Vulnerability & Exploit Database

Back to search

USN-2089-1: OpenJDK 7 vulnerabilities

Severity CVSS Published Added Modified
10 (AV:N/AC:L/Au:N/C:C/I:C/A:C) January 14, 2014 April 07, 2014 July 03, 2017

Description

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to "insufficient security checks in IIOP streams," which allows attackers to escape the sandbox.

Free Nexpose Download

Discover, prioritize, and remediate security risks today!

 Download now

References

Solution

ubuntu-upgrade-icedtea-7-jre-cacao

Related Vulnerabilities