CVE-2014-0416

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2014-0416 at MITRE

Description

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect integrity via vectors related to JAAS. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to how principals are set for the Subject class, which allows attackers to escape the sandbox using deserialization of a crafted Subject instance.

NVD CVSS v2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:P/A:N)

SUSE information

SUSE Bugzilla entries: 858818, 862064

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Desktop 11 SP3
  • java-1_7_0-openjdk >= 1.7.0.6-0.23.1
  • java-1_7_0-openjdk-demo >= 1.7.0.6-0.23.1
  • java-1_7_0-openjdk-devel >= 1.7.0.6-0.23.1
Patchnames:
sledsp3-java-1_7_0-openjdk
SUSE Linux Enterprise Server 11 SP1-LTSS
  • java-1_6_0-ibm >= 1.6.0_sr15.1-0.6.1
  • java-1_6_0-ibm-alsa >= 1.6.0_sr15.1-0.6.1
  • java-1_6_0-ibm-fonts >= 1.6.0_sr15.1-0.6.1
  • java-1_6_0-ibm-jdbc >= 1.6.0_sr15.1-0.6.1
  • java-1_6_0-ibm-plugin >= 1.6.0_sr15.1-0.6.1
Patchnames:
slessp1-java-1_6_0-ibm
SUSE Linux Enterprise Server 11 SP2-LTSS
  • java-1_6_0-ibm >= 1.6.0_sr15.1-0.6.1
  • java-1_6_0-ibm-alsa >= 1.6.0_sr15.1-0.6.1
  • java-1_6_0-ibm-devel >= 1.6.0_sr15.1-0.6.1
  • java-1_6_0-ibm-fonts >= 1.6.0_sr15.1-0.6.1
  • java-1_6_0-ibm-jdbc >= 1.6.0_sr15.1-0.6.1
  • java-1_6_0-ibm-plugin >= 1.6.0_sr15.1-0.6.1
  • java-1_7_0-ibm >= 1.7.0_sr6.1-0.8.1
  • java-1_7_0-ibm-alsa >= 1.7.0_sr6.1-0.8.1
  • java-1_7_0-ibm-jdbc >= 1.7.0_sr6.1-0.8.1
  • java-1_7_0-ibm-plugin >= 1.7.0_sr6.1-0.8.1
Patchnames:
slessp2-java-1_6_0-ibm
slessp2-java-1_7_0-ibm
SUSE Linux Enterprise Server 11 SP3
  • java-1_6_0-ibm >= 1.6.0_sr15.1-0.6.1
  • java-1_6_0-ibm-alsa >= 1.6.0_sr15.1-0.6.1
  • java-1_6_0-ibm-fonts >= 1.6.0_sr15.1-0.6.1
  • java-1_6_0-ibm-jdbc >= 1.6.0_sr15.1-0.6.1
  • java-1_6_0-ibm-plugin >= 1.6.0_sr15.1-0.6.1
  • java-1_7_0-ibm >= 1.7.0_sr6.1-0.8.1
  • java-1_7_0-ibm-alsa >= 1.7.0_sr6.1-0.8.1
  • java-1_7_0-ibm-jdbc >= 1.7.0_sr6.1-0.8.1
  • java-1_7_0-ibm-plugin >= 1.7.0_sr6.1-0.8.1
Patchnames:
slessp3-java-1_6_0-ibm
slessp3-java-1_7_0-ibm
SUSE Linux Enterprise Server for VMWare 11 SP3
  • java-1_6_0-ibm >= 1.6.0_sr15.1-0.6.1
  • java-1_6_0-ibm-alsa >= 1.6.0_sr15.1-0.6.1
