Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2013-5893
Vulnerability from cvelistv5
Published
2014-01-15 01:33
Modified
2024-08-06 17:22
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in Oracle Java SE 7u45 and Java SE Embedded 7u45, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to improper handling of methods in MethodHandles in HotSpot JVM, which allows attackers to escape the sandbox.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T17:22:31.300Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "56432", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/56432" }, { "name": "openSUSE-SU-2014:0174", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00105.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://hg.openjdk.java.net/jdk7u/jdk7u/hotspot/rev/839100e42498" }, { "name": "56535", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/56535" }, { "name": "USN-2089-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-2089-1" }, { "name": "102000", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://osvdb.org/102000" }, { "name": "RHSA-2014:0030", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0030.html" }, { "name": "56485", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/56485" }, { "name": "SSRT101454", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=139402697611681\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777" }, { "name": "HPSBUX02972", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://marc.info/?l=bugtraq\u0026m=139402697611681\u0026w=2" }, { "name": "RHSA-2014:0027", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0027.html" }, { "name": "56486", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/56486" }, { "name": "1029608", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1029608" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051549" }, { "name": "64863", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/64863" }, { "name": "RHSA-2014:0026", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0026.html" }, { "name": "64758", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/64758" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" }, { "name": "openSUSE-SU-2014:0180", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-02/msg00000.html" }, { "name": "openSUSE-SU-2014:0177", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00107.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2014-01-14T00:00:00", "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Oracle Java SE 7u45 and Java SE Embedded 7u45, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to improper handling of methods in MethodHandles in HotSpot JVM, which allows attackers to escape the sandbox." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2016-09-26T09:57:01", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle" }, "references": [ { "name": "56432", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/56432" }, { "name": "openSUSE-SU-2014:0174", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00105.html" }, { "tags": [ "x_refsource_MISC" ], "url": "http://hg.openjdk.java.net/jdk7u/jdk7u/hotspot/rev/839100e42498" }, { "name": "56535", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/56535" }, { "name": "USN-2089-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-2089-1" }, { "name": "102000", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://osvdb.org/102000" }, { "name": "RHSA-2014:0030", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0030.html" }, { "name": "56485", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/56485" }, { "name": "SSRT101454", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=139402697611681\u0026w=2" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777" }, { "name": "HPSBUX02972", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://marc.info/?l=bugtraq\u0026m=139402697611681\u0026w=2" }, { "name": "RHSA-2014:0027", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0027.html" }, { "name": "56486", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/56486" }, { "name": "1029608", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1029608" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051549" }, { "name": "64863", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/64863" }, { "name": "RHSA-2014:0026", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0026.html" }, { "name": "64758", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/64758" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" }, { "name": "openSUSE-SU-2014:0180", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-02/msg00000.html" }, { "name": "openSUSE-SU-2014:0177", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00107.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert_us@oracle.com", "ID": "CVE-2013-5893", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Unspecified vulnerability in Oracle Java SE 7u45 and Java SE Embedded 7u45, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to improper handling of methods in MethodHandles in HotSpot JVM, which allows attackers to escape the sandbox." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "56432", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/56432" }, { "name": "openSUSE-SU-2014:0174", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00105.html" }, { "name": "http://hg.openjdk.java.net/jdk7u/jdk7u/hotspot/rev/839100e42498", "refsource": "MISC", "url": "http://hg.openjdk.java.net/jdk7u/jdk7u/hotspot/rev/839100e42498" }, { "name": "56535", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/56535" }, { "name": "USN-2089-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2089-1" }, { "name": "102000", "refsource": "OSVDB", "url": "http://osvdb.org/102000" }, { "name": "RHSA-2014:0030", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2014-0030.html" }, { "name": "56485", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/56485" }, { "name": "SSRT101454", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=139402697611681\u0026w=2" }, { "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777", "refsource": "CONFIRM", "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777" }, { "name": "HPSBUX02972", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=139402697611681\u0026w=2" }, { "name": "RHSA-2014:0027", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2014-0027.html" }, { "name": "56486", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/56486" }, { "name": "1029608", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1029608" }, { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1051549", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051549" }, { "name": "64863", "refsource": "BID", "url": "http://www.securityfocus.com/bid/64863" }, { "name": "RHSA-2014:0026", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2014-0026.html" }, { "name": "64758", "refsource": "BID", "url": "http://www.securityfocus.com/bid/64758" }, { "name": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" }, { "name": "openSUSE-SU-2014:0180", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2014-02/msg00000.html" }, { "name": "openSUSE-SU-2014:0177", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00107.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2013-5893", "datePublished": "2014-01-15T01:33:00", "dateReserved": "2013-09-18T00:00:00", "dateUpdated": "2024-08-06T17:22:31.300Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "vulnerability-lookup:meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2013-5893\",\"sourceIdentifier\":\"secalert_us@oracle.com\",\"published\":\"2014-01-15T16:08:06.017\",\"lastModified\":\"2024-11-21T01:58:22.777\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Unspecified vulnerability in Oracle Java SE 7u45 and Java SE Embedded 7u45, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to improper handling of methods in MethodHandles in HotSpot JVM, which allows attackers to escape the sandbox.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad no especificada en Oracle Java SE 7u45 y Java SE Embedded 7u45 permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad a trav\u00e9s de vectores relacionados con Libraries.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":9.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.7.0:update45:*:*:*:*:*:*\",\"matchCriteriaId\":\"45B89CBB-BF1F-4887-BD28-6D6FB77AD18A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.7.0:update45:*:*:*:*:*:*\",\"matchCriteriaId\":\"A5226952-1972-4572-9F8C-C90D89040FD3\"}]}]}],\"references\":[{\"url\":\"http://hg.openjdk.java.net/jdk7u/jdk7u/hotspot/rev/839100e42498\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2014-01/msg00105.html\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2014-01/msg00107.html\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2014-02/msg00000.html\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=139402697611681\u0026w=2\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=139402697611681\u0026w=2\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://osvdb.org/102000\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2014-0026.html\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2014-0027.html\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2014-0030.html\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://secunia.com/advisories/56432\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://secunia.com/advisories/56485\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://secunia.com/advisories/56486\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://secunia.com/advisories/56535\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/64758\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://www.securityfocus.com/bid/64863\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://www.securitytracker.com/id/1029608\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://www.ubuntu.com/usn/USN-2089-1\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1051549\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://hg.openjdk.java.net/jdk7u/jdk7u/hotspot/rev/839100e42498\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2014-01/msg00105.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2014-01/msg00107.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-updates/2014-02/msg00000.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=139402697611681\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=139402697611681\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://osvdb.org/102000\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2014-0026.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2014-0027.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2014-0030.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/56432\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/56485\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/56486\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/56535\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/64758\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/64863\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id/1029608\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ubuntu.com/usn/USN-2089-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1051549\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}],\"evaluatorComment\":\"Per: http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html\\n\\n\\\"Applies to client deployment of Java only. This vulnerability can be exploited only through sandboxed Java Web Start applications and sandboxed Java applets\\\"\"}}" } }
gsd-2013-5893
Vulnerability from gsd
Modified
2023-12-13 01:22
Details
Unspecified vulnerability in Oracle Java SE 7u45 and Java SE Embedded 7u45, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to improper handling of methods in MethodHandles in HotSpot JVM, which allows attackers to escape the sandbox.
Aliases
Aliases
{ "GSD": { "alias": "CVE-2013-5893", "description": "Unspecified vulnerability in Oracle Java SE 7u45 and Java SE Embedded 7u45, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to improper handling of methods in MethodHandles in HotSpot JVM, which allows attackers to escape the sandbox.", "id": "GSD-2013-5893", "references": [ "https://www.suse.com/security/cve/CVE-2013-5893.html", "https://access.redhat.com/errata/RHSA-2014:0030", "https://access.redhat.com/errata/RHSA-2014:0027", "https://access.redhat.com/errata/RHSA-2014:0026", "https://advisories.mageia.org/CVE-2013-5893.html", "https://alas.aws.amazon.com/cve/html/CVE-2013-5893.html", "https://linux.oracle.com/cve/CVE-2013-5893.html" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2013-5893" ], "details": "Unspecified vulnerability in Oracle Java SE 7u45 and Java SE Embedded 7u45, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to improper handling of methods in MethodHandles in HotSpot JVM, which allows attackers to escape the sandbox.", "id": "GSD-2013-5893", "modified": "2023-12-13T01:22:22.185718Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "secalert_us@oracle.com", "ID": "CVE-2013-5893", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Unspecified vulnerability in Oracle Java SE 7u45 and Java SE Embedded 7u45, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to improper handling of methods in MethodHandles in HotSpot JVM, which allows attackers to escape the sandbox." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "56432", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/56432" }, { "name": "openSUSE-SU-2014:0174", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00105.html" }, { "name": "http://hg.openjdk.java.net/jdk7u/jdk7u/hotspot/rev/839100e42498", "refsource": "MISC", "url": "http://hg.openjdk.java.net/jdk7u/jdk7u/hotspot/rev/839100e42498" }, { "name": "56535", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/56535" }, { "name": "USN-2089-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2089-1" }, { "name": "102000", "refsource": "OSVDB", "url": "http://osvdb.org/102000" }, { "name": "RHSA-2014:0030", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2014-0030.html" }, { "name": "56485", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/56485" }, { "name": "SSRT101454", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=139402697611681\u0026w=2" }, { "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777", "refsource": "CONFIRM", "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777" }, { "name": "HPSBUX02972", "refsource": "HP", "url": "http://marc.info/?l=bugtraq\u0026m=139402697611681\u0026w=2" }, { "name": "RHSA-2014:0027", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2014-0027.html" }, { "name": "56486", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/56486" }, { "name": "1029608", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1029608" }, { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1051549", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051549" }, { "name": "64863", "refsource": "BID", "url": "http://www.securityfocus.com/bid/64863" }, { "name": "RHSA-2014:0026", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2014-0026.html" }, { "name": "64758", "refsource": "BID", "url": "http://www.securityfocus.com/bid/64758" }, { "name": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" }, { "name": "openSUSE-SU-2014:0180", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2014-02/msg00000.html" }, { "name": "openSUSE-SU-2014:0177", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00107.html" } ] } }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update45:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update45:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "secalert_us@oracle.com", "ID": "CVE-2013-5893" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "Unspecified vulnerability in Oracle Java SE 7u45 and Java SE Embedded 7u45, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to improper handling of methods in MethodHandles in HotSpot JVM, which allows attackers to escape the sandbox." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ] } ] }, "references": { "reference_data": [ { "name": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "refsource": "CONFIRM", "tags": [ "Vendor Advisory" ], "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" }, { "name": "64758", "refsource": "BID", "tags": [], "url": "http://www.securityfocus.com/bid/64758" }, { "name": "http://hg.openjdk.java.net/jdk7u/jdk7u/hotspot/rev/839100e42498", "refsource": "MISC", "tags": [], "url": "http://hg.openjdk.java.net/jdk7u/jdk7u/hotspot/rev/839100e42498" }, { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1051549", "refsource": "CONFIRM", "tags": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051549" }, { "name": "1029608", "refsource": "SECTRACK", "tags": [], "url": "http://www.securitytracker.com/id/1029608" }, { "name": "64863", "refsource": "BID", "tags": [], "url": "http://www.securityfocus.com/bid/64863" }, { "name": "102000", "refsource": "OSVDB", "tags": [], "url": "http://osvdb.org/102000" }, { "name": "56432", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/56432" }, { "name": "56485", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/56485" }, { "name": "56535", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/56535" }, { "name": "56486", "refsource": "SECUNIA", "tags": [], "url": "http://secunia.com/advisories/56486" }, { "name": "openSUSE-SU-2014:0177", "refsource": "SUSE", "tags": [], "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00107.html" }, { "name": "openSUSE-SU-2014:0174", "refsource": "SUSE", "tags": [], "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00105.html" }, { "name": "USN-2089-1", "refsource": "UBUNTU", "tags": [], "url": "http://www.ubuntu.com/usn/USN-2089-1" }, { "name": "RHSA-2014:0027", "refsource": "REDHAT", "tags": [], "url": "http://rhn.redhat.com/errata/RHSA-2014-0027.html" }, { "name": "RHSA-2014:0026", "refsource": "REDHAT", "tags": [], "url": "http://rhn.redhat.com/errata/RHSA-2014-0026.html" }, { "name": "openSUSE-SU-2014:0180", "refsource": "SUSE", "tags": [], "url": "http://lists.opensuse.org/opensuse-updates/2014-02/msg00000.html" }, { "name": "RHSA-2014:0030", "refsource": "REDHAT", "tags": [], "url": "http://rhn.redhat.com/errata/RHSA-2014-0030.html" }, { "name": "SSRT101454", "refsource": "HP", "tags": [], "url": "http://marc.info/?l=bugtraq\u0026m=139402697611681\u0026w=2" }, { "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777", "refsource": "CONFIRM", "tags": [], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777" } ] } }, "impact": { "baseMetricV2": { "cvssV2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false } }, "lastModifiedDate": "2022-05-13T14:57Z", "publishedDate": "2014-01-15T16:08Z" } } }
rhsa-2014_0027
Vulnerability from csaf_redhat
Published
2014-01-15 00:59
Modified
2024-12-01 11:58
Summary
Red Hat Security Advisory: java-1.7.0-openjdk security update
Notes
Topic
Updated java-1.7.0-openjdk packages that fix various security issues are
now available for Red Hat Enterprise Linux 5.
