Remote Code Execution Vulnerability in Oracle Java SE and JavaFX
CVE-2014-2401

Currently unrated

Key Information:

Vendor: Oracle
Status: Javafx; Jdk; Jre
Vendor: CVE Published:; 16 April 2014

What is CVE-2014-2401?

An unspecified vulnerability in Oracle's Java SE and JavaFX products exposes systems to potential exploitation by remote attackers. This vulnerability affects specific versions of Java SE, including 5.0, 6, 7, and 8, as well as JavaFX. The issue is related to components handling 2D graphics and could allow attackers to access sensitive information, compromising confidentiality through unknown vectors. Users are encouraged to apply security patches and updates to mitigate the risk associated with this vulnerability.

References

https://www.ibm.com/support/docview.wss?uid=swg21675973

x_refsource_CONFIRM

https://access.redhat.com/errata/RHSA-2014:0414

vendor-advisoryx_refsource_REDHAT

http://marc.info/?l=bugtraq&m=140852886808946&w=2

vendor-advisoryx_refsource_HP

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 16, 2014
Vulnerability Reserved
Mar 13, 2014