Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.
Bug 1119918 - (CVE-2014-4247) CVE-2014-4247 Oracle JDK: unspecified vulnerability fixed in 8u11 (JavaFX)
CVE-2014-4247 Oracle JDK: unspecified vulnerability fixed in 8u11 (JavaFX)
Status: CLOSED NOTABUG
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
urgent Severity urgent
: ---
: ---
Assigned To: Red Hat Product Security
impact=critical,public=20140715,repor...
: Security
Depends On:
Blocks: 1115835
  Show dependency treegraph
 
Reported: 2014-07-15 16:26 EDT by Tomas Hoger
Modified: 2014-07-15 16:33 EDT (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2014-07-15 16:33:49 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Tomas Hoger 2014-07-15 16:26:01 EDT
Oracle Java SE 8u11 fixes an unspecified vulnerability in the JavaFX component (CVE-2014-4247).  Upstream has CVSSv2 scored this issue as: 9.3/AV:N/AC:M/Au:N/C:C/I:C/A:C

External Reference:

http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html#AppendixJAVA
Comment 1 Tomas Hoger 2014-07-15 16:33:49 EDT
This only affected Oracle Java SE 8.  Only versions 6 and 7 are currently provided as part of Oracle Java channels for Red Hat Enterprise Linux.

Note You need to log in before you can comment on or make changes to this bug.