The Red Hat Security Response Team has rated this update as having
important security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.
Details
These packages provide the OpenJDK 7 Java Runtime Environment and the
OpenJDK 7 Software Development Kit.
An input validation flaw was discovered in the font layout engine in the 2D
component. A specially crafted font file could trigger Java Virtual Machine
memory corruption when processed. An untrusted Java application or applet
could possibly use this flaw to bypass Java sandbox restrictions.
(CVE-2013-5907)
Multiple improper permission check issues were discovered in the CORBA,
JNDI, and Libraries components in OpenJDK. An untrusted Java application or
applet could use these flaws to bypass Java sandbox restrictions.
(CVE-2014-0428, CVE-2014-0422, CVE-2013-5893)
Multiple improper permission check issues were discovered in the
Serviceability, Security, CORBA, JAAS, JAXP, and Networking components in
OpenJDK. An untrusted Java application or applet could use these flaws to
bypass certain Java sandbox restrictions. (CVE-2014-0373, CVE-2013-5878,
CVE-2013-5910, CVE-2013-5896, CVE-2013-5884, CVE-2014-0416, CVE-2014-0376,
CVE-2014-0368)
It was discovered that the Beans component did not restrict processing of
XML external entities. This flaw could cause a Java application using Beans
to leak sensitive information, or affect application availability.
(CVE-2014-0423)
It was discovered that the JSSE component could leak timing information
during the TLS/SSL handshake. This could possibly lead to disclosure of
information about the used encryption keys. (CVE-2014-0411)
All users of java-1.7.0-openjdk are advised to upgrade to these updated
packages, which resolve these issues. All running instances of OpenJDK Java
must be restarted for the update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated java-1.7.0-openjdk packages that fix various security issues are\nnow available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section.", "title": "Topic" }, { "category": "general", "text": "These packages provide the OpenJDK 7 Java Runtime Environment and the\nOpenJDK 7 Software Development Kit.\n\nAn input validation flaw was discovered in the font layout engine in the 2D\ncomponent. A specially crafted font file could trigger Java Virtual Machine\nmemory corruption when processed. An untrusted Java application or applet\ncould possibly use this flaw to bypass Java sandbox restrictions.\n(CVE-2013-5907)\n\nMultiple improper permission check issues were discovered in the CORBA,\nJNDI, and Libraries components in OpenJDK. An untrusted Java application or\napplet could use these flaws to bypass Java sandbox restrictions.\n(CVE-2014-0428, CVE-2014-0422, CVE-2013-5893)\n\nMultiple improper permission check issues were discovered in the\nServiceability, Security, CORBA, JAAS, JAXP, and Networking components in\nOpenJDK. An untrusted Java application or applet could use these flaws to\nbypass certain Java sandbox restrictions. (CVE-2014-0373, CVE-2013-5878,\nCVE-2013-5910, CVE-2013-5896, CVE-2013-5884, CVE-2014-0416, CVE-2014-0376,\nCVE-2014-0368)\n\nIt was discovered that the Beans component did not restrict processing of\nXML external entities. This flaw could cause a Java application using Beans\nto leak sensitive information, or affect application availability.\n(CVE-2014-0423)\n\nIt was discovered that the JSSE component could leak timing information\nduring the TLS/SSL handshake. This could possibly lead to disclosure of\ninformation about the used encryption keys. (CVE-2014-0411)\n\nAll users of java-1.7.0-openjdk are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK Java\nmust be restarted for the update to take effect.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2014:0027", "url": "https://access.redhat.com/errata/RHSA-2014:0027" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" }, { "category": "external", "summary": "1051519", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051519" }, { "category": "external", "summary": "1051528", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051528" }, { "category": "external", "summary": "1051549", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051549" }, { "category": "external", "summary": "1051699", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051699" }, { "category": "external", "summary": "1051823", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051823" }, { "category": "external", "summary": "1051911", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051911" }, { "category": "external", "summary": "1051912", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051912" }, { "category": "external", "summary": "1051923", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051923" }, { "category": "external", "summary": "1052915", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1052915" }, { "category": "external", "summary": "1052919", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1052919" }, { "category": "external", "summary": "1052942", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1052942" }, { "category": "external", "summary": "1053010", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053010" }, { "category": "external", "summary": "1053066", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053066" }, { "category": "external", "summary": "1053266", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053266" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_0027.json" } ], "title": "Red Hat Security Advisory: java-1.7.0-openjdk security update", "tracking": { "current_release_date": "2024-12-01T11:58:39+00:00", "generator": { "date": "2024-12-01T11:58:39+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2014:0027", "initial_release_date": "2014-01-15T00:59:08+00:00", "revision_history": [ { "date": "2014-01-15T00:59:08+00:00", "number": "1", "summary": "Initial version" }, { "date": "2014-01-15T00:59:08+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-12-01T11:58:39+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux Desktop (v. 5 client)", "product": { "name": "Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client-5.10.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:5::client" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux (v. 5 server)", "product": { "name": "Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server-5.10.Z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:5::server" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "product": { "name": "java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "product_id": "java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-openjdk-javadoc@1.7.0.51-2.4.4.1.el5_10?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "product": { "name": "java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "product_id": "java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-openjdk-demo@1.7.0.51-2.4.4.1.el5_10?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "product": { "name": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "product_id": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-openjdk@1.7.0.51-2.4.4.1.el5_10?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "product": { "name": "java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "product_id": "java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-openjdk-src@1.7.0.51-2.4.4.1.el5_10?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "product": { "name": "java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "product_id": "java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-openjdk-debuginfo@1.7.0.51-2.4.4.1.el5_10?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "product": { "name": "java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "product_id": "java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-openjdk-devel@1.7.0.51-2.4.4.1.el5_10?arch=i386\u0026epoch=1" } } } ], "category": "architecture", "name": "i386" }, { "branches": [ { "category": "product_version", "name": "java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "product": { "name": "java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "product_id": "java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-openjdk-javadoc@1.7.0.51-2.4.4.1.el5_10?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "product": { "name": "java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "product_id": "java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-openjdk-demo@1.7.0.51-2.4.4.1.el5_10?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "product": { "name": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "product_id": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-openjdk@1.7.0.51-2.4.4.1.el5_10?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "product": { "name": "java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "product_id": "java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-openjdk-src@1.7.0.51-2.4.4.1.el5_10?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "product": { "name": "java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "product_id": "java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-openjdk-debuginfo@1.7.0.51-2.4.4.1.el5_10?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "product": { "name": "java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "product_id": "java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-openjdk-devel@1.7.0.51-2.4.4.1.el5_10?arch=x86_64\u0026epoch=1" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "product": { "name": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "product_id": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-openjdk@1.7.0.51-2.4.4.1.el5_10?arch=src\u0026epoch=1" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386" }, "product_reference": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "relates_to_product_reference": "5Client-5.10.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src" }, "product_reference": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "relates_to_product_reference": "5Client-5.10.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64" }, "product_reference": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "relates_to_product_reference": "5Client-5.10.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386" }, "product_reference": "java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "relates_to_product_reference": "5Client-5.10.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64" }, "product_reference": "java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "relates_to_product_reference": "5Client-5.10.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386" }, "product_reference": "java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "relates_to_product_reference": "5Client-5.10.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64" }, "product_reference": "java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "relates_to_product_reference": "5Client-5.10.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386" }, "product_reference": "java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "relates_to_product_reference": "5Client-5.10.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64" }, "product_reference": "java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "relates_to_product_reference": "5Client-5.10.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386" }, "product_reference": "java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "relates_to_product_reference": "5Client-5.10.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64" }, "product_reference": "java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "relates_to_product_reference": "5Client-5.10.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386" }, "product_reference": "java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "relates_to_product_reference": "5Client-5.10.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)", "product_id": "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64" }, "product_reference": "java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "relates_to_product_reference": "5Client-5.10.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386" }, "product_reference": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "relates_to_product_reference": "5Server-5.10.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src" }, "product_reference": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "relates_to_product_reference": "5Server-5.10.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64" }, "product_reference": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "relates_to_product_reference": "5Server-5.10.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386" }, "product_reference": "java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "relates_to_product_reference": "5Server-5.10.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64" }, "product_reference": "java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "relates_to_product_reference": "5Server-5.10.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386" }, "product_reference": "java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "relates_to_product_reference": "5Server-5.10.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64" }, "product_reference": "java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "relates_to_product_reference": "5Server-5.10.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386" }, "product_reference": "java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "relates_to_product_reference": "5Server-5.10.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64" }, "product_reference": "java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "relates_to_product_reference": "5Server-5.10.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386" }, "product_reference": "java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "relates_to_product_reference": "5Server-5.10.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64" }, "product_reference": "java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "relates_to_product_reference": "5Server-5.10.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386" }, "product_reference": "java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "relates_to_product_reference": "5Server-5.10.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)", "product_id": "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64" }, "product_reference": "java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "relates_to_product_reference": "5Server-5.10.Z" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "Arun Babu Neelicattu" ], "organization": "Red Hat Security Response Team", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2013-4578", "discovery_date": "2013-11-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1031471" } ], "notes": [ { "category": "description", "text": "jarsigner in OpenJDK and Oracle Java SE before 7u51 allows remote attackers to bypass a code-signing protection mechanism and inject unsigned bytecode into a signed JAR file by leveraging improper file validation.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: jarsigner does not detect unsigned bytecode injected into signed jars", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-4578" }, { "category": "external", "summary": "RHBZ#1031471", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1031471" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-4578", "url": "https://www.cve.org/CVERecord?id=CVE-2013-4578" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-4578", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4578" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T00:59:08+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0027" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "OpenJDK: jarsigner does not detect unsigned bytecode injected into signed jars" }, { "cve": "CVE-2013-5878", "discovery_date": "2014-01-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1051823" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, Java SE Embedded 7u45, and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the Security component does not properly handle null XML namespace (xmlns) attributes during XML document canonicalization, which allows attackers to escape the sandbox.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: null xmlns handling issue (Security, 8025026)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5878" }, { "category": "external", "summary": "RHBZ#1051823", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051823" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5878", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5878" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5878", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5878" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T00:59:08+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0027" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: null xmlns handling issue (Security, 8025026)" }, { "cve": "CVE-2013-5884", "discovery_date": "2014-01-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1051911" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to an incorrect check for code permissions by CORBA stub factories.