CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
89.0%
Unspecified vulnerability in the Java SE component in Oracle Java SE 7u60
and SE 8u5 allows remote attackers to affect confidentiality, integrity,
and availability via unknown vectors related to Hotspot.
Author | Note |
---|---|
mdeslaur | in lucid+, NetX and the plugin moved to the icedtea-web package |
jdstrand | sun-java6 is not redistributable, no longer in the archive and no longer tracked sun-java5 is EOL upstream and no longer tracked |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 10.04 | noarch | openjdk-6 | < 6b32-1.13.4-1ubuntu1~0.10.04.1 | UNKNOWN |
ubuntu | 12.04 | noarch | openjdk-6 | < 6b32-1.13.4-1ubuntu1~0.12.04.1 | UNKNOWN |
ubuntu | 14.04 | noarch | openjdk-6 | < 6b32-1.13.4-4ubuntu0.14.04.1 | UNKNOWN |
ubuntu | 12.04 | noarch | openjdk-7 | < 7u65-2.5.1-4ubuntu1~0.12.04.1 | UNKNOWN |
ubuntu | 14.04 | noarch | openjdk-7 | < 7u65-2.5.1-1ubuntu1~0.14.04.1 | UNKNOWN |
hg.openjdk.java.net/jdk6/jdk6/hotspot/rev/dd7d490e72af
hg.openjdk.java.net/jdk7u/jdk7u/hotspot/rev/02f12a9d5aec
www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
launchpad.net/bugs/cve/CVE-2014-2490
nvd.nist.gov/vuln/detail/CVE-2014-2490
security-tracker.debian.org/tracker/CVE-2014-2490
ubuntu.com/security/notices/USN-2312-1
ubuntu.com/security/notices/USN-2319-1
www.cve.org/CVERecord?id=CVE-2014-2490