Ubuntu.comUB:CVE-2014-2483CVE-2014-2483
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.027 Low
EPSS
Percentile
90.4%
Unspecified vulnerability in the Java SE component in Oracle Java SE Java
SE 7u60 and OpenJDK 7 allows remote attackers to affect confidentiality,
integrity, and availability via unknown vectors related to Libraries, a
different vulnerability than CVE-2014-4223. NOTE: the previous information
is from the July 2014 CPU. Oracle has not commented on another vendor’s
claim that the issue is related to improper restriction of the “use of
privileged annotations.”
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 10.04 | noarch | openjdk-6 | < 6b32-1.13.4-1ubuntu1~0.10.04.1 | UNKNOWN |
| ubuntu | 12.04 | noarch | openjdk-6 | < 6b32-1.13.4-1ubuntu1~0.12.04.1 | UNKNOWN |
| ubuntu | 14.04 | noarch | openjdk-6 | < 6b32-1.13.4-1ubuntu1~0.14.04.1 | UNKNOWN |
| ubuntu | 12.04 | noarch | openjdk-7 | < 7u65-2.5.1-4ubuntu1~0.12.04.1 | UNKNOWN |
| ubuntu | 14.04 | noarch | openjdk-7 | < 7u65-2.5.1-1ubuntu1~0.14.04.1 | UNKNOWN |
References
hg.openjdk.java.net/jdk7u/jdk7u/hotspot/rev/848481af9003
www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
bugzilla.redhat.com/show_bug.cgi?id=1119626
launchpad.net/bugs/cve/CVE-2014-2483
nvd.nist.gov/vuln/detail/CVE-2014-2483
security-tracker.debian.org/tracker/CVE-2014-2483
ubuntu.com/security/notices/USN-2319-1
www.cve.org/CVERecord?id=CVE-2014-2483
Related
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.027 Low
EPSS
Percentile
90.4%