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insufficient security checks in CORBA stub factories (CORBA, 8026193)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5884" }, { "category": "external", "summary": "RHBZ#1051911", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051911" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5884", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5884" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5884", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5884" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T00:59:08+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0027" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: insufficient security checks in CORBA stub factories (CORBA, 8026193)" }, { "cve": "CVE-2013-5893", "discovery_date": "2014-01-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1051549" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 7u45 and Java SE Embedded 7u45, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to improper handling of methods in MethodHandles in HotSpot JVM, which allows attackers to escape the sandbox.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: JVM method processing issues (Libraries, 8029507)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5893" }, { "category": "external", "summary": "RHBZ#1051549", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051549" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5893", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5893" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5893", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5893" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T00:59:08+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0027" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: JVM method processing issues (Libraries, 8029507)" }, { "cve": "CVE-2013-5896", "discovery_date": "2014-01-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1053266" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect availability via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that com.sun.corba.se and its sub-packages are not included on the restricted package list.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: com.sun.corba.se. should be restricted package (CORBA, 8025022)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5896" }, { "category": "external", "summary": "RHBZ#1053266", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053266" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5896", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5896" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5896", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5896" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T00:59:08+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0027" }, { "category": "workaround", "details": "Applications running with a security manager that make direct use of classes\nin these JDK internal packages, need to adjust their security policy to\ngrant access. See Java Security Policy Files documentation.", "product_ids": [ "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: com.sun.corba.se. should be restricted package (CORBA, 8025022)" }, { "cve": "CVE-2013-5907", "discovery_date": "2014-01-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1052915" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is due to incorrect input validation in LookupProcessor.cpp in the ICU Layout Engine, which allows attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted font file.", "title": "Vulnerability description" }, { "category": "summary", "text": "ICU: Layout Engine LookupProcessor insufficient input checks (JDK 2D, 8025034)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5907" }, { "category": "external", "summary": "RHBZ#1052915", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1052915" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5907", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5907" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5907", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5907" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T00:59:08+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0027" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "ICU: Layout Engine LookupProcessor insufficient input checks (JDK 2D, 8025034)" }, { "cve": "CVE-2013-5910", "discovery_date": "2014-01-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1052942" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, Java SE Embedded 7u45, and OpenJDK 7 allows remote attackers to affect integrity via unknown vectors related to Security. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that CanonicalizerBase.java in the XML canonicalizer allows untrusted code to access mutable byte arrays.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: XML canonicalizer mutable strings passed to untrusted code (Security, 8026417)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5910" }, { "category": "external", "summary": "RHBZ#1052942", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1052942" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5910", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5910" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5910", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5910" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T00:59:08+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0027" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: XML canonicalizer mutable strings passed to untrusted code (Security, 8026417)" }, { "cve": "CVE-2014-0368", "discovery_date": "2014-01-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1052919" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45, and Java SE Embedded 7u45, allows remote attackers to affect confidentiality via unknown vectors related to Networking. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to incorrect permission checks when listening on a socket, which allows attackers to escape the sandbox.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insufficient Socket checkListen checks (Networking, 8011786)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0368" }, { "category": "external", "summary": "RHBZ#1052919", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1052919" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0368", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0368" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0368", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0368" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T00:59:08+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0027" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: insufficient Socket checkListen checks (Networking, 8011786)" }, { "cve": "CVE-2014-0373", "discovery_date": "2014-01-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1051699" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Serviceability. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to throwing of an incorrect exception when SnmpStatusException should have been used in the SNMP implementation, which allows attackers to escape the sandbox.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: SnmpStatusException handling issues (Serviceability, 7068126)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0373" }, { "category": "external", "summary": "RHBZ#1051699", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051699" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0373", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0373" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0373", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0373" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T00:59:08+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0027" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: SnmpStatusException handling issues (Serviceability, 7068126)" }, { "cve": "CVE-2014-0376", "discovery_date": "2014-01-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1051923" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect integrity via vectors related to JAXP. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to an improper check for \"code permissions when creating document builder factories.\"", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: document builder missing security checks (JAXP, 8027201, 8025018)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0376" }, { "category": "external", "summary": "RHBZ#1051923", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051923" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0376", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0376" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0376", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0376" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T00:59:08+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0027" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: document builder missing security checks (JAXP, 8027201, 8025018)" }, { "cve": "CVE-2014-0411", "discovery_date": "2014-01-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1053010" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that this issue allows remote attackers to obtain sensitive information about encryption keys via a timing discrepancy during the TLS/SSL handshake.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: TLS/SSL handshake timing issues (JSSE, 8023069)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0411" }, { "category": "external", "summary": "RHBZ#1053010", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053010" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0411", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0411" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0411", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0411" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T00:59:08+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0027" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N", "version": "2.0" }, "products": [ "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: TLS/SSL handshake timing issues (JSSE, 8023069)" }, { "cve": "CVE-2014-0416", "discovery_date": "2014-01-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1051912" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect integrity via vectors related to JAAS. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to how principals are set for the Subject class, which allows attackers to escape the sandbox using deserialization of a crafted Subject instance.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insecure subject principals set handling (JAAS, 8024306)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0416" }, { "category": "external", "summary": "RHBZ#1051912", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051912" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0416", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0416" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0416", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0416" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T00:59:08+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0027" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: insecure subject principals set handling (JAAS, 8024306)" }, { "cve": "CVE-2014-0422", "discovery_date": "2014-01-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1051528" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JNDI. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to missing package access checks in the Naming / JNDI component, which allows attackers to escape the sandbox.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insufficient package access checks in the Naming component (JNDI, 8025758)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0422" }, { "category": "external", "summary": "RHBZ#1051528", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051528" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0422", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0422" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0422", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0422" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T00:59:08+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0027" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: insufficient package access checks in the Naming component (JNDI, 8025758)" }, { "cve": "CVE-2014-0423", "discovery_date": "2014-01-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1053066" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote authenticated users to affect confidentiality and availability via unknown vectors related to Beans. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that this issue is an XML External Entity (XXE) vulnerability in DocumentHandler.java, related to Beans decoding.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: XXE issue in decoder (Beans, 8023245)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0423" }, { "category": "external", "summary": "RHBZ#1053066", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053066" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0423", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0423" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0423", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0423" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T00:59:08+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0027" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 5.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:P", "version": "2.0" }, "products": [ "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: XXE issue in decoder (Beans, 8023245)" }, { "cve": "CVE-2014-0428", "discovery_date": "2014-01-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1051519" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to \"insufficient security checks in IIOP streams,\" which allows attackers to escape the sandbox.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insufficient security checks in IIOP streams (CORBA, 8025767)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0428" }, { "category": "external", "summary": "RHBZ#1051519", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051519" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0428", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0428" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0428", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0428" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T00:59:08+00:00", "details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0027" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Client-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Client-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.src", "5Server-5.10.Z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el5_10.x86_64", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.i386", "5Server-5.10.Z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el5_10.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: insufficient security checks in IIOP streams (CORBA, 8025767)" } ] }
rhsa-2014_0026
Vulnerability from csaf_redhat
Published
2014-01-15 00:59
Modified
2024-12-01 11:58
Summary
Red Hat Security Advisory: java-1.7.0-openjdk security update
Notes
Topic
Updated java-1.7.0-openjdk packages that fix various security issues are
now available for Red Hat Enterprise Linux 6.
The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
Details
These packages provide the OpenJDK 7 Java Runtime Environment and the
OpenJDK 7 Software Development Kit.
An input validation flaw was discovered in the font layout engine in the 2D
component. A specially crafted font file could trigger Java Virtual Machine
memory corruption when processed. An untrusted Java application or applet
could possibly use this flaw to bypass Java sandbox restrictions.
(CVE-2013-5907)
Multiple improper permission check issues were discovered in the CORBA,
JNDI, and Libraries components in OpenJDK. An untrusted Java application or
applet could use these flaws to bypass Java sandbox restrictions.
(CVE-2014-0428, CVE-2014-0422, CVE-2013-5893)
Multiple improper permission check issues were discovered in the
Serviceability, Security, CORBA, JAAS, JAXP, and Networking components in
OpenJDK. An untrusted Java application or applet could use these flaws to
bypass certain Java sandbox restrictions. (CVE-2014-0373, CVE-2013-5878,
CVE-2013-5910, CVE-2013-5896, CVE-2013-5884, CVE-2014-0416, CVE-2014-0376,
CVE-2014-0368)
It was discovered that the Beans component did not restrict processing of
XML external entities. This flaw could cause a Java application using Beans
to leak sensitive information, or affect application availability.
(CVE-2014-0423)
It was discovered that the JSSE component could leak timing information
during the TLS/SSL handshake. This could possibly lead to disclosure of
information about the used encryption keys. (CVE-2014-0411)
Note: The java-1.7.0-openjdk package shipped with Red Hat Enterprise Linux
6.5 via RHBA-2013:1611 replaced "java7" with "java" in the provides list.
This update re-adds "java7" to the provides list to maintain backwards
compatibility with releases prior to Red Hat Enterprise Linux 6.5.
Note: If the web browser plug-in provided by the icedtea-web package was
installed, the issues exposed via Java applets could have been exploited
without user interaction if a user visited a malicious website.
All users of java-1.7.0-openjdk are advised to upgrade to these updated
packages, which resolve these issues. All running instances of OpenJDK Java
must be restarted for the update to take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Critical" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated java-1.7.0-openjdk packages that fix various security issues are\nnow available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.", "title": "Topic" }, { "category": "general", "text": "These packages provide the OpenJDK 7 Java Runtime Environment and the\nOpenJDK 7 Software Development Kit.\n\nAn input validation flaw was discovered in the font layout engine in the 2D\ncomponent. A specially crafted font file could trigger Java Virtual Machine\nmemory corruption when processed. An untrusted Java application or applet\ncould possibly use this flaw to bypass Java sandbox restrictions.\n(CVE-2013-5907)\n\nMultiple improper permission check issues were discovered in the CORBA,\nJNDI, and Libraries components in OpenJDK. An untrusted Java application or\napplet could use these flaws to bypass Java sandbox restrictions.\n(CVE-2014-0428, CVE-2014-0422, CVE-2013-5893)\n\nMultiple improper permission check issues were discovered in the\nServiceability, Security, CORBA, JAAS, JAXP, and Networking components in\nOpenJDK. An untrusted Java application or applet could use these flaws to\nbypass certain Java sandbox restrictions. (CVE-2014-0373, CVE-2013-5878,\nCVE-2013-5910, CVE-2013-5896, CVE-2013-5884, CVE-2014-0416, CVE-2014-0376,\nCVE-2014-0368)\n\nIt was discovered that the Beans component did not restrict processing of\nXML external entities. This flaw could cause a Java application using Beans\nto leak sensitive information, or affect application availability.\n(CVE-2014-0423)\n\nIt was discovered that the JSSE component could leak timing information\nduring the TLS/SSL handshake. This could possibly lead to disclosure of\ninformation about the used encryption keys. (CVE-2014-0411)\n\nNote: The java-1.7.0-openjdk package shipped with Red Hat Enterprise Linux\n6.5 via RHBA-2013:1611 replaced \"java7\" with \"java\" in the provides list.\nThis update re-adds \"java7\" to the provides list to maintain backwards\ncompatibility with releases prior to Red Hat Enterprise Linux 6.5.\n\nNote: If the web browser plug-in provided by the icedtea-web package was\ninstalled, the issues exposed via Java applets could have been exploited\nwithout user interaction if a user visited a malicious website.\n\nAll users of java-1.7.0-openjdk are advised to upgrade to these updated\npackages, which resolve these issues. All running instances of OpenJDK Java\nmust be restarted for the update to take effect.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2014:0026", "url": "https://access.redhat.com/errata/RHSA-2014:0026" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#critical", "url": "https://access.redhat.com/security/updates/classification/#critical" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" }, { "category": "external", "summary": "1051519", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051519" }, { "category": "external", "summary": "1051528", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051528" }, { "category": "external", "summary": "1051549", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051549" }, { "category": "external", "summary": "1051699", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051699" }, { "category": "external", "summary": "1051823", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051823" }, { "category": "external", "summary": "1051911", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051911" }, { "category": "external", "summary": "1051912", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051912" }, { "category": "external", "summary": "1051923", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051923" }, { "category": "external", "summary": "1052915", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1052915" }, { "category": "external", "summary": "1052919", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1052919" }, { "category": "external", "summary": "1052942", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1052942" }, { "category": "external", "summary": "1053010", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053010" }, { "category": "external", "summary": "1053066", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053066" }, { "category": "external", "summary": "1053266", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053266" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_0026.json" } ], "title": "Red Hat Security Advisory: java-1.7.0-openjdk security update", "tracking": { "current_release_date": "2024-12-01T11:58:33+00:00", "generator": { "date": "2024-12-01T11:58:33+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2014:0026", "initial_release_date": "2014-01-15T00:59:20+00:00", "revision_history": [ { "date": "2014-01-15T00:59:20+00:00", "number": "1", "summary": "Initial version" }, { "date": "2014-01-15T00:59:20+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-12-01T11:58:33+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux Desktop (v. 6)", "product": { "name": "Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.5.z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::client" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Desktop Optional (v. 6)", "product": { "name": "Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.5.z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::client" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux HPC Node (v. 6)", "product": { "name": "Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode-6.5.z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::computenode" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product": { "name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.5.z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::computenode" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server (v. 6)", "product": { "name": "Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.5.z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server Optional (v. 6)", "product": { "name": "Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.5.z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Workstation (v. 6)", "product": { "name": "Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.5.z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::workstation" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Workstation Optional (v. 6)", "product": { "name": "Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.5.z", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:6::workstation" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "product": { "name": "java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "product_id": "java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-openjdk-demo@1.7.0.51-2.4.4.1.el6_5?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "product": { "name": "java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "product_id": "java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-openjdk-devel@1.7.0.51-2.4.4.1.el6_5?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "product": { "name": "java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "product_id": "java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-openjdk-debuginfo@1.7.0.51-2.4.4.1.el6_5?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "product": { "name": "java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "product_id": "java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-openjdk-src@1.7.0.51-2.4.4.1.el6_5?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "product": { "name": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "product_id": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-openjdk@1.7.0.51-2.4.4.1.el6_5?arch=i686\u0026epoch=1" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "product": { "name": "java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "product_id": "java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-openjdk-demo@1.7.0.51-2.4.4.1.el6_5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "product": { "name": "java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "product_id": "java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-openjdk-devel@1.7.0.51-2.4.4.1.el6_5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "product": { "name": "java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "product_id": "java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-openjdk-debuginfo@1.7.0.51-2.4.4.1.el6_5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "product": { "name": "java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "product_id": "java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-openjdk-src@1.7.0.51-2.4.4.1.el6_5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "product": { "name": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "product_id": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-openjdk@1.7.0.51-2.4.4.1.el6_5?arch=x86_64\u0026epoch=1" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "product": { "name": "java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "product_id": "java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-openjdk-javadoc@1.7.0.51-2.4.4.1.el6_5?arch=noarch\u0026epoch=1" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "product": { "name": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "product_id": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-openjdk@1.7.0.51-2.4.4.1.el6_5?arch=src\u0026epoch=1" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686" }, "product_reference": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "relates_to_product_reference": "6Client-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src" }, "product_reference": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "relates_to_product_reference": "6Client-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "relates_to_product_reference": "6Client-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686" }, "product_reference": "java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "relates_to_product_reference": "6Client-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "relates_to_product_reference": "6Client-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686" }, "product_reference": "java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "relates_to_product_reference": "6Client-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "relates_to_product_reference": "6Client-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686" }, "product_reference": "java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "relates_to_product_reference": "6Client-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "relates_to_product_reference": "6Client-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch" }, "product_reference": "java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "relates_to_product_reference": "6Client-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686" }, "product_reference": "java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "relates_to_product_reference": "6Client-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)", "product_id": "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "relates_to_product_reference": "6Client-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686" }, "product_reference": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "relates_to_product_reference": "6Client-optional-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src" }, "product_reference": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "relates_to_product_reference": "6Client-optional-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "relates_to_product_reference": "6Client-optional-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686" }, "product_reference": "java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "relates_to_product_reference": "6Client-optional-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "relates_to_product_reference": "6Client-optional-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686" }, "product_reference": "java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "relates_to_product_reference": "6Client-optional-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "relates_to_product_reference": "6Client-optional-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686" }, "product_reference": "java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "relates_to_product_reference": "6Client-optional-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "relates_to_product_reference": "6Client-optional-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch" }, "product_reference": "java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "relates_to_product_reference": "6Client-optional-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686" }, "product_reference": "java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "relates_to_product_reference": "6Client-optional-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)", "product_id": "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "relates_to_product_reference": "6Client-optional-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686" }, "product_reference": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "relates_to_product_reference": "6ComputeNode-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src" }, "product_reference": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "relates_to_product_reference": "6ComputeNode-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "relates_to_product_reference": "6ComputeNode-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686" }, "product_reference": "java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "relates_to_product_reference": "6ComputeNode-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "relates_to_product_reference": "6ComputeNode-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686" }, "product_reference": "java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "relates_to_product_reference": "6ComputeNode-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "relates_to_product_reference": "6ComputeNode-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686" }, "product_reference": "java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "relates_to_product_reference": "6ComputeNode-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "relates_to_product_reference": "6ComputeNode-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch" }, "product_reference": "java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "relates_to_product_reference": "6ComputeNode-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686" }, "product_reference": "java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "relates_to_product_reference": "6ComputeNode-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)", "product_id": "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "relates_to_product_reference": "6ComputeNode-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686" }, "product_reference": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "relates_to_product_reference": "6ComputeNode-optional-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src" }, "product_reference": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "relates_to_product_reference": "6ComputeNode-optional-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "relates_to_product_reference": "6ComputeNode-optional-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686" }, "product_reference": "java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "relates_to_product_reference": "6ComputeNode-optional-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "relates_to_product_reference": "6ComputeNode-optional-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686" }, "product_reference": "java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "relates_to_product_reference": "6ComputeNode-optional-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "relates_to_product_reference": "6ComputeNode-optional-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686" }, "product_reference": "java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "relates_to_product_reference": "6ComputeNode-optional-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "relates_to_product_reference": "6ComputeNode-optional-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch" }, "product_reference": "java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "relates_to_product_reference": "6ComputeNode-optional-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686" }, "product_reference": "java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "relates_to_product_reference": "6ComputeNode-optional-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)", "product_id": "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "relates_to_product_reference": "6ComputeNode-optional-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686" }, "product_reference": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "relates_to_product_reference": "6Server-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src" }, "product_reference": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "relates_to_product_reference": "6Server-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "relates_to_product_reference": "6Server-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686" }, "product_reference": "java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "relates_to_product_reference": "6Server-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "relates_to_product_reference": "6Server-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686" }, "product_reference": "java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "relates_to_product_reference": "6Server-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "relates_to_product_reference": "6Server-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686" }, "product_reference": "java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "relates_to_product_reference": "6Server-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "relates_to_product_reference": "6Server-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch" }, "product_reference": "java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "relates_to_product_reference": "6Server-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686" }, "product_reference": "java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "relates_to_product_reference": "6Server-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)", "product_id": "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "relates_to_product_reference": "6Server-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686" }, "product_reference": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "relates_to_product_reference": "6Server-optional-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src" }, "product_reference": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "relates_to_product_reference": "6Server-optional-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "relates_to_product_reference": "6Server-optional-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686" }, "product_reference": "java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "relates_to_product_reference": "6Server-optional-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "relates_to_product_reference": "6Server-optional-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686" }, "product_reference": "java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "relates_to_product_reference": "6Server-optional-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "relates_to_product_reference": "6Server-optional-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686" }, "product_reference": "java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "relates_to_product_reference": "6Server-optional-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "relates_to_product_reference": "6Server-optional-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch" }, "product_reference": "java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "relates_to_product_reference": "6Server-optional-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686" }, "product_reference": "java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "relates_to_product_reference": "6Server-optional-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)", "product_id": "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "relates_to_product_reference": "6Server-optional-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686" }, "product_reference": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "relates_to_product_reference": "6Workstation-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src" }, "product_reference": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "relates_to_product_reference": "6Workstation-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "relates_to_product_reference": "6Workstation-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686" }, "product_reference": "java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "relates_to_product_reference": "6Workstation-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "relates_to_product_reference": "6Workstation-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686" }, "product_reference": "java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "relates_to_product_reference": "6Workstation-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "relates_to_product_reference": "6Workstation-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686" }, "product_reference": "java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "relates_to_product_reference": "6Workstation-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "relates_to_product_reference": "6Workstation-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch" }, "product_reference": "java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "relates_to_product_reference": "6Workstation-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686" }, "product_reference": "java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "relates_to_product_reference": "6Workstation-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)", "product_id": "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "relates_to_product_reference": "6Workstation-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686" }, "product_reference": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "relates_to_product_reference": "6Workstation-optional-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src" }, "product_reference": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "relates_to_product_reference": "6Workstation-optional-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "relates_to_product_reference": "6Workstation-optional-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686" }, "product_reference": "java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "relates_to_product_reference": "6Workstation-optional-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "relates_to_product_reference": "6Workstation-optional-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686" }, "product_reference": "java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "relates_to_product_reference": "6Workstation-optional-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "relates_to_product_reference": "6Workstation-optional-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686" }, "product_reference": "java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "relates_to_product_reference": "6Workstation-optional-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "relates_to_product_reference": "6Workstation-optional-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch" }, "product_reference": "java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "relates_to_product_reference": "6Workstation-optional-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686" }, "product_reference": "java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "relates_to_product_reference": "6Workstation-optional-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)", "product_id": "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "relates_to_product_reference": "6Workstation-optional-6.5.z" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "Arun Babu Neelicattu" ], "organization": "Red Hat Security Response Team", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2013-4578", "discovery_date": "2013-11-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1031471" } ], "notes": [ { "category": "description", "text": "jarsigner in OpenJDK and Oracle Java SE before 7u51 allows remote attackers to bypass a code-signing protection mechanism and inject unsigned bytecode into a signed JAR file by leveraging improper file validation.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: jarsigner does not detect unsigned bytecode injected into signed jars", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-4578" }, { "category": "external", "summary": "RHBZ#1031471", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1031471" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-4578", "url": "https://www.cve.org/CVERecord?id=CVE-2013-4578" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-4578", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4578" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T00:59:20+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0026" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "OpenJDK: jarsigner does not detect unsigned bytecode injected into signed jars" }, { "cve": "CVE-2013-5878", "discovery_date": "2014-01-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1051823" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, Java SE Embedded 7u45, and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the Security component does not properly handle null XML namespace (xmlns) attributes during XML document canonicalization, which allows attackers to escape the sandbox.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: null xmlns handling issue (Security, 8025026)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5878" }, { "category": "external", "summary": "RHBZ#1051823", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051823" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5878", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5878" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5878", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5878" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T00:59:20+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0026" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: null xmlns handling issue (Security, 8025026)" }, { "cve": "CVE-2013-5884", "discovery_date": "2014-01-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1051911" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to an incorrect check for code permissions by CORBA stub factories.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insufficient security checks in CORBA stub factories (CORBA, 8026193)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5884" }, { "category": "external", "summary": "RHBZ#1051911", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051911" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5884", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5884" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5884", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5884" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T00:59:20+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0026" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: insufficient security checks in CORBA stub factories (CORBA, 8026193)" }, { "cve": "CVE-2013-5893", "discovery_date": "2014-01-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1051549" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 7u45 and Java SE Embedded 7u45, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to improper handling of methods in MethodHandles in HotSpot JVM, which allows attackers to escape the sandbox.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: JVM method processing issues (Libraries, 8029507)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5893" }, { "category": "external", "summary": "RHBZ#1051549", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051549" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5893", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5893" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5893", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5893" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T00:59:20+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0026" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: JVM method processing issues (Libraries, 8029507)" }, { "cve": "CVE-2013-5896", "discovery_date": "2014-01-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1053266" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect availability via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that com.sun.corba.se and its sub-packages are not included on the restricted package list.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: com.sun.corba.se. should be restricted package (CORBA, 8025022)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5896" }, { "category": "external", "summary": "RHBZ#1053266", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053266" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5896", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5896" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5896", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5896" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T00:59:20+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0026" }, { "category": "workaround", "details": "Applications running with a security manager that make direct use of classes\nin these JDK internal packages, need to adjust their security policy to\ngrant access. See Java Security Policy Files documentation.", "product_ids": [ "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: com.sun.corba.se. should be restricted package (CORBA, 8025022)" }, { "cve": "CVE-2013-5907", "discovery_date": "2014-01-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1052915" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is due to incorrect input validation in LookupProcessor.cpp in the ICU Layout Engine, which allows attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted font file.", "title": "Vulnerability description" }, { "category": "summary", "text": "ICU: Layout Engine LookupProcessor insufficient input checks (JDK 2D, 8025034)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5907" }, { "category": "external", "summary": "RHBZ#1052915", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1052915" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5907", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5907" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5907", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5907" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T00:59:20+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0026" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "ICU: Layout Engine LookupProcessor insufficient input checks (JDK 2D, 8025034)" }, { "cve": "CVE-2013-5910", "discovery_date": "2014-01-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1052942" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, Java SE Embedded 7u45, and OpenJDK 7 allows remote attackers to affect integrity via unknown vectors related to Security. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that CanonicalizerBase.java in the XML canonicalizer allows untrusted code to access mutable byte arrays.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: XML canonicalizer mutable strings passed to untrusted code (Security, 8026417)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5910" }, { "category": "external", "summary": "RHBZ#1052942", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1052942" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5910", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5910" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5910", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5910" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T00:59:20+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0026" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: XML canonicalizer mutable strings passed to untrusted code (Security, 8026417)" }, { "cve": "CVE-2014-0368", "discovery_date": "2014-01-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1052919" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45, and Java SE Embedded 7u45, allows remote attackers to affect confidentiality via unknown vectors related to Networking. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to incorrect permission checks when listening on a socket, which allows attackers to escape the sandbox.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insufficient Socket checkListen checks (Networking, 8011786)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0368" }, { "category": "external", "summary": "RHBZ#1052919", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1052919" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0368", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0368" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0368", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0368" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T00:59:20+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0026" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: insufficient Socket checkListen checks (Networking, 8011786)" }, { "cve": "CVE-2014-0373", "discovery_date": "2014-01-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1051699" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Serviceability. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to throwing of an incorrect exception when SnmpStatusException should have been used in the SNMP implementation, which allows attackers to escape the sandbox.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: SnmpStatusException handling issues (Serviceability, 7068126)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0373" }, { "category": "external", "summary": "RHBZ#1051699", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051699" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0373", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0373" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0373", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0373" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T00:59:20+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0026" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: SnmpStatusException handling issues (Serviceability, 7068126)" }, { "cve": "CVE-2014-0376", "discovery_date": "2014-01-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1051923" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect integrity via vectors related to JAXP. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to an improper check for \"code permissions when creating document builder factories.\"", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: document builder missing security checks (JAXP, 8027201, 8025018)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0376" }, { "category": "external", "summary": "RHBZ#1051923", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051923" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0376", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0376" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0376", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0376" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T00:59:20+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0026" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: document builder missing security checks (JAXP, 8027201, 8025018)" }, { "cve": "CVE-2014-0411", "discovery_date": "2014-01-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1053010" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that this issue allows remote attackers to obtain sensitive information about encryption keys via a timing discrepancy during the TLS/SSL handshake.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: TLS/SSL handshake timing issues (JSSE, 8023069)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0411" }, { "category": "external", "summary": "RHBZ#1053010", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053010" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0411", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0411" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0411", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0411" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T00:59:20+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0026" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N", "version": "2.0" }, "products": [ "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: TLS/SSL handshake timing issues (JSSE, 8023069)" }, { "cve": "CVE-2014-0416", "discovery_date": "2014-01-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1051912" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect integrity via vectors related to JAAS. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to how principals are set for the Subject class, which allows attackers to escape the sandbox using deserialization of a crafted Subject instance.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insecure subject principals set handling (JAAS, 8024306)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0416" }, { "category": "external", "summary": "RHBZ#1051912", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051912" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0416", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0416" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0416", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0416" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T00:59:20+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0026" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: insecure subject principals set handling (JAAS, 8024306)" }, { "cve": "CVE-2014-0422", "discovery_date": "2014-01-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1051528" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JNDI. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to missing package access checks in the Naming / JNDI component, which allows attackers to escape the sandbox.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insufficient package access checks in the Naming component (JNDI, 8025758)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0422" }, { "category": "external", "summary": "RHBZ#1051528", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051528" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0422", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0422" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0422", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0422" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T00:59:20+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0026" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: insufficient package access checks in the Naming component (JNDI, 8025758)" }, { "cve": "CVE-2014-0423", "discovery_date": "2014-01-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1053066" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote authenticated users to affect confidentiality and availability via unknown vectors related to Beans. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that this issue is an XML External Entity (XXE) vulnerability in DocumentHandler.java, related to Beans decoding.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: XXE issue in decoder (Beans, 8023245)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0423" }, { "category": "external", "summary": "RHBZ#1053066", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053066" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0423", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0423" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0423", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0423" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T00:59:20+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0026" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 5.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:P", "version": "2.0" }, "products": [ "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: XXE issue in decoder (Beans, 8023245)" }, { "cve": "CVE-2014-0428", "discovery_date": "2014-01-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1051519" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to \"insufficient security checks in IIOP streams,\" which allows attackers to escape the sandbox.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insufficient security checks in IIOP streams (CORBA, 8025767)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0428" }, { "category": "external", "summary": "RHBZ#1051519", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051519" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0428", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0428" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0428", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0428" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T00:59:20+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to use the\nRed Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0026" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Client-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Client-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Client-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6ComputeNode-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Server-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Server-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Server-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.src", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-debuginfo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-demo-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-devel-1:1.7.0.51-2.4.4.1.el6_5.x86_64", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-javadoc-1:1.7.0.51-2.4.4.1.el6_5.noarch", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.i686", "6Workstation-optional-6.5.z:java-1.7.0-openjdk-src-1:1.7.0.51-2.4.4.1.el6_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: insufficient security checks in IIOP streams (CORBA, 8025767)" } ] }
rhsa-2014_0030
Vulnerability from csaf_redhat
Published
2014-01-15 19:17
Modified
2024-12-01 11:58
Summary
Red Hat Security Advisory: java-1.7.0-oracle security update
Notes
Topic
Updated java-1.7.0-oracle packages that fix several security issues are now
available for Red Hat Enterprise Linux 5 and 6 Supplementary.