  • java-1_6_0-ibm-fonts >= 1.6.0_sr15.1-0.6.1
  • java-1_6_0-ibm-jdbc >= 1.6.0_sr15.1-0.6.1
  • java-1_6_0-ibm-plugin >= 1.6.0_sr15.1-0.6.1
  • java-1_7_0-ibm >= 1.7.0_sr6.1-0.8.1
  • java-1_7_0-ibm-alsa >= 1.7.0_sr6.1-0.8.1
  • java-1_7_0-ibm-jdbc >= 1.7.0_sr6.1-0.8.1
  • java-1_7_0-ibm-plugin >= 1.7.0_sr6.1-0.8.1
Patchnames:
slessp3-java-1_6_0-ibm
slessp3-java-1_7_0-ibm
SUSE Linux Enterprise Software Development Kit 11 SP3
  • java-1_6_0-ibm >= 1.6.0_sr15.1-0.6.1
  • java-1_6_0-ibm-devel >= 1.6.0_sr15.1-0.6.1
  • java-1_6_0-ibm-fonts >= 1.6.0_sr15.1-0.6.1
  • java-1_7_0-ibm-devel >= 1.7.0_sr6.1-0.8.1
Patchnames:
sdksp3-java-1_6_0-ibm
sdksp3-java-1_7_0-ibm
SUSE Manager 1.7
  • java-1_6_0-ibm >= 1.6.0_sr15.1-0.6.1
  • java-1_6_0-ibm-devel >= 1.6.0_sr15.1-0.6.1
  • java-1_6_0-ibm-fonts >= 1.6.0_sr15.1-0.6.1
  • java-1_6_0-ibm-jdbc >= 1.6.0_sr15.1-0.6.1
  • java-1_6_0-ibm-plugin >= 1.6.0_sr15.1-0.6.1
Patchnames:
sleman17sp2-java-1_6_0-ibm
SUSE Manager 1.7 for SLE 11 SP2
  • java-1_6_0-ibm >= 1.6.0_sr15.1-0.6.1
  • java-1_6_0-ibm-devel >= 1.6.0_sr15.1-0.6.1
  • java-1_6_0-ibm-fonts >= 1.6.0_sr15.1-0.6.1
  • java-1_6_0-ibm-jdbc >= 1.6.0_sr15.1-0.6.1
  • java-1_6_0-ibm-plugin >= 1.6.0_sr15.1-0.6.1
Builds
SAT Patch Nr: 9026
SUSE Linux Enterprise Server 10 SP4 LTSS for x86
  • java-1_5_0-ibm >= 1.5.0_sr16.5-0.6.1
  • java-1_5_0-ibm-alsa >= 1.5.0_sr16.5-0.6.1
  • java-1_5_0-ibm-devel >= 1.5.0_sr16.5-0.6.1
  • java-1_5_0-ibm-fonts >= 1.5.0_sr16.5-0.6.1
  • java-1_5_0-ibm-jdbc >= 1.5.0_sr16.5-0.6.1
  • java-1_5_0-ibm-plugin >= 1.5.0_sr16.5-0.6.1
Builds
ZYPP Patch Nr: 8781
SUSE Linux Enterprise Server 10 SP4 LTSS for IBM zSeries 64bit
  • java-1_5_0-ibm >= 1.5.0_sr16.5-0.6.1
  • java-1_5_0-ibm-32bit >= 1.5.0_sr16.5-0.6.1
  • java-1_5_0-ibm-devel >= 1.5.0_sr16.5-0.6.1
  • java-1_5_0-ibm-devel-32bit >= 1.5.0_sr16.5-0.6.1
  • java-1_5_0-ibm-fonts >= 1.5.0_sr16.5-0.6.1
Builds
ZYPP Patch Nr: 8781
SUSE Linux Enterprise Server 10 SP4 LTSS for AMD64 and Intel EM64T
  • java-1_5_0-ibm >= 1.5.0_sr16.5-0.6.1
  • java-1_5_0-ibm-32bit >= 1.5.0_sr16.5-0.6.1
  • java-1_5_0-ibm-alsa-32bit >= 1.5.0_sr16.5-0.6.1
  • java-1_5_0-ibm-devel >= 1.5.0_sr16.5-0.6.1
  • java-1_5_0-ibm-devel-32bit >= 1.5.0_sr16.5-0.6.1
