First published: Mon Apr 14 2014(Updated: )
It was discovered that the AlgorithmChecker and SignatureAndHashAlgorithm classes did not properly prevent the SIGNATURE_PRIMITIVE_SET set from being modified. An untrusted Java application or applet could possibly use this flaw to alter the content of the SIGNATURE_PRIMITIVE_SET set.
Credit: secalert_us@oracle.com
Affected Software | Affected Version | How to fix |
---|---|---|
Canonical Ubuntu Linux | =12.10 | |
Canonical Ubuntu Linux | =13.10 | |
Canonical Ubuntu Linux | =14.04 | |
Oracle JDK | =1.7.0-update51 | |
Oracle JDK | =1.8.0 | |
Oracle JRE | =1.7.0-update51 | |
Oracle JRE | =1.8.0 | |
IBM Forms Viewer | >=4.0.0<4.0.0.3 | |
IBM Forms Viewer | >=8.0.0<8.0.1.1 | |
Microsoft Windows | ||
redhat/icedtea | <2.4.7 | 2.4.7 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.