Lucene search

OracleCVE-2015-4805

HistoryOct 21, 2015 - 9:59 p.m.

CVE-2015-4805

2015-10-2121:59:22

oracle

web.nvd.nist.gov

128

cve-2015-4805

oracle java

remote attack

confidentiality

integrity

availability

serialization

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

5.2

Confidence

Low

EPSS

0.083

Percentile

94.4%

JSON

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Serialization.

Affected configurations

Nvd

Node

oraclejdkMatch1.6.0update101

oraclejdkMatch1.7.0update85

oraclejdkMatch1.8.0update51

oraclejdkMatch1.8.0update60

oraclejreMatch1.6.0update_101

oraclejreMatch1.7.0update_85

oraclejreMatch1.8.0update_51

oraclejreMatch1.8.0update_60

VendorProductVersionCPE
oraclejdk1.6.0cpe:2.3:a:oracle:jdk:1.6.0:update101:*:*:*:*:*:*
oraclejdk1.7.0cpe:2.3:a:oracle:jdk:1.7.0:update85:*:*:*:*:*:*
oraclejdk1.8.0cpe:2.3:a:oracle:jdk:1.8.0:update51:*:*:*:*:*:*
oraclejdk1.8.0cpe:2.3:a:oracle:jdk:1.8.0:update60:*:*:*:*:*:*
oraclejre1.6.0cpe:2.3:a:oracle:jre:1.6.0:update_101:*:*:*:*:*:*
oraclejre1.7.0cpe:2.3:a:oracle:jre:1.7.0:update_85:*:*:*:*:*:*
oraclejre1.8.0cpe:2.3:a:oracle:jre:1.8.0:update_51:*:*:*:*:*:*
oraclejre1.8.0cpe:2.3:a:oracle:jre:1.8.0:update_60:*:*:*:*:*:*

Vendor	Product	Version	CPE
oracle	jdk	1.6.0	cpe:2.3:a:oracle:jdk:1.6.0:update101::::::
oracle	jdk	1.7.0	cpe:2.3:a:oracle:jdk:1.7.0:update85::::::
oracle	jdk	1.8.0	cpe:2.3:a:oracle:jdk:1.8.0:update51::::::
oracle	jdk	1.8.0	cpe:2.3:a:oracle:jdk:1.8.0:update60::::::
oracle	jre	1.6.0	cpe:2.3:a:oracle:jre:1.6.0:update_101::::::
oracle	jre	1.7.0	cpe:2.3:a:oracle:jre:1.7.0:update_85::::::
oracle	jre	1.8.0	cpe:2.3:a:oracle:jre:1.8.0:update_51::::::
oracle	jre	1.8.0	cpe:2.3:a:oracle:jre:1.8.0:update_60::::::

References

lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html

lists.opensuse.org/opensuse-security-announce/2015-11/msg00001.html

lists.opensuse.org/opensuse-security-announce/2015-11/msg00008.html

lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html

lists.opensuse.org/opensuse-security-announce/2015-11/msg00010.html

lists.opensuse.org/opensuse-security-announce/2015-11/msg00019.html

lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html

lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html

lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html

lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html

lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html

lists.opensuse.org/opensuse-security-announce/2015-12/msg00014.html

lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html

lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html

rhn.redhat.com/errata/RHSA-2015-1919.html

rhn.redhat.com/errata/RHSA-2015-1920.html

rhn.redhat.com/errata/RHSA-2015-1921.html

rhn.redhat.com/errata/RHSA-2015-1926.html

rhn.redhat.com/errata/RHSA-2015-1927.html

rhn.redhat.com/errata/RHSA-2015-1928.html

rhn.redhat.com/errata/RHSA-2015-2506.html

rhn.redhat.com/errata/RHSA-2015-2507.html

rhn.redhat.com/errata/RHSA-2015-2508.html

rhn.redhat.com/errata/RHSA-2015-2509.html

rhn.redhat.com/errata/RHSA-2015-2518.html

www.debian.org/security/2015/dsa-3381

www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html

www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

www.securityfocus.com/bid/77163

www.securitytracker.com/id/1033884

www.ubuntu.com/usn/USN-2784-1

www.ubuntu.com/usn/USN-2827-1

access.redhat.com/errata/RHSA-2016:1430

security.gentoo.org/glsa/201603-11

security.gentoo.org/glsa/201603-14

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

5.2

Confidence

Low

EPSS

0.083

Percentile

94.4%

JSON

Related for CVE-2015-4805