CVE-2014-2398

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 16-04-2014 03:55

Last modified: - 13-05-2022 04:57

Total changes: - 5

Description

Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JavaFX 2.2.51; and JRockit R27.8.1 and R28.3.1 allows remote authenticated users to affect integrity via unknown vectors related to Javadoc.

Common Vulnerability Scoring System (CVSS)

AV:N/AC:M/Au:S/C:N/I:P/A:N

Low

Attack complexity

Network

Attack vector

None

Availability

None

Confidentiality

Low

Integrity

Privileges required

Scope

User interaction

3.5

Base score

6.8

2.9

Exploitability score

Impact score

Verification logic

vendor=canonical AND product=ubuntu_linux AND version=13.10

vendor=canonical AND product=ubuntu_linux AND version=12.10

vendor=canonical AND product=ubuntu_linux AND version=14.04 AND software_edition=esm

vendor=canonical AND product=ubuntu_linux AND version=10.04 AND software_edition=-

vendor=canonical AND product=ubuntu_linux AND version=12.04 AND software_edition=-

vendor=oracle AND product=jrockit AND version=r27.8.1

vendor=oracle AND product=jrockit AND version=r28.3.1

vendor=oracle AND product=javafx AND version=2.2.51

vendor=oracle AND product=jdk AND version=1.7.0 AND update=update51

vendor=oracle AND product=jre AND version=1.7.0 AND update=update51

vendor=oracle AND product=jdk AND version=1.8.0 AND update=-

vendor=oracle AND product=jre AND version=1.8.0 AND update=-

vendor=oracle AND product=jdk AND version=1.5.0 AND update=update61

vendor=oracle AND product=jdk AND version=1.6.0 AND update=update71

vendor=oracle AND product=jre AND version=1.5.0 AND update=update61

vendor=oracle AND product=jre AND version=1.6.0 AND update=update71

vendor=Debian AND product=debian_linux AND version=8.0

vendor=Debian AND product=debian_linux AND version=7.0

vendor=Debian AND product=debian_linux AND version=6.0

AND

vendor=ibm AND product=forms_viewer AND versionStartIncluding=8.0.0 AND versionEndExcluding=8.0.1.1

vendor=ibm AND product=forms_viewer AND versionStartIncluding=4.0.0 AND versionEndExcluding=4.0.0.3

vendor=microsoft AND product=windows AND version=-

Reference

http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html
DSA-2912-Third Party Advisory
USN-2191-1-Third Party Advisory
58415-Third Party Advisory
USN-2187-1-Third Party Advisory
66920-Third Party Advisory, VDB Entry
http://www-01.ibm.com/support/docview.wss?uid=swg21672080
59058-Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21676746
GLSA-201406-32-Third Party Advisory
GLSA-201502-12-Third Party Advisory
SSRT101668-Issue Tracking, Mailing List, Third Party Advisory
SSRT101667-Issue Tracking, Mailing List, Third Party Advisory
RHSA-2014:0685-Third Party Advisory
RHSA-2014:0675-Third Party Advisory
RHSA-2014:0414-Third Party Advisory
RHSA-2014:0413-Third Party Advisory

Keywords

CVE-2014-2398

Common vulnerabilities & exposures (CVE)

Description

Common Vulnerability Scoring System (CVSS)

Verification logic

Reference

NVD

CVE-2014-2398

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures