CVE
- Id
- 67825
- CVE No.
- CVE-2014-0416
- Status
- Candidate
- Description
- Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect integrity via vectors related to JAAS. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to how principals are set for the Subject class, which allows attackers to escape the sandbox using deserialization of a crafted Subject instance.
- Phase
- Assigned (20131212)
- Votes
- None (candidate not yet proposed)
- Comments
Related CVE References
Id | CVE Id | CVE No. | Reference | Actions |
---|---|---|---|---|
654937 | 67825 | CVE-2014-0416 | MISC:http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/abe1cb2d27cb | View |
654938 | 67825 | CVE-2014-0416 | CONFIRM:http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html | View |
654939 | 67825 | CVE-2014-0416 | CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1051912 | View |
654940 | 67825 | CVE-2014-0416 | CONFIRM:https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777 | View |
654941 | 67825 | CVE-2014-0416 | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=swg21679287 | View |
654942 | 67825 | CVE-2014-0416 | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=swg21676978 | View |
654943 | 67825 | CVE-2014-0416 | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=swg21677294 | View |
654944 | 67825 | CVE-2014-0416 | CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=swg21677388 | View |
654945 | 67825 | CVE-2014-0416 | HP:HPSBUX02972 | View |
654946 | 67825 | CVE-2014-0416 | URL:http://marc.info/?l=bugtraq&m=139402697611681&w=2 | View |
654947 | 67825 | CVE-2014-0416 | HP:HPSBUX02973 | View |
654948 | 67825 | CVE-2014-0416 | URL:http://marc.info/?l=bugtraq&m=139402749111889&w=2 | View |
654949 | 67825 | CVE-2014-0416 | HP:SSRT101454 | View |
654950 | 67825 | CVE-2014-0416 | URL:http://marc.info/?l=bugtraq&m=139402697611681&w=2 | View |
654951 | 67825 | CVE-2014-0416 | HP:SSRT101455 | View |
654952 | 67825 | CVE-2014-0416 | URL:http://marc.info/?l=bugtraq&m=139402749111889&w=2 | View |
654953 | 67825 | CVE-2014-0416 | REDHAT:RHSA-2014:0026 | View |
654954 | 67825 | CVE-2014-0416 | URL:http://rhn.redhat.com/errata/RHSA-2014-0026.html | View |
654955 | 67825 | CVE-2014-0416 | REDHAT:RHSA-2014:0027 | View |
654956 | 67825 | CVE-2014-0416 | URL:http://rhn.redhat.com/errata/RHSA-2014-0027.html | View |
654957 | 67825 | CVE-2014-0416 | REDHAT:RHSA-2014:0097 | View |
654958 | 67825 | CVE-2014-0416 | URL:http://rhn.redhat.com/errata/RHSA-2014-0097.html | View |
654959 | 67825 | CVE-2014-0416 | REDHAT:RHSA-2014:0136 | View |
654960 | 67825 | CVE-2014-0416 | URL:http://rhn.redhat.com/errata/RHSA-2014-0136.html | View |
654961 | 67825 | CVE-2014-0416 | REDHAT:RHSA-2014:0030 | View |
654962 | 67825 | CVE-2014-0416 | URL:http://rhn.redhat.com/errata/RHSA-2014-0030.html | View |
654963 | 67825 | CVE-2014-0416 | REDHAT:RHSA-2014:0134 | View |
654964 | 67825 | CVE-2014-0416 | URL:http://rhn.redhat.com/errata/RHSA-2014-0134.html | View |
654965 | 67825 | CVE-2014-0416 | REDHAT:RHSA-2014:0135 | View |
654966 | 67825 | CVE-2014-0416 | URL:http://rhn.redhat.com/errata/RHSA-2014-0135.html | View |
654967 | 67825 | CVE-2014-0416 | SUSE:openSUSE-SU-2014:0174 | View |
654968 | 67825 | CVE-2014-0416 | URL:http://lists.opensuse.org/opensuse-updates/2014-01/msg00105.html | View |
654969 | 67825 | CVE-2014-0416 | SUSE:SUSE-SU-2014:0246 | View |