  • java-1_5_0-ibm-fonts >= 1.5.0_sr16.5-0.6.1
Builds
ZYPP Patch Nr: 8781
SUSE Linux Enterprise Server 11 SP2 LTSS
  • java-1_7_0-ibm >= 1.7.0_sr6.1-0.8.1
  • java-1_7_0-ibm-alsa >= 1.7.0_sr6.1-0.8.1
  • java-1_7_0-ibm-jdbc >= 1.7.0_sr6.1-0.8.1
  • java-1_7_0-ibm-plugin >= 1.7.0_sr6.1-0.8.1
Builds
SAT Patch Nr: 8902
SUSE Linux Enterprise Server 11 SP2 LTSS
  • java-1_7_0-ibm >= 1.7.0_sr6.1-0.8.1
  • java-1_7_0-ibm-jdbc >= 1.7.0_sr6.1-0.8.1
Builds
SAT Patch Nr: 8902
SUSE Linux Enterprise Software Development Kit 11 SP3
  • java-1_7_0-ibm-devel >= 1.7.0_sr6.1-0.8.1
Builds
SAT Patch Nr: 8878
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP3 for VMware
  • java-1_7_0-ibm >= 1.7.0_sr6.1-0.8.1
  • java-1_7_0-ibm-alsa >= 1.7.0_sr6.1-0.8.1
  • java-1_7_0-ibm-jdbc >= 1.7.0_sr6.1-0.8.1
  • java-1_7_0-ibm-plugin >= 1.7.0_sr6.1-0.8.1
Builds
SAT Patch Nr: 8878
SUSE Linux Enterprise Server 11 SP3
  • java-1_7_0-ibm >= 1.7.0_sr6.1-0.8.1
  • java-1_7_0-ibm-jdbc >= 1.7.0_sr6.1-0.8.1
Builds
SAT Patch Nr: 8878
SUSE Linux Enterprise Software Development Kit 11 SP3
  • java-1_6_0-ibm >= 1.6.0_sr15.1-0.6.1
  • java-1_6_0-ibm-devel >= 1.6.0_sr15.1-0.6.1
  • java-1_6_0-ibm-fonts >= 1.6.0_sr15.1-0.6.1
Builds
SAT Patch Nr: 8896
SUSE Linux Enterprise Software Development Kit 11 SP3
  • java-1_6_0-ibm-devel >= 1.6.0_sr15.1-0.6.1
Builds
SAT Patch Nr: 8896
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP3 for VMware
  • java-1_6_0-ibm >= 1.6.0_sr15.1-0.6.1
  • java-1_6_0-ibm-alsa >= 1.6.0_sr15.1-0.6.1
  • java-1_6_0-ibm-fonts >= 1.6.0_sr15.1-0.6.1
  • java-1_6_0-ibm-jdbc >= 1.6.0_sr15.1-0.6.1
  • java-1_6_0-ibm-plugin >= 1.6.0_sr15.1-0.6.1
Builds
SAT Patch Nr: 8896
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP3 for VMware
  • java-1_6_0-ibm >= 1.6.0_sr15.1-0.6.1
  • java-1_6_0-ibm-fonts >= 1.6.0_sr15.1-0.6.1
  • java-1_6_0-ibm-jdbc >= 1.6.0_sr15.1-0.6.1
  • java-1_6_0-ibm-plugin >= 1.6.0_sr15.1-0.6.1
Builds
SAT Patch Nr: 8896
SUSE Linux Enterprise Server 11 SP3
  • java-1_6_0-ibm >= 1.6.0_sr15.1-0.6.1
  • java-1_6_0-ibm-fonts >= 1.6.0_sr15.1-0.6.1
  • java-1_6_0-ibm-jdbc >= 1.6.0_sr15.1-0.6.1
Builds
SAT Patch Nr: 8896
SUSE CORE 9 for AMD64 and Intel EM64T
SUSE CORE 9 for IBM S/390 31bit
SUSE CORE 9 for IBM zSeries 64bit
