Rapid7 Vulnerability & Exploit Database

USN-2089-1: OpenJDK 7 vulnerabilities

Free InsightVM Trial No credit card necessary

Watch Demo See how it all works

Back to Search

USN-2089-1: OpenJDK 7 vulnerabilities

Severity

CVSS

(AV:N/AC:L/Au:N/C:C/I:C/A:C)

Published

01/15/2014

Created

07/25/2018

Added

04/08/2014

Modified

07/09/2020

Description

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to "insufficient security checks in IIOP streams," which allows attackers to escape the sandbox.

Solution(s)

ubuntu-upgrade-icedtea-7-jre-cacao
ubuntu-upgrade-icedtea-7-jre-jamvm
ubuntu-upgrade-openjdk-7-jre
ubuntu-upgrade-openjdk-7-jre-headless
ubuntu-upgrade-openjdk-7-jre-lib
ubuntu-upgrade-openjdk-7-jre-zero

References

https://attackerkb.com/topics/cve-2013-3829
APPLE-SA-2013-10-15-1
61310
63089
63101
63106
63112
63121
63122
63128
63133
63134
63135
63137
63142
63143
63146
63148
63150
63153
64758
64863
64894
64907
64910
64914
64918
64921
64922
64924
64926
64927
64930
64933
64935
64937
CVE - 2013-3829
CVE - 2013-4002
CVE - 2013-5772
CVE - 2013-5774
CVE - 2013-5778
CVE - 2013-5780
CVE - 2013-5782
CVE - 2013-5783
CVE - 2013-5784
CVE - 2013-5790
CVE - 2013-5797
CVE - 2013-5800
CVE - 2013-5802
CVE - 2013-5803
CVE - 2013-5804
CVE - 2013-5805
CVE - 2013-5806
CVE - 2013-5809
CVE - 2013-5814
CVE - 2013-5817
CVE - 2013-5820
CVE - 2013-5823
CVE - 2013-5825
CVE - 2013-5829
CVE - 2013-5830
CVE - 2013-5840
CVE - 2013-5842
CVE - 2013-5849
CVE - 2013-5850
CVE - 2013-5851
CVE - 2013-5878
CVE - 2013-5884
CVE - 2013-5893
CVE - 2013-5896
CVE - 2013-5907
CVE - 2013-5910
CVE - 2014-0368
CVE - 2014-0373
CVE - 2014-0376
CVE - 2014-0408
CVE - 2014-0411
CVE - 2014-0416
CVE - 2014-0422
CVE - 2014-0423
CVE - 2014-0428
Category I
V0040779
2013-A-0191
101995
101996
101997
101999
102000
102005
102015
102016
102017
102018
102021
102028
98532
98535
98558
98564
OVAL18436
OVAL18501
OVAL18504
OVAL18645
OVAL18733
OVAL18783
OVAL18874
OVAL18943
OVAL18956
OVAL18971
OVAL18990
OVAL19002
OVAL19020
OVAL19024
OVAL19032
OVAL19046
OVAL19049
OVAL19061
OVAL19088
OVAL19093
OVAL19096
OVAL19101
OVAL19150
OVAL19185
OVAL19188
OVAL19189
OVAL19206
OVAL19207
OVAL19219
RHSA-2013:1059
RHSA-2013:1060
RHSA-2013:1081
RHSA-2013:1440
RHSA-2013:1447
RHSA-2013:1451
RHSA-2013:1505
RHSA-2013:1507
RHSA-2013:1508
RHSA-2013:1509
RHSA-2013:1793
RHSA-2014:0026
RHSA-2014:0027
RHSA-2014:0030
RHSA-2014:0097
RHSA-2014:0134
RHSA-2014:0135
RHSA-2014:0136
RHSA-2014:1818
RHSA-2014:1821
RHSA-2014:1822
RHSA-2014:1823
RHSA-2015:0675
RHSA-2015:0720
RHSA-2015:0765
RHSA-2015:0773
USN-2089-1
85260
87997
88003
90340
90347
90348
90349
90350
90352
90357

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

USN-2089-1: OpenJDK 7 vulnerabilities

USN-2089-1: OpenJDK 7 vulnerabilities

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.