PT-2014-1247 · Oracle+4 · Java Se Embedded+7

Publicado

2014-04-15

·

Atualizado

2022-05-13

·

CVE-2014-2401

CVSS v2.0

5.0

Média

VetorAV:N/AC:L/Au:N/C:N/I:P/A:N
Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 5.0u61, 6u71, 7u51, and 8 JavaFX version 2.2.51 Java SE Embedded version 7u51
Description The issue allows remote attackers to affect confidentiality via unknown vectors related to 2D. Exploitation of this issue can allow a remote attacker to compromise the confidentiality, integrity, and availability of data using the 2D subcomponent.
Recommendations For Oracle Java SE versions 5.0u61, 6u71, 7u51, and 8, update to a version that is not affected by this issue. For JavaFX version 2.2.51, update to a version that is not affected by this issue. For Java SE Embedded version 7u51, update to a version that is not affected by this issue. As a temporary workaround, consider restricting the use of the 2D subcomponent until a patch is available.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-461

Identificadores relacionados

BDU:2014-00461
BDU:2014-00462
BDU:2014-00463
BDU:2014-00464
BDU:2014-00465
BDU:2014-00466
BDU:2014-00467
BDU:2014-00468
CVE-2014-2401
HPSBUX03091
HPSBUX03092
RHSA-2014:0412
RHSA-2014:0413
RHSA-2014:0414
RHSA-2014:0486
RHSA-2014:0508
RHSA-2014:0509
RHSA-2014:0705
RHSA-2014:0982
RHSA-2014_0412
RHSA-2014_0413
RHSA-2014_0414
RHSA-2014_0486
RHSA-2014_0508
RHSA-2014_0509
RHSA-2014_0705

Produtos afetados

Hp-Ux
Ibm Aix
Java Platform
Java Se
Java Se Embedded
Javafx
Red Hat
Suse