SUSE CORE 9 for x86
  • IBMJava5-JRE >= 1.5.0_sr16.5-0.4
  • IBMJava5-SDK >= 1.5.0_sr16.5-0.4
Builds
YOU Patch Nr: 12993
SUSE Linux Enterprise Server 11 SP2 LTSS
  • java-1_6_0-ibm >= 1.6.0_sr15.1-0.6.1
  • java-1_6_0-ibm-alsa >= 1.6.0_sr15.1-0.6.1
  • java-1_6_0-ibm-fonts >= 1.6.0_sr15.1-0.6.1
  • java-1_6_0-ibm-jdbc >= 1.6.0_sr15.1-0.6.1
  • java-1_6_0-ibm-plugin >= 1.6.0_sr15.1-0.6.1
Builds
SAT Patch Nr: 8900
SUSE Linux Enterprise Server 11 SP2 LTSS
  • java-1_6_0-ibm >= 1.6.0_sr15.1-0.6.1
  • java-1_6_0-ibm-fonts >= 1.6.0_sr15.1-0.6.1
  • java-1_6_0-ibm-jdbc >= 1.6.0_sr15.1-0.6.1
Builds
SAT Patch Nr: 8900
SUSE Linux Enterprise Server 11 SP2 LTSS
  • java-1_6_0-ibm >= 1.6.0_sr15.1-0.6.1
  • java-1_6_0-ibm-fonts >= 1.6.0_sr15.1-0.6.1
  • java-1_6_0-ibm-jdbc >= 1.6.0_sr15.1-0.6.1
  • java-1_6_0-ibm-plugin >= 1.6.0_sr15.1-0.6.1
Builds
SAT Patch Nr: 8900
SUSE Linux Enterprise Server 10 SP4 LTSS for x86
  • java-1_6_0-ibm >= 1.6.0_sr15.1-0.15.1
  • java-1_6_0-ibm-alsa >= 1.6.0_sr15.1-0.15.1
  • java-1_6_0-ibm-devel >= 1.6.0_sr15.1-0.15.1
  • java-1_6_0-ibm-fonts >= 1.6.0_sr15.1-0.15.1
  • java-1_6_0-ibm-jdbc >= 1.6.0_sr15.1-0.15.1
  • java-1_6_0-ibm-plugin >= 1.6.0_sr15.1-0.15.1
Builds
ZYPP Patch Nr: 8782
SUSE Linux Enterprise Server 10 SP4 LTSS for IBM zSeries 64bit
  • java-1_6_0-ibm >= 1.6.0_sr15.1-0.15.1
  • java-1_6_0-ibm-32bit >= 1.6.0_sr15.1-0.15.1
  • java-1_6_0-ibm-devel >= 1.6.0_sr15.1-0.15.1
  • java-1_6_0-ibm-devel-32bit >= 1.6.0_sr15.1-0.15.1
  • java-1_6_0-ibm-fonts >= 1.6.0_sr15.1-0.15.1
  • java-1_6_0-ibm-jdbc >= 1.6.0_sr15.1-0.15.1
Builds
ZYPP Patch Nr: 8782
SUSE Linux Enterprise Server 10 SP4 LTSS for AMD64 and Intel EM64T
  • java-1_6_0-ibm >= 1.6.0_sr15.1-0.15.1
  • java-1_6_0-ibm-32bit >= 1.6.0_sr15.1-0.15.1
  • java-1_6_0-ibm-alsa-32bit >= 1.6.0_sr15.1-0.15.1
  • java-1_6_0-ibm-devel >= 1.6.0_sr15.1-0.15.1
  • java-1_6_0-ibm-devel-32bit >= 1.6.0_sr15.1-0.15.1
  • java-1_6_0-ibm-fonts >= 1.6.0_sr15.1-0.15.1
  • java-1_6_0-ibm-jdbc >= 1.6.0_sr15.1-0.15.1
  • java-1_6_0-ibm-plugin >= 1.6.0_sr15.1-0.15.1
  • java-1_6_0-ibm-plugin-32bit >= 1.6.0_sr15.1-0.15.1
Builds
ZYPP Patch Nr: 8782
SUSE Linux Enterprise Desktop 11 SP3
  • java-1_7_0-openjdk >= 1.7.0.6-0.23.1
