CVE-2014-2410

critical

Published 2014-04-16 · Modified 2026-05-06

CVSS v3

—

CVSS v2

9.3

VIR risk

9.3

Description

Unspecified vulnerability in Oracle Java SE 8 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX.

Predictions

Exploit likelihood

20%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: secalert_us@oracle.com — http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html

Application impact

Vendor	Product	Versions	Fixed
oracle	jdk	`1.8.0`
oracle	jre	`1.8.0`

References

http://security.gentoo.org/glsa/glsa-201502-12.xml
http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html
http://www.securityfocus.com/bid/66886
http://security.gentoo.org/glsa/glsa-201502-12.xml
http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html
http://www.securityfocus.com/bid/66886

Verify integrity in audit chain (admin only). AS-IS.