10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2015-4732.
Recent assessments:
gwillcox-r7 at November 23, 2020 6:11pm UTC reported:
Reported as exploited in the wild as part of Google’s 2020 0day vulnerability spreadsheet they made available at <https://docs.google.com/spreadsheets/d/1lkNJ0uQwbeC1ZTRrxdtuPLCIl7mlUreoKfSIgajnSyY/edit#gid=1869060786>. Original tweet announcing this spreadsheet with the 2020 findings can be found at <https://twitter.com/maddiestone/status/1329837665378725888>
Assessed Attacker Value: 0
Assessed Attacker Value: 0Assessed Attacker Value: 0
lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html
lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html
lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html
lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html
rhn.redhat.com/errata/RHSA-2015-1228.html
rhn.redhat.com/errata/RHSA-2015-1229.html
rhn.redhat.com/errata/RHSA-2015-1230.html
rhn.redhat.com/errata/RHSA-2015-1241.html
rhn.redhat.com/errata/RHSA-2015-1242.html
rhn.redhat.com/errata/RHSA-2015-1243.html
rhn.redhat.com/errata/RHSA-2015-1485.html
rhn.redhat.com/errata/RHSA-2015-1486.html
rhn.redhat.com/errata/RHSA-2015-1488.html
rhn.redhat.com/errata/RHSA-2015-1526.html
rhn.redhat.com/errata/RHSA-2015-1544.html
rhn.redhat.com/errata/RHSA-2015-1604.html
www.debian.org/security/2015/dsa-3316
www.debian.org/security/2015/dsa-3339
www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
www.securityfocus.com/bid/75818
www.securitytracker.com/id/1032910
www.ubuntu.com/usn/USN-2696-1
www.ubuntu.com/usn/USN-2706-1
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2590
security.gentoo.org/glsa/201603-11
security.gentoo.org/glsa/201603-14