CVE-2014-2490

2014-07-1700:00:00

ubuntu.com

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.02 Low

EPSS

Percentile

88.9%

JSON

Unspecified vulnerability in the Java SE component in Oracle Java SE 7u60
and SE 8u5 allows remote attackers to affect confidentiality, integrity,
and availability via unknown vectors related to Hotspot.

Notes

Author	Note
mdeslaur	in lucid+, NetX and the plugin moved to the icedtea-web package
jdstrand	sun-java6 is not redistributable, no longer in the archive and no longer tracked sun-java5 is EOL upstream and no longer tracked

OSVersionArchitecturePackageVersionFilename
ubuntu10.04noarchopenjdk-6< 6b32-1.13.4-1ubuntu1~0.10.04.1UNKNOWN
ubuntu12.04noarchopenjdk-6< 6b32-1.13.4-1ubuntu1~0.12.04.1UNKNOWN
ubuntu14.04noarchopenjdk-6< 6b32-1.13.4-4ubuntu0.14.04.1UNKNOWN
ubuntu12.04noarchopenjdk-7< 7u65-2.5.1-4ubuntu1~0.12.04.1UNKNOWN
ubuntu14.04noarchopenjdk-7< 7u65-2.5.1-1ubuntu1~0.14.04.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	10.04	noarch	openjdk-6	< 6b32-1.13.4-1ubuntu1~0.10.04.1	UNKNOWN
ubuntu	12.04	noarch	openjdk-6	< 6b32-1.13.4-1ubuntu1~0.12.04.1	UNKNOWN
ubuntu	14.04	noarch	openjdk-6	< 6b32-1.13.4-4ubuntu0.14.04.1	UNKNOWN
ubuntu	12.04	noarch	openjdk-7	< 7u65-2.5.1-4ubuntu1~0.12.04.1	UNKNOWN
ubuntu	14.04	noarch	openjdk-7	< 7u65-2.5.1-1ubuntu1~0.14.04.1	UNKNOWN