CVE-2014-2483

Published: Jul 17, 2014Modified: May 6, 2026

9.3

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability: 8.6 / Impact: 10.0

Source: NVD

Description

Unspecified vulnerability in the Java SE component in Oracle Java SE Java SE 7u60 and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2014-4223. NOTE: the previous information is from the July 2014 CPU. Oracle has not commented on another vendor's claim that the issue is related to improper restriction of the "use of privileged annotations."

Affected (7)

Products: Debian: Debian Linux · Redhat: Enterprise Linux · Oracle: Jdk, Jre, Openjdk

1 product

1 product

Enterprise Linux

3 products

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 7.0
Redhat Enterprise Linux	Version 5
Redhat Enterprise Linux	Version 6.0
Redhat Enterprise Linux	Version 7.0

Configuration B

3 vulnerable

Vulnerable Software	Affected Versions
Oracle Jdk	Version 1.7.0 update60
Oracle Jre	Version 1.7.0 update60
Oracle Openjdk	Version 1.7.0

References (28)

http://hg.openjdk.java.net/jdk7u/jdk7u/hotspot/rev/848481af9003

Source: secalert_us@oracle.com

ExploitPatch

http://marc.info/?l=bugtraq&m=140852886808946&w=2

Source: secalert_us@oracle.com

http://seclists.org/fulldisclosure/2014/Dec/23

Source: secalert_us@oracle.com

http://secunia.com/advisories/60485

Source: secalert_us@oracle.com

http://secunia.com/advisories/60812

Source: secalert_us@oracle.com

http://security.gentoo.org/glsa/glsa-201502-12.xml

Source: secalert_us@oracle.com

http://www.debian.org/security/2014/dsa-2987

Source: secalert_us@oracle.com

http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html

Source: secalert_us@oracle.com

Vendor Advisory

http://www.securityfocus.com/archive/1/534161/100/0/threaded

Source: secalert_us@oracle.com

http://www.securityfocus.com/bid/68608

Source: secalert_us@oracle.com

http://www.securitytracker.com/id/1030577

Source: secalert_us@oracle.com

http://www.vmware.com/security/advisories/VMSA-2014-0012.html

Source: secalert_us@oracle.com

https://access.redhat.com/errata/RHSA-2014:0902

Source: secalert_us@oracle.com

https://bugzilla.redhat.com/show_bug.cgi?id=1119626

Source: secalert_us@oracle.com

http://hg.openjdk.java.net/jdk7u/jdk7u/hotspot/rev/848481af9003

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitPatch

http://marc.info/?l=bugtraq&m=140852886808946&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://seclists.org/fulldisclosure/2014/Dec/23

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/60485

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/60812

Source: af854a3a-2127-422b-91ae-364da2661108

http://security.gentoo.org/glsa/glsa-201502-12.xml

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.debian.org/security/2014/dsa-2987

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securityfocus.com/archive/1/534161/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/68608

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id/1030577

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vmware.com/security/advisories/VMSA-2014-0012.html

Source: af854a3a-2127-422b-91ae-364da2661108

https://access.redhat.com/errata/RHSA-2014:0902

Source: af854a3a-2127-422b-91ae-364da2661108

https://bugzilla.redhat.com/show_bug.cgi?id=1119626

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.