CVE-2014-0368 Information
Description
Unspecified vulnerability in Oracle Java SE 5.0u55 6u65 and 7u45 and Java SE Embedded 7u45 allows remote attackers to affect confidentiality via unknown vectors related to Networking. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to incorrect permission checks when listening on a socket which allows attackers to escape the sandbox.
Reference
http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/e6160aedadd5 http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2014-02/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00024.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00105.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00107.html http://lists.opensuse.org/opensuse-updates/2014-02/msg00000.html http://marc.info/?l=bugtraq&m=139402697611681&w=2 http://marc.info/?l=bugtraq&m=139402749111889&w=2 http://rhn.redhat.com/errata/RHSA-2014-0026.html http://rhn.redhat.com/errata/RHSA-2014-0027.html http://rhn.redhat.com/errata/RHSA-2014-0030.html http://rhn.redhat.com/errata/RHSA-2014-0097.html http://rhn.redhat.com/errata/RHSA-2014-0134.html http://rhn.redhat.com/errata/RHSA-2014-0135.html http://rhn.redhat.com/errata/RHSA-2014-0136.html http://secunia.com/advisories/56432 http://secunia.com/advisories/56485 http://secunia.com/advisories/56486 http://secunia.com/advisories/56535 http://secunia.com/advisories/59235 http://secunia.com/advisories/59339 http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html http://www.securityfocus.com/bid/64758 http://www.securityfocus.com/bid/64930 http://www.securitytracker.com/id/1029608 http://www.ubuntu.com/usn/USN-2089-1 http://www.ubuntu.com/usn/USN-2124-1 http://www-01.ibm.com/support/docview.wss?uid=swg21676978 https://access.redhat.com/errata/RHSA-2014:0414 https://bugzilla.redhat.com/show_bug.cgi?id=1052919 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777
Share on: