Kaspersky ID:
KLA10001
Дата обнаружения:
30/04/2014
Обновлено:
03/06/2020

Описание

Multiple serious vulnerabilities have been found in Oracle Java Runtime Environment & Java Development Kit: 5.61, 6.71, 7.51, 8. Malicious use of these vulnerabilities can affect confidentiality, integrity and availability, cause denial of service, obtain sensitive information or overwrite arbitrary files.

Below is a complete list of vulnerabilities

  1. Vectors related to 2D, Libraries, Hotspot, JavaFX, Deployment, AWT, JAX-WS, JAXB, Security, Sound, JNDI, JAXP, Scripting, Javadoc and other unknown points can be exploited to affect confidentiality, integrity and availability.
  2. Zero-size PLTE chunk or NULL palette, related to pngrtran.c and pngset.c.
  3. Unintialized memory locations at get_sos from libjpeg (6b) & libjpeg-turbo (through 1.3.0).
  4. Nonsecurely temporary files creation at unpacker::redirect_stdio from unpack200.

Первичный источник обнаружения

Связанные продукты

Список CVE

  • CVE-2013-6629
    critical
  • CVE-2014-2414
    critical
  • CVE-2014-2402
    critical
  • CVE-2014-0446
    critical
  • CVE-2014-0454
    critical
  • CVE-2014-2427
    critical
  • CVE-2014-2422
    high
  • CVE-2014-2409
    high
  • CVE-2014-0460
    high
  • CVE-2013-6954
    critical
  • CVE-2014-2410
    critical
  • CVE-2014-2397
    critical
  • CVE-2014-0456
    critical
  • CVE-2014-2421
    critical
  • CVE-2014-0429
    critical
  • CVE-2014-0457
    critical
  • CVE-2014-2398
    warning
  • CVE-2014-0453
    warning
  • CVE-2014-2413
    warning
  • CVE-2014-0459
    warning
  • CVE-2014-0464
    warning
  • CVE-2014-0463
    warning
  • CVE-2014-2401
    critical
  • CVE-2014-2403
    critical
  • CVE-2014-2420
    warning
  • CVE-2014-1876
    warning
  • CVE-2014-0452
    critical
  • CVE-2014-2423
    critical
  • CVE-2014-2412
    critical
  • CVE-2014-2428
    critical
  • CVE-2014-0458
    critical
  • CVE-2014-0451
    critical
  • CVE-2014-0455
    critical
  • CVE-2014-0432
    critical
  • CVE-2014-0448
    critical
  • CVE-2014-0461
    critical

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com

Нашли неточность в описании этой уязвимости? Дайте нам знать!
Kaspersky IT Security Calculator:
Оцените ваш профиль кибербезопасности
Узнать больше
Встречай новый Kaspersky!
Каждая минута твоей онлайн-жизни заслуживает топовой защиты.
Узнать больше
Confirm changes?
Your message has been sent successfully.