CVE-2014-0368
Publication date 15 January 2014
Last updated 24 July 2024
Ubuntu priority
Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45, and Java SE Embedded 7u45, allows remote attackers to affect confidentiality via unknown vectors related to Networking. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to incorrect permission checks when listening on a socket, which allows attackers to escape the sandbox.
Status
Package | Ubuntu Release | Status |
---|---|---|
openjdk-6 | 13.10 saucy |
Fixed 6b30-1.13.1-1ubuntu2~0.13.10.1
|
13.04 raring | Ignored end of life, was deferred | |
12.10 quantal |
Fixed 6b30-1.13.1-1ubuntu2~0.12.10.1
|
|
12.04 LTS precise |
Fixed 6b30-1.13.1-1ubuntu2~0.12.04.1
|
|
10.04 LTS lucid |
Fixed 6b30-1.13.1-1ubuntu2~0.10.04.1
|
|
openjdk-7 | 13.10 saucy |
Fixed 7u51-2.4.4-0ubuntu0.13.10.1
|
13.04 raring |
Fixed 7u51-2.4.4-0ubuntu0.13.04.2
|
|
12.10 quantal |
Fixed 7u51-2.4.4-0ubuntu0.12.10.2
|
|
12.04 LTS precise |
Fixed 7u51-2.4.4-0ubuntu0.12.04.2
|
|
10.04 LTS lucid | Not in release |
Notes
References
Related Ubuntu Security Notices (USN)
- USN-2089-1
- OpenJDK 7 vulnerabilities
- 23 January 2014
- USN-2124-1
- OpenJDK 6 vulnerabilities
- 27 February 2014