The Red Hat Security Response Team has rated this update as having critical
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.
Details
Oracle Java SE version 7 includes the Oracle Java Runtime Environment and
the Oracle Java Software Development Kit.
This update fixes several vulnerabilities in the Oracle Java Runtime
Environment and the Oracle Java Software Development Kit. Further
information about these flaws can be found on the Oracle Java SE Critical
Patch Update Advisory page, listed in the References section.
(CVE-2013-5870, CVE-2013-5878, CVE-2013-5884, CVE-2013-5887, CVE-2013-5888,
CVE-2013-5889, CVE-2013-5893, CVE-2013-5895, CVE-2013-5896, CVE-2013-5898,
CVE-2013-5899, CVE-2013-5902, CVE-2013-5904, CVE-2013-5905, CVE-2013-5906,
CVE-2013-5907, CVE-2013-5910, CVE-2014-0368, CVE-2014-0373, CVE-2014-0375,
CVE-2014-0376, CVE-2014-0382, CVE-2014-0387, CVE-2014-0403, CVE-2014-0410,
CVE-2014-0411, CVE-2014-0415, CVE-2014-0416, CVE-2014-0417, CVE-2014-0418,
CVE-2014-0422, CVE-2014-0423, CVE-2014-0424, CVE-2014-0428)
All users of java-1.7.0-oracle are advised to upgrade to these updated
packages, which provide Oracle Java 7 Update 51 and resolve these issues.
All running instances of Oracle Java must be restarted for the update to
take effect.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Critical" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated java-1.7.0-oracle packages that fix several security issues are now\navailable for Red Hat Enterprise Linux 5 and 6 Supplementary.\n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. Common Vulnerability Scoring System (CVSS) base scores,\nwhich give detailed severity ratings, are available for each vulnerability\nfrom the CVE links in the References section.", "title": "Topic" }, { "category": "general", "text": "Oracle Java SE version 7 includes the Oracle Java Runtime Environment and\nthe Oracle Java Software Development Kit.\n\nThis update fixes several vulnerabilities in the Oracle Java Runtime\nEnvironment and the Oracle Java Software Development Kit. Further\ninformation about these flaws can be found on the Oracle Java SE Critical\nPatch Update Advisory page, listed in the References section.\n(CVE-2013-5870, CVE-2013-5878, CVE-2013-5884, CVE-2013-5887, CVE-2013-5888,\nCVE-2013-5889, CVE-2013-5893, CVE-2013-5895, CVE-2013-5896, CVE-2013-5898,\nCVE-2013-5899, CVE-2013-5902, CVE-2013-5904, CVE-2013-5905, CVE-2013-5906,\nCVE-2013-5907, CVE-2013-5910, CVE-2014-0368, CVE-2014-0373, CVE-2014-0375,\nCVE-2014-0376, CVE-2014-0382, CVE-2014-0387, CVE-2014-0403, CVE-2014-0410,\nCVE-2014-0411, CVE-2014-0415, CVE-2014-0416, CVE-2014-0417, CVE-2014-0418,\nCVE-2014-0422, CVE-2014-0423, CVE-2014-0424, CVE-2014-0428)\n\nAll users of java-1.7.0-oracle are advised to upgrade to these updated\npackages, which provide Oracle Java 7 Update 51 and resolve these issues.\nAll running instances of Oracle Java must be restarted for the update to\ntake effect.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2014:0030", "url": "https://access.redhat.com/errata/RHSA-2014:0030" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#critical", "url": "https://access.redhat.com/security/updates/classification/#critical" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" }, { "category": "external", "summary": "1051519", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051519" }, { "category": "external", "summary": "1051528", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051528" }, { "category": "external", "summary": "1051549", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051549" }, { "category": "external", "summary": "1051699", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051699" }, { "category": "external", "summary": "1051823", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051823" }, { "category": "external", "summary": "1051911", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051911" }, { "category": "external", "summary": "1051912", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051912" }, { "category": "external", "summary": "1051923", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051923" }, { "category": "external", "summary": "1052915", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1052915" }, { "category": "external", "summary": "1052919", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1052919" }, { "category": "external", "summary": "1052942", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1052942" }, { "category": "external", "summary": "1053010", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053010" }, { "category": "external", "summary": "1053066", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053066" }, { "category": "external", "summary": "1053266", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053266" }, { "category": "external", "summary": "1053495", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053495" }, { "category": "external", "summary": "1053496", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053496" }, { "category": "external", "summary": "1053499", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053499" }, { "category": "external", "summary": "1053501", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053501" }, { "category": "external", "summary": "1053502", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053502" }, { "category": "external", "summary": "1053504", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053504" }, { "category": "external", "summary": "1053506", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053506" }, { "category": "external", "summary": "1053507", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053507" }, { "category": "external", "summary": "1053508", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053508" }, { "category": "external", "summary": "1053509", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053509" }, { "category": "external", "summary": "1053510", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053510" }, { "category": "external", "summary": "1053512", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053512" }, { "category": "external", "summary": "1053513", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053513" }, { "category": "external", "summary": "1053515", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053515" }, { "category": "external", "summary": "1053516", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053516" }, { "category": "external", "summary": "1053517", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053517" }, { "category": "external", "summary": "1053518", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053518" }, { "category": "external", "summary": "1053540", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053540" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_0030.json" } ], "title": "Red Hat Security Advisory: java-1.7.0-oracle security update", "tracking": { "current_release_date": "2024-12-01T11:58:49+00:00", "generator": { "date": "2024-12-01T11:58:49+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2014:0030", "initial_release_date": "2014-01-15T19:17:27+00:00", "revision_history": [ { "date": "2014-01-15T19:17:27+00:00", "number": "1", "summary": "Initial version" }, { "date": "2014-01-15T19:17:27+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-12-01T11:58:49+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product": { "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.10.Z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:5::client" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server Supplementary (v. 5)", "product": { "name": "Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.10.Z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:5::server" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.5.z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.5.z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Server Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.5.z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } }, { "category": "product_name", "name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product": { "name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.5.z", "product_identification_helper": { "cpe": "cpe:/a:redhat:rhel_extras:6" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux Supplementary" }, { "branches": [ { "category": "product_version", "name": "java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "product": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "product_id": "java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-plugin@1.7.0.51-1jpp.1.el5_10?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "product": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "product_id": "java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-jdbc@1.7.0.51-1jpp.1.el5_10?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "product": { "name": "java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "product_id": "java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-devel@1.7.0.51-1jpp.1.el5_10?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "product": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "product_id": "java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-javafx@1.7.0.51-1jpp.1.el5_10?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "product": { "name": "java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "product_id": "java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle@1.7.0.51-1jpp.1.el5_10?arch=i386\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "product": { "name": "java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "product_id": "java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-src@1.7.0.51-1jpp.1.el5_10?arch=i386\u0026epoch=1" } } } ], "category": "architecture", "name": "i386" }, { "branches": [ { "category": "product_version", "name": "java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "product": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "product_id": "java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-plugin@1.7.0.51-1jpp.1.el5_10?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "product": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "product_id": "java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-jdbc@1.7.0.51-1jpp.1.el5_10?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "product": { "name": "java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "product_id": "java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-devel@1.7.0.51-1jpp.1.el5_10?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "product": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "product_id": "java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-javafx@1.7.0.51-1jpp.1.el5_10?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "product": { "name": "java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "product_id": "java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle@1.7.0.51-1jpp.1.el5_10?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "product": { "name": "java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "product_id": "java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-src@1.7.0.51-1jpp.1.el5_10?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "product": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "product_id": "java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-plugin@1.7.0.51-1jpp.1.el6_5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "product": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "product_id": "java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-jdbc@1.7.0.51-1jpp.1.el6_5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "product": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "product_id": "java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-javafx@1.7.0.51-1jpp.1.el6_5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "product": { "name": "java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "product_id": "java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-devel@1.7.0.51-1jpp.1.el6_5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "product": { "name": "java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "product_id": "java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-src@1.7.0.51-1jpp.1.el6_5?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "product": { "name": "java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "product_id": "java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle@1.7.0.51-1jpp.1.el6_5?arch=x86_64\u0026epoch=1" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "product": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "product_id": "java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-plugin@1.7.0.51-1jpp.1.el6_5?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "product": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "product_id": "java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-jdbc@1.7.0.51-1jpp.1.el6_5?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "product": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "product_id": "java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-javafx@1.7.0.51-1jpp.1.el6_5?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "product": { "name": "java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "product_id": "java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-devel@1.7.0.51-1jpp.1.el6_5?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "product": { "name": "java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "product_id": "java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle-src@1.7.0.51-1jpp.1.el6_5?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "product": { "name": "java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "product_id": "java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/java-1.7.0-oracle@1.7.0.51-1jpp.1.el6_5?arch=i686\u0026epoch=1" } } } ], "category": "architecture", "name": "i686" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "relates_to_product_reference": "5Client-Supplementary-5.10.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "relates_to_product_reference": "5Client-Supplementary-5.10.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "relates_to_product_reference": "5Client-Supplementary-5.10.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "relates_to_product_reference": "5Client-Supplementary-5.10.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386" }, "product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "relates_to_product_reference": "5Client-Supplementary-5.10.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64" }, "product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "relates_to_product_reference": "5Client-Supplementary-5.10.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386" }, "product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "relates_to_product_reference": "5Client-Supplementary-5.10.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64" }, "product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "relates_to_product_reference": "5Client-Supplementary-5.10.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386" }, "product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "relates_to_product_reference": "5Client-Supplementary-5.10.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64" }, "product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "relates_to_product_reference": "5Client-Supplementary-5.10.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386" }, "product_reference": "java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "relates_to_product_reference": "5Client-Supplementary-5.10.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 5)", "product_id": "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64" }, "product_reference": "java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "relates_to_product_reference": "5Client-Supplementary-5.10.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "relates_to_product_reference": "5Server-Supplementary-5.10.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "relates_to_product_reference": "5Server-Supplementary-5.10.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "relates_to_product_reference": "5Server-Supplementary-5.10.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "relates_to_product_reference": "5Server-Supplementary-5.10.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386" }, "product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "relates_to_product_reference": "5Server-Supplementary-5.10.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64" }, "product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "relates_to_product_reference": "5Server-Supplementary-5.10.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386" }, "product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "relates_to_product_reference": "5Server-Supplementary-5.10.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64" }, "product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "relates_to_product_reference": "5Server-Supplementary-5.10.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386" }, "product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "relates_to_product_reference": "5Server-Supplementary-5.10.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64" }, "product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "relates_to_product_reference": "5Server-Supplementary-5.10.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386" }, "product_reference": "java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "relates_to_product_reference": "5Server-Supplementary-5.10.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 5)", "product_id": "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64" }, "product_reference": "java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "relates_to_product_reference": "5Server-Supplementary-5.10.Z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "relates_to_product_reference": "6Client-Supplementary-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "relates_to_product_reference": "6Client-Supplementary-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686" }, "product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "relates_to_product_reference": "6Client-Supplementary-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686" }, "product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "relates_to_product_reference": "6Client-Supplementary-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686" }, "product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "relates_to_product_reference": "6Client-Supplementary-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686" }, "product_reference": "java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "relates_to_product_reference": "6Client-Supplementary-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)", "product_id": "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "relates_to_product_reference": "6Client-Supplementary-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686" }, "product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686" }, "product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686" }, "product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686" }, "product_reference": "java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "relates_to_product_reference": "6ComputeNode-Supplementary-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)", "product_id": "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "relates_to_product_reference": "6ComputeNode-Supplementary-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "relates_to_product_reference": "6Server-Supplementary-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "relates_to_product_reference": "6Server-Supplementary-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686" }, "product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "relates_to_product_reference": "6Server-Supplementary-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686" }, "product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "relates_to_product_reference": "6Server-Supplementary-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686" }, "product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "relates_to_product_reference": "6Server-Supplementary-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686" }, "product_reference": "java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "relates_to_product_reference": "6Server-Supplementary-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)", "product_id": "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "relates_to_product_reference": "6Server-Supplementary-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686" }, "product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686" }, "product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686" }, "product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686" }, "product_reference": "java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "relates_to_product_reference": "6Workstation-Supplementary-6.5.z" }, { "category": "default_component_of", "full_product_name": { "name": "java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)", "product_id": "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" }, "product_reference": "java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "relates_to_product_reference": "6Workstation-Supplementary-6.5.z" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "Arun Babu Neelicattu" ], "organization": "Red Hat Security Response Team", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2013-4578", "discovery_date": "2013-11-13T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1031471" } ], "notes": [ { "category": "description", "text": "jarsigner in OpenJDK and Oracle Java SE before 7u51 allows remote attackers to bypass a code-signing protection mechanism and inject unsigned bytecode into a signed JAR file by leveraging improper file validation.