You are here

CVE-2014-4223

Vincent (CVE) Danen's picture
Unspecified vulnerability in Oracle Java SE 7u60 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2014-2483.

Details Source

Mitre

Public Date

2014-07-15 00:00:00

Impact

Critical

Bugzilla

CVE-2014-4223 OpenJDK: Incorrect handling of invocations with exhausted ranks (Libraries, 8035793)

Bugzilla ID

1 119 602

CVSS Status

verified

Base Score

6.80

Base Metrics

AV:N/AC:M/Au:N/C:P/I:P/A:P

External References

http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html#AppendixJAVA

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 6 (java-1.7.0-openjdk) RHSA-2014:0889 2014-07-16
Red Hat Enterprise Linux 5 (java-1.7.0-openjdk) RHSA-2014:0890 2014-07-16
Red Hat Enterprise Linux 7 (java-1.7.0-openjdk) RHSA-2014:0889 2014-07-16
Oracle Java for Red Hat Enterprise Linux 6 (java-1.7.0-oracle) RHSA-2014:0902 2014-07-18
Oracle Java for Red Hat Enterprise Linux 7 (java-1.7.0-oracle) RHSA-2014:0902 2014-07-18
Oracle Java for Red Hat Enterprise Linux 5 (java-1.7.0-oracle) RHSA-2014:0902 2014-07-18

Affected Packages State

Platform Package State
Red Hat Enterprise Linux 7 java-1.6.0-openjdk Not affected
Red Hat Enterprise Linux 7 java-1.6.0-sun Not affected
Red Hat Enterprise Linux 6 java-1.6.0-openjdk Not affected
Red Hat Enterprise Linux 6 java-1.6.0-sun Not affected
Red Hat Enterprise Linux 5 java-1.6.0-sun Not affected
Red Hat Enterprise Linux 5 java-1.6.0-openjdk Not affected