  • java-1_7_0-openjdk-demo >= 1.7.0.6-0.23.1
  • java-1_7_0-openjdk-devel >= 1.7.0.6-0.23.1
Builds
SAT Patch Nr: 8874
SUSE Linux Enterprise Server 10 SP3 LTSS for x86
  • java-1_6_0-ibm >= 1.6.0_sr15.1-0.5.1
  • java-1_6_0-ibm-alsa >= 1.6.0_sr15.1-0.5.1
  • java-1_6_0-ibm-devel >= 1.6.0_sr15.1-0.5.1
  • java-1_6_0-ibm-fonts >= 1.6.0_sr15.1-0.5.1
  • java-1_6_0-ibm-jdbc >= 1.6.0_sr15.1-0.5.1
  • java-1_6_0-ibm-plugin >= 1.6.0_sr15.1-0.5.1
Builds
ZYPP Patch Nr: 8783
SUSE Linux Enterprise Server 10 SP3 LTSS for IBM zSeries 64bit
  • java-1_6_0-ibm >= 1.6.0_sr15.1-0.5.1
  • java-1_6_0-ibm-32bit >= 1.6.0_sr15.1-0.5.1
  • java-1_6_0-ibm-devel >= 1.6.0_sr15.1-0.5.1
  • java-1_6_0-ibm-devel-32bit >= 1.6.0_sr15.1-0.5.1
  • java-1_6_0-ibm-fonts >= 1.6.0_sr15.1-0.5.1
  • java-1_6_0-ibm-jdbc >= 1.6.0_sr15.1-0.5.1
Builds
ZYPP Patch Nr: 8783
SUSE Linux Enterprise Server 10 SP3 LTSS for AMD64 and Intel EM64T
  • java-1_6_0-ibm >= 1.6.0_sr15.1-0.5.1
  • java-1_6_0-ibm-32bit >= 1.6.0_sr15.1-0.5.1
  • java-1_6_0-ibm-alsa-32bit >= 1.6.0_sr15.1-0.5.1
  • java-1_6_0-ibm-devel >= 1.6.0_sr15.1-0.5.1
  • java-1_6_0-ibm-devel-32bit >= 1.6.0_sr15.1-0.5.1
  • java-1_6_0-ibm-fonts >= 1.6.0_sr15.1-0.5.1
  • java-1_6_0-ibm-jdbc >= 1.6.0_sr15.1-0.5.1
  • java-1_6_0-ibm-plugin >= 1.6.0_sr15.1-0.5.1
  • java-1_6_0-ibm-plugin-32bit >= 1.6.0_sr15.1-0.5.1
Builds
ZYPP Patch Nr: 8783
SUSE Linux Enterprise Server 10 SP3 LTSS for x86
  • java-1_5_0-ibm >= 1.5.0_sr16.5-0.6.1
  • java-1_5_0-ibm-alsa >= 1.5.0_sr16.5-0.6.1
  • java-1_5_0-ibm-devel >= 1.5.0_sr16.5-0.6.1
  • java-1_5_0-ibm-fonts >= 1.5.0_sr16.5-0.6.1
  • java-1_5_0-ibm-jdbc >= 1.5.0_sr16.5-0.6.1
  • java-1_5_0-ibm-plugin >= 1.5.0_sr16.5-0.6.1
Builds
ZYPP Patch Nr: 8780
SUSE Linux Enterprise Server 10 SP3 LTSS for IBM zSeries 64bit
  • java-1_5_0-ibm >= 1.5.0_sr16.5-0.6.1
  • java-1_5_0-ibm-32bit >= 1.5.0_sr16.5-0.6.1
  • java-1_5_0-ibm-devel >= 1.5.0_sr16.5-0.6.1
  • java-1_5_0-ibm-devel-32bit >= 1.5.0_sr16.5-0.6.1
  • java-1_5_0-ibm-fonts >= 1.5.0_sr16.5-0.6.1
Builds
ZYPP Patch Nr: 8780
SUSE Linux Enterprise Server 10 SP3 LTSS for AMD64 and Intel EM64T
  • java-1_5_0-ibm >= 1.5.0_sr16.5-0.6.1
  • java-1_5_0-ibm-32bit >= 1.5.0_sr16.5-0.6.1
  • java-1_5_0-ibm-alsa-32bit >= 1.5.0_sr16.5-0.6.1
