PT-2014-1239 · Oracle+6 · Java Se Embedded+9

Publicado

2014-04-15

·

Atualizado

2024-06-15

·

CVE-2014-2421

CVSS v2.0

10

Alta

VetorAV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 5.0u61, 6u71, 7u51, and 8 JavaFX version 2.2.51 Java SE Embedded version 7u51
Description The issue affects confidentiality, integrity, and availability via unknown vectors related to 2D. It is associated with subcomponents of the Java Development Kit and Java Runtime Environment, allowing remote attackers to exploit the vulnerability.
Recommendations For Oracle Java SE versions 5.0u61, 6u71, 7u51, and 8, update to a version that is not affected by this issue. For JavaFX version 2.2.51, update to a version that is not affected by this issue. For Java SE Embedded version 7u51, update to a version that is not affected by this issue. As a temporary workaround, consider restricting access to the 2D subcomponent until a patch is available.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-461

Identificadores relacionados

BDU:2014-00445
BDU:2014-00446
CESA-2014_0406
CESA-2014_0408
CVE-2014-2421
DSA-2912-1
DSA-2923-1
HPSBUX03091
HPSBUX03092
MGASA-2014-0189
OPENSUSE-SU-2024:10534-1
RHSA-2014:0406
RHSA-2014:0407
RHSA-2014:0408
RHSA-2014:0412
RHSA-2014:0413
RHSA-2014:0414
RHSA-2014:0486
RHSA-2014:0508
RHSA-2014:0509
RHSA-2014:0675
RHSA-2014:0685
RHSA-2014:0705
RHSA-2014:0982
RHSA-2014_0406
RHSA-2014_0407
RHSA-2014_0408
RHSA-2014_0412
RHSA-2014_0413
RHSA-2014_0414
RHSA-2014_0486
RHSA-2014_0508
RHSA-2014_0509
RHSA-2014_0675
RHSA-2014_0685
RHSA-2014_0705
USN-2187-1
USN-2191-1
ZDI-14-102

Produtos afetados

Centos
Hp-Ux
Ibm Aix
Java Platform
Java Se
Java Se Embedded
Javafx
Red Hat
Suse
Ubuntu