654970 | 67825 | CVE-2014-0416 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00009.html | View |
654971 | 67825 | CVE-2014-0416 | SUSE:SUSE-SU-2014:0266 | View |
654972 | 67825 | CVE-2014-0416 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00012.html | View |
654973 | 67825 | CVE-2014-0416 | SUSE:openSUSE-SU-2014:0177 | View |
654974 | 67825 | CVE-2014-0416 | URL:http://lists.opensuse.org/opensuse-updates/2014-01/msg00107.html | View |
654975 | 67825 | CVE-2014-0416 | SUSE:openSUSE-SU-2014:0180 | View |
654976 | 67825 | CVE-2014-0416 | URL:http://lists.opensuse.org/opensuse-updates/2014-02/msg00000.html | View |
654977 | 67825 | CVE-2014-0416 | SUSE:SUSE-SU-2014:0451 | View |
654978 | 67825 | CVE-2014-0416 | URL:http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00024.html | View |
654979 | 67825 | CVE-2014-0416 | UBUNTU:USN-2089-1 | View |
654980 | 67825 | CVE-2014-0416 | URL:http://www.ubuntu.com/usn/USN-2089-1 | View |
654981 | 67825 | CVE-2014-0416 | UBUNTU:USN-2124-1 | View |
654982 | 67825 | CVE-2014-0416 | URL:http://www.ubuntu.com/usn/USN-2124-1 | View |
654983 | 67825 | CVE-2014-0416 | BID:64758 | View |
654984 | 67825 | CVE-2014-0416 | URL:http://www.securityfocus.com/bid/64758 | View |
654985 | 67825 | CVE-2014-0416 | BID:64937 | View |
654986 | 67825 | CVE-2014-0416 | URL:http://www.securityfocus.com/bid/64937 | View |
654987 | 67825 | CVE-2014-0416 | OSVDB:102017 | View |
654988 | 67825 | CVE-2014-0416 | URL:http://osvdb.org/102017 | View |
654989 | 67825 | CVE-2014-0416 | SECTRACK:1029608 | View |
654990 | 67825 | CVE-2014-0416 | URL:http://www.securitytracker.com/id/1029608 | View |
654991 | 67825 | CVE-2014-0416 | SECUNIA:56432 | View |
654992 | 67825 | CVE-2014-0416 | URL:http://secunia.com/advisories/56432 | View |
654993 | 67825 | CVE-2014-0416 | SECUNIA:56485 | View |
654994 | 67825 | CVE-2014-0416 | URL:http://secunia.com/advisories/56485 | View |
654995 | 67825 | CVE-2014-0416 | SECUNIA:56486 | View |
654996 | 67825 | CVE-2014-0416 | URL:http://secunia.com/advisories/56486 | View |
654997 | 67825 | CVE-2014-0416 | SECUNIA:56535 | View |
654998 | 67825 | CVE-2014-0416 | URL:http://secunia.com/advisories/56535 | View |
654999 | 67825 | CVE-2014-0416 | SECUNIA:60568 | View |
655000 | 67825 | CVE-2014-0416 | URL:http://secunia.com/advisories/60568 | View |
655001 | 67825 | CVE-2014-0416 | SECUNIA:59235 | View |
655002 | 67825 | CVE-2014-0416 | URL:http://secunia.com/advisories/59235 | View |
655003 | 67825 | CVE-2014-0416 | SECUNIA:59283 | View |
655004 | 67825 | CVE-2014-0416 | URL:http://secunia.com/advisories/59283 | View |
655005 | 67825 | CVE-2014-0416 | SECUNIA:59307 | View |
655006 | 67825 | CVE-2014-0416 | URL:http://secunia.com/advisories/59307 | View |
655007 | 67825 | CVE-2014-0416 | SECUNIA:59339 | View |
655008 | 67825 | CVE-2014-0416 | URL:http://secunia.com/advisories/59339 | View |
655009 | 67825 | CVE-2014-0416 | XF:oracle-cpujan2014-cve20140416(90349) | View |
Related JVN
Id | JVN No. | Title | Summary | CVE No. | CVE Id | CVSS_v2 | CVSS_v3 | JVN URL | Actions |
---|---|---|---|---|---|---|---|---|---|
12298 | JVNDB-2014-001173 | Oracle Java SE における Deployment に関する脆弱性 | Oracle Java SE には、Deployment に関する処理に不備があるため、機密性、完全性、および可用性に影響のある脆弱性が存在します。 | CVE-2014-0424 | 67825 | 7.5 | http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-001173.html | View |