Advisory Published
CVE Published
Updated

CVE-2014-0429

First published: Mon Apr 14 2014(Updated: )

It was discovered that certain medialib operations do not properly validate that mlib and raster images correspond to each other. A remote attacker could possibly use this flaw to trigger a Java Virtual Machine memory corruption.

Credit: secalert_us@oracle.com

Affected SoftwareAffected VersionHow to fix
redhat/icedtea<1.13.3
1.13.3
redhat/icedtea<2.4.7
2.4.7
Ubuntu=10.04
Ubuntu=12.04
Ubuntu=12.10
Ubuntu=13.10
Ubuntu=14.04
Oracle Java SE=r27.8.1
Oracle Java SE=r28.3.1
Juniper Networks Junos Space<15.1
Oracle Java SE 7=1.5.0-update61
Oracle Java SE 7=1.6.0-update71
Oracle Java SE 7=1.7.0-update51
Oracle Java SE 7=1.8.0
Oracle JRE=1.5.0-update61
Oracle JRE=1.6.0-update71
Oracle JRE=1.7.0-update51
Oracle JRE=1.8.0
Debian Linux=6.0
Debian Linux=7.0
Debian Linux=8.0
IBM Forms Viewer>=4.0.0<4.0.0.3
IBM Forms Viewer>=8.0.0<8.0.1.1
Microsoft Windows Operating System

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2014-0429?

    CVE-2014-0429 is classified as a high severity vulnerability due to its potential to cause memory corruption in the Java Virtual Machine.

  • How do I fix CVE-2014-0429?

    To fix CVE-2014-0429, upgrade to the appropriate patched version of Java or IcedTea as specified in the vendor advisories.

  • Which software versions are affected by CVE-2014-0429?

    CVE-2014-0429 affects multiple versions of Oracle Java SE, IcedTea, and other products including specific versions of Ubuntu and Debian.

  • Can CVE-2014-0429 be exploited remotely?

    Yes, CVE-2014-0429 can be exploited remotely by an attacker to trigger memory corruption.

  • What types of systems are at risk from CVE-2014-0429?

    Systems running unpatched versions of Oracle JDK, JRE, and IcedTea are at risk from CVE-2014-0429.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203