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: jarsigner does not detect unsigned bytecode injected into signed jars", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-4578" }, { "category": "external", "summary": "RHBZ#1031471", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1031471" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-4578", "url": "https://www.cve.org/CVERecord?id=CVE-2013-4578" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-4578", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4578" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T19:17:27+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0030" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "OpenJDK: jarsigner does not detect unsigned bytecode injected into signed jars" }, { "cve": "CVE-2013-5870", "discovery_date": "2014-01-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1053540" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 7u45 and JavaFX 2.2.45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: multiple unspecified vulnerabilities fixed in 7u51 (JavaFX)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5870" }, { "category": "external", "summary": "RHBZ#1053540", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053540" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5870", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5870" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5870", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5870" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T19:17:27+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0030" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "JDK: multiple unspecified vulnerabilities fixed in 7u51 (JavaFX)" }, { "cve": "CVE-2013-5878", "discovery_date": "2014-01-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1051823" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, Java SE Embedded 7u45, and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the Security component does not properly handle null XML namespace (xmlns) attributes during XML document canonicalization, which allows attackers to escape the sandbox.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: null xmlns handling issue (Security, 8025026)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5878" }, { "category": "external", "summary": "RHBZ#1051823", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051823" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5878", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5878" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5878", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5878" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T19:17:27+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0030" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: null xmlns handling issue (Security, 8025026)" }, { "cve": "CVE-2013-5884", "discovery_date": "2014-01-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1051911" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to an incorrect check for code permissions by CORBA stub factories.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insufficient security checks in CORBA stub factories (CORBA, 8026193)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5884" }, { "category": "external", "summary": "RHBZ#1051911", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051911" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5884", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5884" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5884", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5884" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T19:17:27+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0030" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: insufficient security checks in CORBA stub factories (CORBA, 8026193)" }, { "cve": "CVE-2013-5887", "discovery_date": "2014-01-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1053515" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect availability via unknown vectors related to Deployment.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5887" }, { "category": "external", "summary": "RHBZ#1053515", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053515" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5887", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5887" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5887", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5887" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T19:17:27+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0030" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)" }, { "cve": "CVE-2013-5888", "discovery_date": "2014-01-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1053517" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, when running with GNOME, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5888" }, { "category": "external", "summary": "RHBZ#1053517", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053517" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5888", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5888" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5888", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5888" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T19:17:27+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0030" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)" }, { "cve": "CVE-2013-5889", "discovery_date": "2014-01-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1053499" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5902, CVE-2014-0410, CVE-2014-0415, CVE-2014-0418, and CVE-2014-0424.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5889" }, { "category": "external", "summary": "RHBZ#1053499", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053499" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5889", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5889" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5889", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5889" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T19:17:27+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0030" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)" }, { "cve": "CVE-2013-5893", "discovery_date": "2014-01-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1051549" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 7u45 and Java SE Embedded 7u45, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to improper handling of methods in MethodHandles in HotSpot JVM, which allows attackers to escape the sandbox.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: JVM method processing issues (Libraries, 8029507)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5893" }, { "category": "external", "summary": "RHBZ#1051549", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051549" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5893", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5893" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5893", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5893" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T19:17:27+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0030" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: JVM method processing issues (Libraries, 8029507)" }, { "cve": "CVE-2013-5895", "discovery_date": "2014-01-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1053540" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 7u45 and JavaFX 2.2.45 allows remote attackers to affect confidentiality via unknown vectors related to JavaFX.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: multiple unspecified vulnerabilities fixed in 7u51 (JavaFX)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5895" }, { "category": "external", "summary": "RHBZ#1053540", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053540" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5895", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5895" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5895", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5895" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T19:17:27+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0030" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "JDK: multiple unspecified vulnerabilities fixed in 7u51 (JavaFX)" }, { "cve": "CVE-2013-5896", "discovery_date": "2014-01-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1053266" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect availability via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that com.sun.corba.se and its sub-packages are not included on the restricted package list.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: com.sun.corba.se. should be restricted package (CORBA, 8025022)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5896" }, { "category": "external", "summary": "RHBZ#1053266", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053266" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5896", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5896" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5896", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5896" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T19:17:27+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0030" }, { "category": "workaround", "details": "Applications running with a security manager that make direct use of classes\nin these JDK internal packages, need to adjust their security policy to\ngrant access. See Java Security Policy Files documentation.", "product_ids": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0" }, "products": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: com.sun.corba.se. should be restricted package (CORBA, 8025022)" }, { "cve": "CVE-2013-5898", "discovery_date": "2014-01-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1053518" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2014-0375 and CVE-2014-0403.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5898" }, { "category": "external", "summary": "RHBZ#1053518", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053518" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5898", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5898" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5898", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5898" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T19:17:27+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0030" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N", "version": "2.0" }, "products": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)" }, { "cve": "CVE-2013-5899", "discovery_date": "2014-01-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1053516" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality via unknown vectors related to Deployment.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5899" }, { "category": "external", "summary": "RHBZ#1053516", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053516" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5899", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5899" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5899", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5899" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T19:17:27+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0030" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)" }, { "cve": "CVE-2013-5902", "discovery_date": "2014-01-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1053512" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5889, CVE-2014-0410, CVE-2014-0415, CVE-2014-0418, and CVE-2014-0424.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5902" }, { "category": "external", "summary": "RHBZ#1053512", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053512" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5902", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5902" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5902", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5902" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T19:17:27+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0030" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)" }, { "cve": "CVE-2013-5904", "discovery_date": "2014-01-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1053506" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 7u51 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5904" }, { "category": "external", "summary": "RHBZ#1053506", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053506" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5904", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5904" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5904", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5904" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T19:17:27+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0030" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "JDK: unspecified vulnerability fixed in 7u51 (Deployment)" }, { "cve": "CVE-2013-5905", "discovery_date": "2014-01-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1053509" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install, a different vulnerability than CVE-2013-5906.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 5.0u71, 6u71 and 7u51 (Install)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5905" }, { "category": "external", "summary": "RHBZ#1053509", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053509" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5905", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5905" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5905", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5905" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T19:17:27+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0030" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: unspecified vulnerability fixed in 5.0u71, 6u71 and 7u51 (Install)" }, { "cve": "CVE-2013-5906", "discovery_date": "2014-01-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1053510" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install, a different vulnerability than CVE-2013-5905.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 5.0u71, 6u71 and 7u51 (Install)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5906" }, { "category": "external", "summary": "RHBZ#1053510", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053510" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5906", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5906" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5906", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5906" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T19:17:27+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0030" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: unspecified vulnerability fixed in 5.0u71, 6u71 and 7u51 (Install)" }, { "cve": "CVE-2013-5907", "discovery_date": "2014-01-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1052915" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is due to incorrect input validation in LookupProcessor.cpp in the ICU Layout Engine, which allows attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted font file.", "title": "Vulnerability description" }, { "category": "summary", "text": "ICU: Layout Engine LookupProcessor insufficient input checks (JDK 2D, 8025034)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5907" }, { "category": "external", "summary": "RHBZ#1052915", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1052915" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5907", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5907" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5907", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5907" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T19:17:27+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0030" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "ICU: Layout Engine LookupProcessor insufficient input checks (JDK 2D, 8025034)" }, { "cve": "CVE-2013-5910", "discovery_date": "2014-01-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1052942" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, Java SE Embedded 7u45, and OpenJDK 7 allows remote attackers to affect integrity via unknown vectors related to Security. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that CanonicalizerBase.java in the XML canonicalizer allows untrusted code to access mutable byte arrays.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: XML canonicalizer mutable strings passed to untrusted code (Security, 8026417)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2013-5910" }, { "category": "external", "summary": "RHBZ#1052942", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1052942" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2013-5910", "url": "https://www.cve.org/CVERecord?id=CVE-2013-5910" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-5910", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5910" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T19:17:27+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0030" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: XML canonicalizer mutable strings passed to untrusted code (Security, 8026417)" }, { "cve": "CVE-2014-0368", "discovery_date": "2014-01-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1052919" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45, and Java SE Embedded 7u45, allows remote attackers to affect confidentiality via unknown vectors related to Networking. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to incorrect permission checks when listening on a socket, which allows attackers to escape the sandbox.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insufficient Socket checkListen checks (Networking, 8011786)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0368" }, { "category": "external", "summary": "RHBZ#1052919", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1052919" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0368", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0368" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0368", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0368" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T19:17:27+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0030" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0" }, "products": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: insufficient Socket checkListen checks (Networking, 8011786)" }, { "cve": "CVE-2014-0373", "discovery_date": "2014-01-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1051699" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Serviceability. