7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.008 Low
EPSS
Percentile
81.2%
Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8, and
Java SE Embedded 7u51, allows remote attackers to affect confidentiality,
integrity, and availability via unknown vectors related to Sound.
Author | Note |
---|---|
mdeslaur | in lucid+, NetX and the plugin moved to the icedtea-web package |
jdstrand | sun-java6 is not redistributable, no longer in the archive and no longer tracked sun-java5 is EOL upstream and no longer tracked |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 10.04 | noarch | openjdk-6 | < 6b31-1.13.3-1ubuntu1~0.10.04.1 | UNKNOWN |
ubuntu | 12.04 | noarch | openjdk-6 | < 6b31-1.13.3-1ubuntu1~0.12.04.2 | UNKNOWN |
ubuntu | 12.10 | noarch | openjdk-6 | < 6b31-1.13.3-1ubuntu1~0.12.10.1 | UNKNOWN |
ubuntu | 13.10 | noarch | openjdk-6 | < 6b31-1.13.3-1ubuntu1~0.13.10.1 | UNKNOWN |
ubuntu | 12.04 | noarch | openjdk-7 | < 7u55-2.4.7-1ubuntu1~0.12.04.2 | UNKNOWN |
ubuntu | 12.10 | noarch | openjdk-7 | < 7u55-2.4.7-1ubuntu1~0.12.10.1 | UNKNOWN |
ubuntu | 13.10 | noarch | openjdk-7 | < 7u55-2.4.7-1ubuntu1~0.13.10.1 | UNKNOWN |
ubuntu | 14.04 | noarch | openjdk-7 | < 7u55-2.4.7-1ubuntu1 | UNKNOWN |
www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2427
launchpad.net/bugs/cve/CVE-2014-2427
nvd.nist.gov/vuln/detail/CVE-2014-2427
security-tracker.debian.org/tracker/CVE-2014-2427
ubuntu.com/security/notices/USN-2187-1
ubuntu.com/security/notices/USN-2191-1