You are here

CVE-2014-0457

Vincent (CVE) Danen's picture
Unspecified vulnerability in Oracle Java SE 5.0u61, SE 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.

Details Source

Mitre

Public Date

2014-04-15 00:00:00

Impact

Critical

Bugzilla

CVE-2014-0457 OpenJDK: ServiceLoader Exception handling security bypass (Libraries, 8031394)

Bugzilla ID

1 087 411

CVSS Status

verified

Base Score

6.80

Base Metrics

AV:N/AC:M/Au:N/C:P/I:P/A:P

External References

http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA

Red Hat Security Errata

Platform Errata Release Date
Red Hat Satellite 5.6 (RHEL v.5) (java-1.6.0-ibm) RHSA-2014:0982 2014-07-29
Red Hat Satellite 5.5 (RHEL v.6) (java-1.6.0-ibm) RHSA-2014:0982 2014-07-29
Red Hat Enterprise Linux Supplementary (v. 6) (java-1.6.0-ibm) RHSA-2014:0508 2014-05-15
Red Hat Enterprise Linux Supplementary (v. 6) (java-1.5.0-ibm) RHSA-2014:0509 2014-05-15
Oracle Java for Red Hat Enterprise Linux 6 (java-1.6.0-sun) RHSA-2014:0414 2014-04-17
Red Hat Enterprise Linux Supplementary 5 (java-1.7.0-oracle) RHSA-2014:0412 2014-04-17
Red Hat Enterprise Linux 7 (java-1.7.0-openjdk) RHSA-2014:0675 2014-06-10
Oracle Java for Red Hat Enterprise Linux 5 (java-1.7.0-oracle) RHSA-2014:0413 2014-04-17
Oracle Java for Red Hat Enterprise Linux 5 (java-1.6.0-sun) RHSA-2014:0414 2014-04-17
Red Hat Enterprise Linux 6 (java-1.6.0-openjdk) RHSA-2014:0408 2014-04-16
Red Hat Enterprise Linux 6 (java-1.7.0-openjdk) RHSA-2014:0406 2014-04-16
Red Hat Enterprise Linux Supplementary (v. 6) (java-1.7.0-ibm) RHSA-2014:0486 2014-05-13
Red Hat Enterprise Linux Supplementary (v. 7) (java-1.7.1-ibm) RHSA-2014:0705 2014-06-10
Red Hat Enterprise Linux Supplementary 5 (java-1.5.0-ibm) RHSA-2014:0509 2014-05-15
Red Hat Enterprise Linux Supplementary 5 (java-1.6.0-ibm) RHSA-2014:0508 2014-05-15
Red Hat Enterprise Linux 7 (java-1.6.0-openjdk) RHSA-2014:0685 2014-06-10
Red Hat Enterprise Linux Supplementary (v. 6) (java-1.7.0-oracle) RHSA-2014:0412 2014-04-17
Red Hat Enterprise Linux 5 (java-1.6.0-openjdk) RHSA-2014:0408 2014-04-16
Red Hat Enterprise Linux 5 (java-1.7.0-openjdk) RHSA-2014:0407 2014-04-16
Red Hat Satellite 5.6 (RHEL v.6) (java-1.6.0-ibm) RHSA-2014:0982 2014-07-29
Red Hat Satellite 5.5 (RHEL v.5) (java-1.6.0-ibm) RHSA-2014:0982 2014-07-29
Oracle Java for Red Hat Enterprise Linux 6 (java-1.7.0-oracle) RHSA-2014:0413 2014-04-17
Red Hat Enterprise Linux Supplementary 5 (java-1.7.0-ibm) RHSA-2014:0486 2014-05-13
Red Hat Satellite 5.4 (RHEL v.6) (java-1.6.0-ibm) RHSA-2014:0982 2014-07-29
Red Hat Satellite 5.4 (RHEL v.5) (java-1.6.0-ibm) RHSA-2014:0982 2014-07-29

Affected Packages State

Platform Package State
Red Hat Enterprise Linux 7 java-1.7.0-oracle Affected