0-5.1.13.3.el6_5
java-1.6.0-openjdk-debuginfo-1:1.6.0.0-5.1.13.3.el5_10
java-1.6.0-openjdk-debuginfo-1:1.6.0.0-5.1.13.3.el6_5
java-1.6.0-openjdk-demo-1:1.6.0.0-5.1.13.3.el5_10
java-1.6.0-openjdk-demo-1:1.6.0.0-5.1.13.3.el6_5
java-1.6.0-openjdk-devel-1:1.6.0.0-5.1.13.3.el5_10
java-1.6.0-openjdk-devel-1:1.6.0.0-5.1.13.3.el6_5
java-1.6.0-openjdk-javadoc-1:1.6.0.0-5.1.13.3.el5_10
java-1.6.0-openjdk-javadoc-1:1.6.0.0-5.1.13.3.el6_5
java-1.6.0-openjdk-src-1:1.6.0.0-5.1.13.3.el5_10
java-1.6.0-openjdk-src-1:1.6.0.0-5.1.13.3.el6_5
java-1.7.0-oracle-1:1.7.0.55-1jpp.1.el6_5
java-1.7.0-oracle-1:1.7.0.55-1jpp.2.el5_10
java-1.7.0-oracle-devel-1:1.7.0.55-1jpp.1.el6_5
java-1.7.0-oracle-devel-1:1.7.0.55-1jpp.2.el5_10
java-1.7.0-oracle-javafx-1:1.7.0.55-1jpp.1.el6_5
java-1.7.0-oracle-javafx-1:1.7.0.55-1jpp.2.el5_10
java-1.7.0-oracle-jdbc-1:1.7.0.55-1jpp.1.el6_5
java-1.7.0-oracle-jdbc-1:1.7.0.55-1jpp.2.el5_10
java-1.7.0-oracle-plugin-1:1.7.0.55-1jpp.1.el6_5
java-1.7.0-oracle-plugin-1:1.7.0.55-1jpp.2.el5_10
java-1.7.0-oracle-src-1:1.7.0.55-1jpp.1.el6_5
java-1.7.0-oracle-src-1:1.7.0.55-1jpp.2.el5_10
java-1.7.0-oracle-1:1.7.0.55-1jpp.1.el6_5
java-1.7.0-oracle-1:1.7.0.55-1jpp.2.el5_10
java-1.7.0-oracle-devel-1:1.7.0.55-1jpp.1.el6_5
java-1.7.0-oracle-devel-1:1.7.0.55-1jpp.2.el5_10
java-1.7.0-oracle-javafx-1:1.7.0.55-1jpp.1.el6_5
java-1.7.0-oracle-javafx-1:1.7.0.55-1jpp.2.el5_10
java-1.7.0-oracle-jdbc-1:1.7.0.55-1jpp.1.el6_5
java-1.7.0-oracle-jdbc-1:1.7.0.55-1jpp.2.el5_10
java-1.7.0-oracle-plugin-1:1.7.0.55-1jpp.1.el6_5
java-1.7.0-oracle-plugin-1:1.7.0.55-1jpp.2.el5_10
java-1.7.0-oracle-src-1:1.7.0.55-1jpp.1.el6_5
java-1.7.0-oracle-src-1:1.7.0.55-1jpp.2.el5_10
java-1.6.0-sun-1:1.6.0.75-1jpp.1.el6_5
java-1.6.0-sun-1:1.6.0.75-1jpp.3.el5_10
java-1.6.0-sun-demo-1:1.6.0.75-1jpp.1.el6_5
java-1.6.0-sun-demo-1:1.6.0.75-1jpp.3.el5_10
java-1.6.0-sun-devel-1:1.6.0.75-1jpp.1.el6_5
java-1.6.0-sun-devel-1:1.6.0.75-1jpp.3.el5_10
java-1.6.0-sun-jdbc-1:1.6.0.75-1jpp.1.el6_5
java-1.6.0-sun-jdbc-1:1.6.0.75-1jpp.3.el5_10
java-1.6.0-sun-plugin-1:1.6.0.75-1jpp.1.el6_5
java-1.6.0-sun-plugin-1:1.6.0.75-1jpp.3.el5_10
java-1.6.0-sun-src-1:1.6.0.75-1jpp.1.el6_5
java-1.6.0-sun-src-1:1.6.0.75-1jpp.3.el5_10
java-1.7.0-openjdk-1:1.7.0.55-2.4.7.2.el7_0
java-1.7.0-openjdk-accessibility-1:1.7.0.55-2.4.7.2.el7_0
java-1.7.0-openjdk-debuginfo-1:1.7.0.55-2.4.7.2.el7_0
java-1.7.0-openjdk-demo-1:1.7.0.55-2.4.7.2.el7_0
java-1.7.0-openjdk-devel-1:1.7.0.55-2.4.7.2.el7_0
java-1.7.0-openjdk-headless-1:1.7.0.55-2.4.7.2.el7_0
java-1.7.0-openjdk-javadoc-1:1.7.0.55-2.4.7.2.el7_0
java-1.7.0-openjdk-src-1:1.7.0.55-2.4.7.2.el7_0
java-1.6.0-openjdk-1:1.6.0.0-6.1.13.3.el7_0
java-1.6.0-openjdk-debuginfo-1:1.6.0.0-6.1.13.3.el7_0
java-1.6.0-openjdk-demo-1:1.6.0.0-6.1.13.3.el7_0
java-1.6.0-openjdk-devel-1:1.6.0.0-6.1.13.3.el7_0
java-1.6.0-openjdk-javadoc-1:1.6.0.0-6.1.13.3.el7_0
java-1.6.0-openjdk-src-1:1.6.0.0-6.1.13.3.el7_0

refmap via4

bid	66918
confirm	http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html
debian	DSA-2912
gentoo	GLSA-201406-32 GLSA-201502-12
hp	HPSBUX03091 HPSBUX03092 SSRT101667 SSRT101668
secunia	58415
ubuntu	USN-2187-1 USN-2191-1

Last major update

13-05-2022 - 14:57

Published

16-04-2014 - 01:55

Last modified

13-05-2022 - 14:57