Launchpad.net

CVE 2014-0368

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45, and Java SE Embedded 7u45, allows remote attackers to affect confidentiality via unknown vectors related to Networking. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that the issue is related to incorrect permission checks when listening on a socket, which allows attackers to escape the sandbox.

Related bugs and status

CVE-2014-0368 (Candidate) is related to these bugs:

Bug #1283828: "Cannot find any provider supporting RSA/ECB/OAEPPadding" error after upgrading to openjdk-6 6b27-1.12.6-1ubuntu0.12.04.4

		In	Importance	Status
1283828	"Cannot find any provider supporting RSA/ECB/OAEPPadding" error after upgrading to openjdk-6 6b27-1.12.6-1ubuntu0.12.04.4	openjdk-6 (Ubuntu)	Undecided	Fix Released
1283828	"Cannot find any provider supporting RSA/ECB/OAEPPadding" error after upgrading to openjdk-6 6b27-1.12.6-1ubuntu0.12.04.4	openjdk-6 (Ubuntu Quantal)	Undecided	Fix Released
1283828	"Cannot find any provider supporting RSA/ECB/OAEPPadding" error after upgrading to openjdk-6 6b27-1.12.6-1ubuntu0.12.04.4	openjdk-6 (Ubuntu Saucy)	Undecided	Fix Released
1283828	"Cannot find any provider supporting RSA/ECB/OAEPPadding" error after upgrading to openjdk-6 6b27-1.12.6-1ubuntu0.12.04.4	openjdk-6 (Ubuntu Trusty)	Undecided	Fix Released
1283828	"Cannot find any provider supporting RSA/ECB/OAEPPadding" error after upgrading to openjdk-6 6b27-1.12.6-1ubuntu0.12.04.4	openjdk-6 (Ubuntu Lucid)	Undecided	Fix Released
1283828	"Cannot find any provider supporting RSA/ECB/OAEPPadding" error after upgrading to openjdk-6 6b27-1.12.6-1ubuntu0.12.04.4	openjdk-6 (Ubuntu Precise)	Undecided	Fix Released
1283828	"Cannot find any provider supporting RSA/ECB/OAEPPadding" error after upgrading to openjdk-6 6b27-1.12.6-1ubuntu0.12.04.4	openjdk-7 (Ubuntu)	Undecided	Fix Released
1283828	"Cannot find any provider supporting RSA/ECB/OAEPPadding" error after upgrading to openjdk-6 6b27-1.12.6-1ubuntu0.12.04.4	openjdk-7 (Ubuntu Precise)	Undecided	Fix Released
1283828	"Cannot find any provider supporting RSA/ECB/OAEPPadding" error after upgrading to openjdk-6 6b27-1.12.6-1ubuntu0.12.04.4	openjdk-7 (Ubuntu Quantal)	Undecided	Fix Released
1283828	"Cannot find any provider supporting RSA/ECB/OAEPPadding" error after upgrading to openjdk-6 6b27-1.12.6-1ubuntu0.12.04.4	openjdk-7 (Ubuntu Saucy)	Undecided	Fix Released
1283828	"Cannot find any provider supporting RSA/ECB/OAEPPadding" error after upgrading to openjdk-6 6b27-1.12.6-1ubuntu0.12.04.4	openjdk-7 (Ubuntu Trusty)	Undecided	Fix Released
1283828	"Cannot find any provider supporting RSA/ECB/OAEPPadding" error after upgrading to openjdk-6 6b27-1.12.6-1ubuntu0.12.04.4	Iced Tea	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://www.oracle.com/...
BID: 64758
MISC: http://hg.openjdk.java...
CONFIRM: https://bugzilla.redha...
BID: 64930
SECTRACK: 1029608
SECUNIA: 56432
SECUNIA: 56485
SECUNIA: 56486
SECUNIA: 56535
REDHAT: RHSA-2014:0026
REDHAT: RHSA-2014:0027
REDHAT: RHSA-2014:0097
REDHAT: RHSA-2014:0136
REDHAT: RHSA-2014:0030
REDHAT: RHSA-2014:0134
REDHAT: RHSA-2014:0135
SUSE: openSUSE-SU-2014:0174
SUSE: SUSE-SU-2014:0246
SUSE: SUSE-SU-2014:0266
SUSE: openSUSE-SU-2014:0177
SUSE: openSUSE-SU-2014:0180
UBUNTU: USN-2089-1
UBUNTU: USN-2124-1
SUSE: SUSE-SU-2014:0451
CONFIRM: https://h20566.www2.hp...
CONFIRM: http://www-01.ibm.com/...
SECUNIA: 59235
SECUNIA: 59339
HP: HPSBUX02972
HP: HPSBUX02973
HP: SSRT101454
HP: SSRT101455
REDHAT: RHSA-2014:0414