what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Mandriva Linux Security Advisory 2014-100

Posted May 19, 2014

Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-100 - An input validation flaw was discovered in the medialib library in the 2D component. A specially crafted image could trigger Java Virtual Machine memory corruption when processed. A remote attacker, or an untrusted Java application or applet, could possibly use this flaw to execute arbitrary code with the privileges of the user running the Java Virtual Machine. Multiple flaws were discovered in the Hotspot and 2D components in OpenJDK. An untrusted Java application or applet could use these flaws to trigger Java Virtual Machine memory corruption and possibly bypass Java sandbox restrictions. Various other issues have also been addressed.

tags | advisory, java, remote, arbitrary

systems | linux, mandriva

advisories | CVE-2014-0429, CVE-2014-0446, CVE-2014-0451, CVE-2014-0452, CVE-2014-0453, CVE-2014-0454, CVE-2014-0455, CVE-2014-0456, CVE-2014-0457, CVE-2014-0458, CVE-2014-0459, CVE-2014-0460, CVE-2014-0461, CVE-2014-1876, CVE-2014-2397, CVE-2014-2398, CVE-2014-2402, CVE-2014-2403, CVE-2014-2412, CVE-2014-2413, CVE-2014-2414, CVE-2014-2421, CVE-2014-2423, CVE-2014-2427

SHA-256 | 91824bad36582882c00f6a76ee8ba050b4a1bf940847bce7892c312648b1fe08

Download | Favorite | View

Related Files

No related files