Oracle Java SE Multiple Vulnerabilities (October 2014 CPU) (Unix)

The version of Oracle formerly Sun Java SE or Java for Business installed on the remote host is prior to 8 Update 25, 7 Update 71, 6 Update 85, or 5 Update 75. It is, therefore, affected by security issues in the following components : - 2D - AWT - Deployment - Hotspot - JAXP - JSSE - JavaFX -...

JDK: unspecified vulnerability fixed in 7u65 and 8u11 (Deployment)

Unspecified vulnerability in the Java SE component in Oracle Java SE 7u60 and 8u5 allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2014-4220...

OpenJDK: insecure subject principals set handling (JAAS, 8024306)

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect integrity via vectors related to JAAS. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the...

Oracle Java SE JRE Multiple Unspecified Vulnerabilities-03 (Jul 2014) - Windows

Oracle Java SE JRE is prone to multiple unspecified vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Java SE JRE Multiple Unspecified Vulnerabilities-03 (Jul 2014) - Linux

Oracle Java SE JRE is prone to multiple unspecified vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Java SE JRE Multiple Unspecified Vulnerabilities-05 (Jul 2014) - Windows

Oracle Java SE JRE is prone to multiple unspecified vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OpenJDK: Bytecode verification does not prevent ctor calls to this() and super() (Hotspot, 8035119)

Unspecified vulnerability in Oracle Java SE 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot...

CVE-2014-4263

CVE-2014-4263 is an unspecified security vulnerability with partial confidentiality and partial integrity impact (no availability impact) affecting IBM Java SDK/JRE components used in IBM SAN Volume Controller and Storwize family, among others. IBM’s remediation guidance consistently recommends u...

CVE-2014-2490

Unspecified vulnerability in the Java SE component in Oracle Java SE 7u60 and SE 8u5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot...

CVE-2014-2483

Unspecified vulnerability in the Java SE component in Oracle Java SE Java SE 7u60 and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2014-4223. NOTE: the previous information is...

CVE-2014-4208

Unspecified vulnerability in the Java SE component in Oracle Java SE 7u60 and 8u5 allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2014-4220...

Buffer overflow

Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality and integrity via vectors related to JMX...

Design/Logic Flaw

Unspecified vulnerability in the Java SE component in Oracle Java SE 7u60 and 8u5 allows remote attackers to affect integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2014-4220...

Design/Logic Flaw

Unspecified vulnerability in the Java SE component in Oracle Java SE Java SE 7u60 and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2014-4223. NOTE: the previous information is...

CVE-2014-2483

Unspecified vulnerability in the Java SE component in Oracle Java SE Java SE 7u60 and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2014-4223. NOTE: the previous information is...

CVE-2014-2483

CVE-2014-2483 is an unspecified vulnerability in the Libraries component of Oracle Java SE 7u60 and OpenJDK 7 that allows remote confidentiality, integrity, and availability impact. Connected sources confirm this CVE is part of a broader set of Java 7/OpenJDK issues disclosed in July 2014, with m...

CVE-2014-4216

CVE-2014-4216 is described in the initial document as an unspecified vulnerability in Oracle Java SE affecting the Hotspot component, with potential impact to confidentiality, integrity, and availability. The affected versions listed are Java SE 5.0u65, 6u75, 7u60, and 8u5, and the vectors are no...

CVE-2014-4220

CVE-2014-4220 is an IBM-related vulnerability in the Deployment component of IBM SDK Java Technology Edition (versions affected by Tivoli Storage Productivity Center and related IBM products). Root cause: unspecified issue in Deployment leads to no confidentiality impact, partial integrity impact...

CVE-2014-4223

CVE-2014-4223 is an Oracle/OpenJDK Java SE vulnerability described as a libraries component issue with complete confidentiality, integrity, and availability impact. The IBM Java SDK advisories treating this CVE (and related Java 7 family flaws) list affected products and provide remediation steps...

UBUNTU-CVE-2014-4268

Unspecified vulnerability in Oracle Java SE 5.0u65, 6u75, 7u60, and 8u5 allows remote attackers to affect confidentiality via unknown vectors related to Swing...