7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.008 Low
EPSS
Percentile
81.3%
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, SE 7u51, and 8,
and Java SE Embedded 7u51, allows remote attackers to affect
confidentiality, integrity, and availability via vectors related to AWT, a
different vulnerability than CVE-2014-0451.
Author | Note |
---|---|
mdeslaur | in lucid+, NetX and the plugin moved to the icedtea-web package |
jdstrand | sun-java6 is not redistributable, no longer in the archive and no longer tracked sun-java5 is EOL upstream and no longer tracked |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 10.04 | noarch | openjdk-6 | < 6b31-1.13.3-1ubuntu1~0.10.04.1 | UNKNOWN |
ubuntu | 12.04 | noarch | openjdk-6 | < 6b31-1.13.3-1ubuntu1~0.12.04.2 | UNKNOWN |
ubuntu | 12.10 | noarch | openjdk-6 | < 6b31-1.13.3-1ubuntu1~0.12.10.1 | UNKNOWN |
ubuntu | 13.10 | noarch | openjdk-6 | < 6b31-1.13.3-1ubuntu1~0.13.10.1 | UNKNOWN |
ubuntu | 12.04 | noarch | openjdk-7 | < 7u55-2.4.7-1ubuntu1~0.12.04.2 | UNKNOWN |
ubuntu | 12.10 | noarch | openjdk-7 | < 7u55-2.4.7-1ubuntu1~0.12.10.1 | UNKNOWN |
ubuntu | 13.10 | noarch | openjdk-7 | < 7u55-2.4.7-1ubuntu1~0.13.10.1 | UNKNOWN |
ubuntu | 14.04 | noarch | openjdk-7 | < 7u55-2.4.7-1ubuntu1 | UNKNOWN |
www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html
launchpad.net/bugs/cve/CVE-2014-2412
nvd.nist.gov/vuln/detail/CVE-2014-2412
security-tracker.debian.org/tracker/CVE-2014-2412
ubuntu.com/security/notices/USN-2187-1
ubuntu.com/security/notices/USN-2191-1
www.cve.org/CVERecord?id=CVE-2014-2412