Description

Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality via vectors related to JAXP.

References

• BID-66918
• CVE-2014-2403
• DEBIAN-DSA-2912
• REDHAT-RHSA-2014:0413
• REDHAT-RHSA-2014:0414
• REDHAT-RHSA-2014:0675
• REDHAT-RHSA-2014:0685

Solution

Related Vulnerabilities

• RHSA-2014:0407: java-1.7.0-openjdk security update
• Java CPU April 2014 Java SE, Java SE Embedded JAXP vulnerability (CVE-2014-2403)
• ELSA-2014-0675 Critical: Oracle Linux java-1.7.0-openjdk security update
• Amazon Linux AMI: Security patch for java-1.6.0-openjdk (ALAS-2014-326) (multiple CVEs)
• RHSA-2014:0675: java-1.7.0-openjdk security update
• Amazon Linux AMI: Security patch for java-1.7.0-openjdk (ALAS-2014-327) (multiple CVEs)
• ELSA-2014-0408 Important: Oracle Linux java-1.6.0-openjdk security and bug fix update
• ELSA-2014-0685 Important: Oracle Linux java-1.6.0-openjdk security update
• RHSA-2014:0685: java-1.6.0-openjdk security update
• USN-2191-1: OpenJDK 6 vulnerabilities
• Vulnerabilities deemed not relevant on Red Hat Enterprise Linux 5
• RHSA-2014:0412: java-1.7.0-oracle security update
• ELSA-2014-0406 Critical: Oracle Linux java-1.7.0-openjdk security update
• RHSA-2014:0413: java-1.7.0-oracle security update
• USN-2187-1: OpenJDK 7 vulnerabilities
• RHSA-2014:0408: java-1.6.0-openjdk security and bug fix update
• RHSA-2014:0414: java-1.6.0-sun security update
• SUSE: CVE-2014-2403: SUSE Linux Security Advisory
• DSA-2912-1 openjdk-6 -- security update
• RHSA-2014:0406: java-1.7.0-openjdk security update
• Gentoo Linux: CVE-2014-2403: Oracle JRE/JDK: Multiple vulnerabilities
• DSA-2923-1 openjdk-7 -- security update
• Vulnerabilities deemed not relevant on Red Hat Enterprise Linux 6
• ELSA-2014-0407 Important: Oracle Linux java-1.7.0-openjdk security update