CVE-2014-2483

Unspecified vulnerability in the Java SE component in Oracle Java SE Java SE 7u60 and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2014-4223. NOTE: the previous information is from the July 2014 CPU. Oracle has not commented on another vendor's claim that the issue is related to improper restriction of the "use of privileged annotations."
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
oracleCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 91%
VendorProductVersion
debiandebian_linux
7.0
redhatenterprise_linux
6.0
redhatenterprise_linux
7.0
oraclejdk
1.7.0
oraclejre
1.7.0
oracleopenjdk
1.7.0
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
openjdk-6
trusty
Fixed 6b32-1.13.4-1ubuntu1~0.14.04.1
released
precise
Fixed 6b32-1.13.4-1ubuntu1~0.12.04.1
released
lucid
Fixed 6b32-1.13.4-1ubuntu1~0.10.04.1
released
openjdk-7
trusty
Fixed 7u65-2.5.1-1ubuntu1~0.14.04.1
released
precise
Fixed 7u65-2.5.1-4ubuntu1~0.12.04.1
released
lucid
dne
References
http://hg.openjdk.java.net/jdk7u/jdk7u/hotspot/rev/848481af9003
http://marc.info/?l=bugtraq&m=140852886808946&w=2
http://marc.info/?l=bugtraq&m=140852886808946&w=2
http://seclists.org/fulldisclosure/2014/Dec/23
http://secunia.com/advisories/60485
http://secunia.com/advisories/60812
http://security.gentoo.org/glsa/glsa-201502-12.xml
http://www.debian.org/security/2014/dsa-2987
http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
http://www.securityfocus.com/archive/1/534161/100/0/threaded
http://www.securityfocus.com/bid/68608
http://www.securitytracker.com/id/1030577
http://www.vmware.com/security/advisories/VMSA-2014-0012.html
https://access.redhat.com/errata/RHSA-2014:0902
https://bugzilla.redhat.com/show_bug.cgi?id=1119626
http://hg.openjdk.java.net/jdk7u/jdk7u/hotspot/rev/848481af9003
http://marc.info/?l=bugtraq&m=140852886808946&w=2
http://marc.info/?l=bugtraq&m=140852886808946&w=2
http://seclists.org/fulldisclosure/2014/Dec/23
http://secunia.com/advisories/60485
http://secunia.com/advisories/60812
http://security.gentoo.org/glsa/glsa-201502-12.xml
http://www.debian.org/security/2014/dsa-2987
http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
http://www.securityfocus.com/archive/1/534161/100/0/threaded
http://www.securityfocus.com/bid/68608
http://www.securitytracker.com/id/1030577
http://www.vmware.com/security/advisories/VMSA-2014-0012.html
https://access.redhat.com/errata/RHSA-2014:0902
https://bugzilla.redhat.com/show_bug.cgi?id=1119626