Skip to main content

Ubuntu CVE-2014-2405

CRITICAL
2014-05-14 secalert_us@oracle.com
10.0
CVSS 2.0 · NVD
Share

Severity by source

NVD PRIMARY
10.0 CRITICAL
AV:N/AC:L/Au:N/C:C/I:C/A:C

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

AV:N/AC:L/Au:N/C:C/I:C/A:C
Attack Vector
Network
Attack Complexity
Low
Confidentiality
C
Integrity
C
Availability
C

Lifecycle Timeline

1
CVE Published
May 14, 2014 - 00:55 cve.org
CRITICAL 10.0

DescriptionCVE.org

Unspecified vulnerability in OpenJDK 6 before 6b31 on Debian GNU/Linux and Ubuntu 12.04 LTS and 10.04 LTS has unknown impact and attack vectors, a different vulnerability than CVE-2014-0462.

AnalysisAI

Unspecified vulnerability in OpenJDK 6 before 6b31 on Debian GNU/Linux and Ubuntu 12.04 LTS and 10.04 LTS has unknown impact and attack vectors, a different vulnerability than CVE-2014-0462. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Technical ContextAI

Unspecified vulnerability in OpenJDK 6 before 6b31 on Debian GNU/Linux and Ubuntu 12.04 LTS and 10.04 LTS has unknown impact and attack vectors, a different vulnerability than CVE-2014-0462. Affected products include: Oracle Openjdk. Version information: before 6.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2013-2461 HIGH
7.5 Jun 18

Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier and

CVE-2014-2483 CRITICAL POC
9.3 Jul 17

Unspecified vulnerability in the Java SE component in Oracle Java SE Java SE 7u60 and OpenJDK 7 allows remote attackers

CVE-2022-34169 HIGH POC
7.5 Jul 19

The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT styleshee

CVE-2014-8873 CRITICAL
10.0 Nov 09

A .desktop file in the Debian openjdk-7 package 7u79-2.5.5-1~deb8u1 includes a MIME type registration that is added to /

CVE-2014-0462 CRITICAL
10.0 May 14

Unspecified vulnerability in OpenJDK 6 before 6b31 on Debian GNU/Linux and Ubuntu 12.04 LTS and 10.04 LTS has unknown im

CVE-2012-2739 MEDIUM POC
5.0 Nov 28

Oracle Java SE before 7 Update 6, and OpenJDK 7 before 7u6 build 12 and 8 before build 39, computes hash values without

CVE-2021-3517 HIGH
8.6 May 19

There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. Rated high severity (CVSS

CVE-2020-14583 HIGH
8.3 Jul 15

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Rated high severity (CV

CVE-2020-2805 HIGH
8.3 Apr 15

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Rated high severity (CV

CVE-2020-2803 HIGH
8.3 Apr 15

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Rated high severity (CV

CVE-2020-2604 HIGH
8.1 Jan 15

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Rated high severity

CVE-2021-20264 HIGH
7.8 Oct 06

An insecure modification flaw in the /etc/passwd file was found in the openjdk-1.8 and openjdk-11 containers. Rated high

Share

CVE-2014-2405 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy