Unspecified vulnerability in the JavaFX component in Oracle Java SE JavaFX 2.2.4 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than other CVEs listed in the February 2013 CPU. NOTE: the previous information is from the February 2013 CPU. Oracle has not commented on claims from a third party that the issue allows remote attackers to execute arbitrary code via vectors related to an invalid type cast and exposed native methods in the T2KGlyph class.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Javafx | Oracle | * | 2.2.4 (including) |
| Javafx | Oracle | 2.0 (including) | 2.0 (including) |
| Javafx | Oracle | 2.0.2 (including) | 2.0.2 (including) |
| Javafx | Oracle | 2.0.3 (including) | 2.0.3 (including) |
| Javafx | Oracle | 2.1 (including) | 2.1 (including) |
| Javafx | Oracle | 2.2 (including) | 2.2 (including) |
| Javafx | Oracle | 2.2.3 (including) | 2.2.3 (including) |
| Openjdk-6 | Ubuntu | hardy | * |
| Openjdk-6b18 | Ubuntu | lucid | * |
| Openjdk-6b18 | Ubuntu | oneiric | * |
| Sun-java5 | Ubuntu | hardy | * |
| Sun-java5 | Ubuntu | upstream | * |
| Sun-java6 | Ubuntu | hardy | * |