PT-2014-1265 · Oracle+5 · Java Development Kit+9

Published

2014-04-15

·

Updated

2024-06-15

·

CVE-2014-2397

CVSS v2.0

9.3

High

VectorAV:N/AC:M/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Java Development Kit versions prior to the fixed version Java Runtime Environment versions prior to the fixed version Oracle Java SE versions 7u51 and 8 Java SE Embedded version 7u51
Description The issue is related to the Hotspot component, allowing a remote attacker to compromise the confidentiality, integrity, and availability of data. The estimated number of potentially affected devices worldwide is not specified. There is no information about real-world incidents where this issue was exploited. Technical details about exploitation include the use of unknown vectors related to the Hotspot component.
Recommendations For Java Development Kit, update to a version that includes the fix for this issue. For Java Runtime Environment, update to a version that includes the fix for this issue. For Oracle Java SE versions 7u51 and 8, update to a version that includes the fix for this issue. For Java SE Embedded version 7u51, update to a version that includes the fix for this issue. As a temporary workaround, consider disabling the Hotspot component until a patch is available.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-461

Related Identifiers

BDU:2015-00014
BDU:2015-00015
CESA-2014_0406
CESA-2014_0408
CVE-2014-2397
DSA-2912-1
DSA-2923-1
HPSBUX03091
MGASA-2014-0189
OPENSUSE-SU-2024:10534-1
RHSA-2014:0406
RHSA-2014:0407
RHSA-2014:0408
RHSA-2014:0412
RHSA-2014:0413
RHSA-2014:0675
RHSA-2014:0685
RHSA-2014_0406
RHSA-2014_0407
RHSA-2014_0408
RHSA-2014_0412
RHSA-2014_0413
RHSA-2014_0675
RHSA-2014_0685
USN-2187-1
USN-2191-1

Affected Products

Centos
Hp-Ux
Java Development Kit
Java Platform
Java Runtime Environment
Java Se
Java Se Embedded
Red Hat
Suse
Ubuntu