Описание
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is due to incorrect input validation in LookupProcessor.cpp in the ICU Layout Engine, which allows attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted font file.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 6b30-1.13.1-1ubuntu1 |
| lucid | released | 6b30-1.13.1-1ubuntu2~0.10.04.1 |
| precise | released | 6b30-1.13.1-1ubuntu2~0.12.04.1 |
| quantal | released | 6b30-1.13.1-1ubuntu2~0.12.10.1 |
| raring | ignored | end of life, was deferred |
| saucy | released | 6b30-1.13.1-1ubuntu2~0.13.10.1 |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 7u51-2.4.4-1ubuntu1 |
| lucid | DNE | |
| precise | released | 7u51-2.4.4-0ubuntu0.12.04.2 |
| quantal | released | 7u51-2.4.4-0ubuntu0.12.10.2 |
| raring | released | 7u51-2.4.4-0ubuntu0.13.04.2 |
| saucy | released | 7u51-2.4.4-0ubuntu0.13.10.1 |
| upstream | released | 7u51-2.4.4-1 |
Показывать по
EPSS
10 Critical
CVSS2
Связанные уязвимости
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is due to incorrect input validation in LookupProcessor.cpp in the ICU Layout Engine, which allows attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted font file.
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is due to incorrect input validation in LookupProcessor.cpp in the ICU Layout Engine, which allows attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted font file.
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JR ...
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is due to incorrect input validation in LookupProcessor.cpp in the ICU Layout Engine, which allows attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted font file.
ELSA-2014-0097: java-1.6.0-openjdk security update (IMPORTANT)
EPSS
10 Critical
CVSS2