Executive Summary

Title OpenJDK 7 vulnerability
Name USN-3942-1 First vendor Publication 2019-04-09
Vendor Ubuntu Last vendor Modification 2019-04-09
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:P/I:N/A:N)
Cvss Base Score 4.3 Attack Range Network
Cvss Impact Score 2.9 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores


A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 14.04 LTS


Java applets or applications could be made to expose sensitive information.

Software Description: - openjdk-7: Open Source Java implementation


It was discovered that a memory disclosure issue existed in the OpenJDK Library subsystem. An attacker could use this to expose sensitive information and possibly bypass Java sandbox restrictions.

Update instructions:

The problem can be corrected by updating your system to the following package versions:

Ubuntu 14.04 LTS:
icedtea-7-jre-jamvm 7u211-2.6.17-0ubuntu0.1
openjdk-7-jdk 7u211-2.6.17-0ubuntu0.1
openjdk-7-jre 7u211-2.6.17-0ubuntu0.1

This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to restart any Java applications or applets to make all the necessary changes.


Package Information:

Original Source

Url : http://www.ubuntu.com/usn/USN-3942-1

CPE : Common Platform Enumeration

Application 3
Application 1
Application 2
Application 3
Application 3
Application 1
Os 4
Os 2
Os 1
Os 2
Os 3
Os 1
Os 1
Os 1
Os 2

Alert History

If you want to see full details history, please login or register.
Date Informations
2019-04-09 05:18:37
  • First insertion