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to throwing of an incorrect exception when SnmpStatusException should have been used in the SNMP implementation, which allows attackers to escape the sandbox.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: SnmpStatusException handling issues (Serviceability, 7068126)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0373" }, { "category": "external", "summary": "RHBZ#1051699", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051699" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0373", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0373" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0373", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0373" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T19:17:27+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0030" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "OpenJDK: SnmpStatusException handling issues (Serviceability, 7068126)" }, { "cve": "CVE-2014-0375", "discovery_date": "2014-01-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1053508" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5898 and CVE-2014-0403.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0375" }, { "category": "external", "summary": "RHBZ#1053508", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053508" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0375", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0375" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0375", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0375" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T19:17:27+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0030" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0" }, "products": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)" }, { "cve": "CVE-2014-0376", "discovery_date": "2014-01-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1051923" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect integrity via vectors related to JAXP. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to an improper check for \"code permissions when creating document builder factories.\"", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: document builder missing security checks (JAXP, 8027201, 8025018)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0376" }, { "category": "external", "summary": "RHBZ#1051923", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051923" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0376", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0376" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0376", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0376" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T19:17:27+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0030" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: document builder missing security checks (JAXP, 8027201, 8025018)" }, { "cve": "CVE-2014-0382", "discovery_date": "2014-01-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1053540" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 7u45 and JavaFX 2.2.45 allows remote attackers to affect availability via unknown vectors related to JavaFX.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: multiple unspecified vulnerabilities fixed in 7u51 (JavaFX)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0382" }, { "category": "external", "summary": "RHBZ#1053540", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053540" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0382", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0382" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0382", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0382" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T19:17:27+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0030" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "JDK: multiple unspecified vulnerabilities fixed in 7u51 (JavaFX)" }, { "cve": "CVE-2014-0387", "discovery_date": "2014-01-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1053502" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u65 and Java SE 7u45, when running on Firefox, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0387" }, { "category": "external", "summary": "RHBZ#1053502", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053502" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0387", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0387" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0387", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0387" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T19:17:27+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0030" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)" }, { "cve": "CVE-2014-0403", "discovery_date": "2014-01-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1053507" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5898 and CVE-2014-0375.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0403" }, { "category": "external", "summary": "RHBZ#1053507", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053507" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0403", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0403" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0403", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0403" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T19:17:27+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0030" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0" }, "products": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)" }, { "cve": "CVE-2014-0410", "discovery_date": "2014-01-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1053495" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5889, CVE-2013-5902, CVE-2014-0415, CVE-2014-0418, and CVE-2014-0424.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0410" }, { "category": "external", "summary": "RHBZ#1053495", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053495" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0410", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0410" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0410", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0410" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T19:17:27+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0030" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)" }, { "cve": "CVE-2014-0411", "discovery_date": "2014-01-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1053010" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that this issue allows remote attackers to obtain sensitive information about encryption keys via a timing discrepancy during the TLS/SSL handshake.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: TLS/SSL handshake timing issues (JSSE, 8023069)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0411" }, { "category": "external", "summary": "RHBZ#1053010", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053010" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0411", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0411" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0411", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0411" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T19:17:27+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0030" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N", "version": "2.0" }, "products": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: TLS/SSL handshake timing issues (JSSE, 8023069)" }, { "cve": "CVE-2014-0415", "discovery_date": "2014-01-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1053496" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5889, CVE-2013-5902, CVE-2014-0410, CVE-2014-0418, and CVE-2014-0424.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0415" }, { "category": "external", "summary": "RHBZ#1053496", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053496" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0415", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0415" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0415", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0415" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T19:17:27+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0030" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)" }, { "cve": "CVE-2014-0416", "discovery_date": "2014-01-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1051912" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect integrity via vectors related to JAAS. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to how principals are set for the Subject class, which allows attackers to escape the sandbox using deserialization of a crafted Subject instance.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insecure subject principals set handling (JAAS, 8024306)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0416" }, { "category": "external", "summary": "RHBZ#1051912", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051912" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0416", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0416" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0416", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0416" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T19:17:27+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0030" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0" }, "products": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: insecure subject principals set handling (JAAS, 8024306)" }, { "cve": "CVE-2014-0417", "discovery_date": "2014-01-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1053501" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JavaFX 2.2.45; and Java SE Embedded 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 5.0u71, 6u71 and 7u51 (2D)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0417" }, { "category": "external", "summary": "RHBZ#1053501", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053501" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0417", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0417" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0417", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0417" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T19:17:27+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0030" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "JDK: unspecified vulnerability fixed in 5.0u71, 6u71 and 7u51 (2D)" }, { "cve": "CVE-2014-0418", "discovery_date": "2014-01-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1053513" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5889, CVE-2013-5902, CVE-2014-0410, CVE-2014-0415, and CVE-2014-0424.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0418" }, { "category": "external", "summary": "RHBZ#1053513", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053513" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0418", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0418" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0418", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0418" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T19:17:27+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0030" } ], "scores": [ { "cvss_v2": { "accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)" }, { "cve": "CVE-2014-0422", "discovery_date": "2014-01-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1051528" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JNDI. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to missing package access checks in the Naming / JNDI component, which allows attackers to escape the sandbox.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insufficient package access checks in the Naming component (JNDI, 8025758)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0422" }, { "category": "external", "summary": "RHBZ#1051528", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051528" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0422", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0422" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0422", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0422" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T19:17:27+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0030" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: insufficient package access checks in the Naming component (JNDI, 8025758)" }, { "cve": "CVE-2014-0423", "discovery_date": "2014-01-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1053066" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; JRockit R27.7.7 and R28.2.9; Java SE Embedded 7u45; and OpenJDK 7 allows remote authenticated users to affect confidentiality and availability via unknown vectors related to Beans. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that this issue is an XML External Entity (XXE) vulnerability in DocumentHandler.java, related to Beans decoding.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: XXE issue in decoder (Beans, 8023245)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0423" }, { "category": "external", "summary": "RHBZ#1053066", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053066" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0423", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0423" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0423", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0423" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T19:17:27+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0030" } ], "scores": [ { "cvss_v2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 5.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:P", "version": "2.0" }, "products": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "OpenJDK: XXE issue in decoder (Beans, 8023245)" }, { "cve": "CVE-2014-0424", "discovery_date": "2014-01-14T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1053504" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 6u65 and 7u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment, a different vulnerability than CVE-2013-5889, CVE-2013-5902, CVE-2014-0410, CVE-2014-0415, and CVE-2014-0418.", "title": "Vulnerability description" }, { "category": "summary", "text": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0424" }, { "category": "external", "summary": "RHBZ#1053504", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1053504" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0424", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0424" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0424", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0424" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html#AppendixJAVA" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T19:17:27+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0030" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "JDK: unspecified vulnerability fixed in 6u71 and 7u51 (Deployment)" }, { "cve": "CVE-2014-0428", "discovery_date": "2014-01-07T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1051519" } ], "notes": [ { "category": "description", "text": "Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to \"insufficient security checks in IIOP streams,\" which allows attackers to escape the sandbox.", "title": "Vulnerability description" }, { "category": "summary", "text": "OpenJDK: insufficient security checks in IIOP streams (CORBA, 8025767)", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2014-0428" }, { "category": "external", "summary": "RHBZ#1051519", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051519" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2014-0428", "url": "https://www.cve.org/CVERecord?id=CVE-2014-0428" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2014-0428", "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0428" }, { "category": "external", "summary": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" } ], "release_date": "2014-01-14T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2014-01-15T19:17:27+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258", "product_ids": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2014:0030" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "products": [ "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Client-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el5_10.x86_64", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.i386", "5Server-Supplementary-5.10.Z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el5_10.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Client-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6ComputeNode-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Server-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-devel-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-javafx-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-jdbc-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-plugin-1:1.7.0.51-1jpp.1.el6_5.x86_64", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.i686", "6Workstation-Supplementary-6.5.z:java-1.7.0-oracle-src-1:1.7.0.51-1jpp.1.el6_5.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Critical" } ], "title": "OpenJDK: insufficient security checks in IIOP streams (CORBA, 8025767)" } ] }
ghsa-q5hj-g9q3-fcqh
Vulnerability from github
Published
2022-05-13 01:16
Modified
2022-05-13 01:16
Details
Unspecified vulnerability in Oracle Java SE 7u45 and Java SE Embedded 7u45, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to improper handling of methods in MethodHandles in HotSpot JVM, which allows attackers to escape the sandbox.
{ "affected": [], "aliases": [ "CVE-2013-5893" ], "database_specific": { "cwe_ids": [], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2014-01-15T16:08:00Z", "severity": "HIGH" }, "details": "Unspecified vulnerability in Oracle Java SE 7u45 and Java SE Embedded 7u45, and OpenJDK 7, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to improper handling of methods in MethodHandles in HotSpot JVM, which allows attackers to escape the sandbox.", "id": "GHSA-q5hj-g9q3-fcqh", "modified": "2022-05-13T01:16:43Z", "published": "2022-05-13T01:16:43Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-5893" }, { "type": "WEB", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1051549" }, { "type": "WEB", "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04166777" }, { "type": "WEB", "url": "http://hg.openjdk.java.net/jdk7u/jdk7u/hotspot/rev/839100e42498" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00105.html" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00107.html" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-updates/2014-02/msg00000.html" }, { "type": "WEB", "url": "http://marc.info/?l=bugtraq\u0026m=139402697611681\u0026w=2" }, { "type": "WEB", "url": "http://osvdb.org/102000" }, { "type": "WEB", "url": "http://rhn.redhat.com/errata/RHSA-2014-0026.html" }, { "type": "WEB", "url": "http://rhn.redhat.com/errata/RHSA-2014-0027.html" }, { "type": "WEB", "url": "http://rhn.redhat.com/errata/RHSA-2014-0030.html" }, { "type": "WEB", "url": "http://secunia.com/advisories/56432" }, { "type": "WEB", "url": "http://secunia.com/advisories/56485" }, { "type": "WEB", "url": "http://secunia.com/advisories/56486" }, { "type": "WEB", "url": "http://secunia.com/advisories/56535" }, { "type": "WEB", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html" }, { "type": "WEB", "url": "http://www.securityfocus.com/bid/64758" }, { "type": "WEB", "url": "http://www.securityfocus.com/bid/64863" }, { "type": "WEB", "url": "http://www.securitytracker.com/id/1029608" }, { "type": "WEB", "url": "http://www.ubuntu.com/usn/USN-2089-1" } ], "schema_version": "1.4.0", "severity": [] }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.