Vulnerability Details : CVE-2014-2398

Unspecified vulnerability in Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JavaFX 2.2.51; and JRockit R27.8.1 and R28.3.1 allows remote authenticated users to affect integrity via unknown vectors related to Javadoc.

Published 2014-04-16 01:55:10

Updated 2022-05-13 14:57:21

Source Oracle

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2014-2398

Probability of exploitation activity in the next 30 days: 0.15%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 51 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2014-2398

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Source
3.5	LOW	AV:N/AC:M/Au:S/C:N/I:P/A:N	6.8	2.9	[email protected]
Access Vector: Network Access Complexity: Medium Authentication: Single Confidentiality Impact: None Integrity Impact: Partial Availability Impact: None

References for CVE-2014-2398

http://www-01.ibm.com/support/docview.wss?uid=swg21672080

Third Party Advisory

CVEs referencing this url
http://marc.info/?l=bugtraq&m=140852886808946&w=2

Issue Tracking;Mailing List;Third Party Advisory

CVEs referencing this url
https://access.redhat.com/errata/RHSA-2014:0414

Third Party Advisory

CVEs referencing this url
http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html

Vendor Advisory

CVEs referencing this url
http://www.ubuntu.com/usn/USN-2187-1

Third Party Advisory

CVEs referencing this url
http://security.gentoo.org/glsa/glsa-201502-12.xml

Third Party Advisory

CVEs referencing this url
http://www.debian.org/security/2014/dsa-2912

Third Party Advisory

CVEs referencing this url
http://www.securityfocus.com/bid/66920

Third Party Advisory;VDB Entry
http://marc.info/?l=bugtraq&m=140852974709252&w=2

Issue Tracking;Mailing List;Third Party Advisory

CVEs referencing this url
http://rhn.redhat.com/errata/RHSA-2014-0675.html

Third Party Advisory

CVEs referencing this url
http://www.ubuntu.com/usn/USN-2191-1

Third Party Advisory

CVEs referencing this url
https://access.redhat.com/errata/RHSA-2014:0413

Third Party Advisory

CVEs referencing this url
http://www-01.ibm.com/support/docview.wss?uid=swg21676746

Broken Link

CVEs referencing this url
http://rhn.redhat.com/errata/RHSA-2014-0685.html

Third Party Advisory

CVEs referencing this url
http://security.gentoo.org/glsa/glsa-201406-32.xml

Third Party Advisory

CVEs referencing this url

Products affected by CVE-2014-2398

IBM » Forms Viewer
Versions from including (>=) 8.0.0 and before (<) 8.0.1.1
cpe:2.3:a:ibm:forms_viewer:*:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows » Version: N/A
IBM » Forms Viewer
Versions from including (>=) 4.0.0 and before (<) 4.0.0.3
cpe:2.3:a:ibm:forms_viewer:*:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Windows » Version: N/A
Debian » Debian Linux » Version: 6.0
cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
Matching versions
Debian » Debian Linux » Version: 7.0
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
Matching versions
Debian » Debian Linux » Version: 8.0
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
Matching versions
Oracle » Jrockit » Version: R28.3.1
cpe:2.3:a:oracle:jrockit:r28.3.1:*:*:*:*:*:*:*
Matching versions
Oracle » Jrockit » Version: R27.8.1
cpe:2.3:a:oracle:jrockit:r27.8.1:*:*:*:*:*:*:*
Matching versions
Oracle » JDK » Version: 1.7.0 Update Update51
cpe:2.3:a:oracle:jdk:1.7.0:update51:*:*:*:*:*:*
Matching versions
Oracle » JDK » Version: 1.8.0
cpe:2.3:a:oracle:jdk:1.8.0:-:*:*:*:*:*:*
Matching versions
Oracle » JDK » Version: 1.6.0 Update Update71
cpe:2.3:a:oracle:jdk:1.6.0:update71:*:*:*:*:*:*
Matching versions
Oracle » JDK » Version: 1.5.0 Update Update61
cpe:2.3:a:oracle:jdk:1.5.0:update61:*:*:*:*:*:*
Matching versions
Oracle » JRE » Version: 1.7.0 Update Update51
cpe:2.3:a:oracle:jre:1.7.0:update51:*:*:*:*:*:*
Matching versions
Oracle » JRE » Version: 1.8.0
cpe:2.3:a:oracle:jre:1.8.0:-:*:*:*:*:*:*
Matching versions
Oracle » JRE » Version: 1.6.0 Update Update71
cpe:2.3:a:oracle:jre:1.6.0:update71:*:*:*:*:*:*
Matching versions
Oracle » JRE » Version: 1.5.0 Update Update61
cpe:2.3:a:oracle:jre:1.5.0:update61:*:*:*:*:*:*
Matching versions
Oracle » Javafx » Version: 2.2.51
cpe:2.3:a:oracle:javafx:2.2.51:*:*:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 12.04
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 14.04 ESM Edition
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 12.10
cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 10.04
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 13.10
cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*
Matching versions