  • java-1_5_0-ibm-devel >= 1.5.0_sr16.5-0.6.1
  • java-1_5_0-ibm-devel-32bit >= 1.5.0_sr16.5-0.6.1
  • java-1_5_0-ibm-fonts >= 1.5.0_sr16.5-0.6.1
Builds
ZYPP Patch Nr: 8780
SUSE Linux Enterprise Server 11 SP1 LTSS
  • java-1_6_0-ibm >= 1.6.0_sr15.1-0.6.1
  • java-1_6_0-ibm-alsa >= 1.6.0_sr15.1-0.6.1
  • java-1_6_0-ibm-fonts >= 1.6.0_sr15.1-0.6.1
  • java-1_6_0-ibm-jdbc >= 1.6.0_sr15.1-0.6.1
  • java-1_6_0-ibm-plugin >= 1.6.0_sr15.1-0.6.1
Builds
SAT Patch Nr: 8901
SUSE Linux Enterprise Server 11 SP1 LTSS
  • java-1_6_0-ibm >= 1.6.0_sr15.1-0.6.1
  • java-1_6_0-ibm-fonts >= 1.6.0_sr15.1-0.6.1
  • java-1_6_0-ibm-jdbc >= 1.6.0_sr15.1-0.6.1
Builds
SAT Patch Nr: 8901
SUSE Linux Enterprise Server 11 SP1 LTSS
  • java-1_6_0-ibm >= 1.6.0_sr15.1-0.6.1
  • java-1_6_0-ibm-fonts >= 1.6.0_sr15.1-0.6.1
  • java-1_6_0-ibm-jdbc >= 1.6.0_sr15.1-0.6.1
  • java-1_6_0-ibm-plugin >= 1.6.0_sr15.1-0.6.1
Builds
SAT Patch Nr: 8901
openSUSE 12.3
  • java-1_7_0-openjdk >= 1.7.0.6-8.32.5
  • java-1_7_0-openjdk-accessibility >= 1.7.0.6-8.32.5
  • java-1_7_0-openjdk-debuginfo >= 1.7.0.6-8.32.5
  • java-1_7_0-openjdk-debugsource >= 1.7.0.6-8.32.5
  • java-1_7_0-openjdk-demo >= 1.7.0.6-8.32.5
  • java-1_7_0-openjdk-demo-debuginfo >= 1.7.0.6-8.32.5
  • java-1_7_0-openjdk-devel >= 1.7.0.6-8.32.5
  • java-1_7_0-openjdk-devel-debuginfo >= 1.7.0.6-8.32.5
  • java-1_7_0-openjdk-headless >= 1.7.0.6-8.32.5
  • java-1_7_0-openjdk-headless-debuginfo >= 1.7.0.6-8.32.5
  • java-1_7_0-openjdk-javadoc >= 1.7.0.6-8.32.5
  • java-1_7_0-openjdk-src >= 1.7.0.6-8.32.5
Patchnames:
openSUSE-2014-96
openSUSE 13.1
  • java-1_7_0-openjdk >= 1.7.0.6-24.13.5
  • java-1_7_0-openjdk-accessibility >= 1.7.0.6-24.13.5
  • java-1_7_0-openjdk-debuginfo >= 1.7.0.6-24.13.5
  • java-1_7_0-openjdk-debugsource >= 1.7.0.6-24.13.5
  • java-1_7_0-openjdk-demo >= 1.7.0.6-24.13.5
  • java-1_7_0-openjdk-demo-debuginfo >= 1.7.0.6-24.13.5
  • java-1_7_0-openjdk-devel >= 1.7.0.6-24.13.5
  • java-1_7_0-openjdk-devel-debuginfo >= 1.7.0.6-24.13.5
  • java-1_7_0-openjdk-headless >= 1.7.0.6-24.13.5
  • java-1_7_0-openjdk-headless-debuginfo >= 1.7.0.6-24.13.5
  • java-1_7_0-openjdk-javadoc >= 1.7.0.6-24.13.5
  • java-1_7_0-openjdk-src >= 1.7.0.6-24.13.5
Patchnames:
openSUSE-2014-95