PT-2014-1260 · Oracle+4 · Java Development Kit+6

Published

2014-01-15

Updated

2022-05-13

CVE-2014-0403

CVSS v2.0

5.8

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:N

Name of the Vulnerable Software and Affected Versions Java Runtime Environment (affected versions not specified) Java Development Kit (affected versions not specified)

Description The issue is related to a component of the Java platform, specifically the Deployment component. It allows a remote attacker to compromise the confidentiality and integrity of data.

Recommendations For Java Runtime Environment, consider disabling the Deployment component as a temporary workaround until a patch is available. For Java Development Kit, restrict access to the Deployment component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-461

Related Identifiers

BDU:2015-00004

BDU:2015-00005

CVE-2014-0403

HPSBUX02972

HPSBUX02973

RHSA-2014:0030

RHSA-2014:0134

RHSA-2014:0135

RHSA-2014:0414

RHSA-2014:0705

RHSA-2014:0982

RHSA-2014_0030

RHSA-2014_0134

RHSA-2014_0135

RHSA-2014_0414

RHSA-2014_0705

Affected Products

Hp-Ux

Ibm Aix

Java Development Kit

Java Platform

Java Runtime Environment

Red Hat

Suse

PT-2014-1260 · Oracle+4 · Java Development Kit+6

CVE-2014-0403

Weakness Enumeration

Related Identifiers

Affected Products

References · 318