Lucene search

K

OracleCVE-2015-4840

HistoryOct 21, 2015 - 11:59 p.m.

CVE-2015-4840

2015-10-2123:59:08

oracle

web.nvd.nist.gov

96

cve-2015-4840

oracle

java

vulnerability

2d

nvd

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

5.2

Confidence

Low

EPSS

0.008

Percentile

81.6%

Unspecified vulnerability in Oracle Java SE 7u85 and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via unknown vectors related to 2D.

Affected configurations

Nvd

Node

oraclejdkMatch1.7.0update85

OR

oraclejdkMatch1.8.0update51

OR

oraclejdkMatch1.8.0update60

OR

oraclejreMatch1.7.0update_85

OR

oraclejreMatch1.8.0update_51

OR

oraclejreMatch1.8.0update_60

VendorProductVersionCPE
oraclejdk1.7.0cpe:2.3:a:oracle:jdk:1.7.0:update85:*:*:*:*:*:*
oraclejdk1.8.0cpe:2.3:a:oracle:jdk:1.8.0:update51:*:*:*:*:*:*
oraclejdk1.8.0cpe:2.3:a:oracle:jdk:1.8.0:update60:*:*:*:*:*:*
oraclejre1.7.0cpe:2.3:a:oracle:jre:1.7.0:update_85:*:*:*:*:*:*
oraclejre1.8.0cpe:2.3:a:oracle:jre:1.8.0:update_51:*:*:*:*:*:*
oraclejre1.8.0cpe:2.3:a:oracle:jre:1.8.0:update_60:*:*:*:*:*:*

References

lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html

lists.opensuse.org/opensuse-security-announce/2015-11/msg00001.html

lists.opensuse.org/opensuse-security-announce/2015-11/msg00008.html

lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html

lists.opensuse.org/opensuse-security-announce/2015-11/msg00010.html

lists.opensuse.org/opensuse-security-announce/2015-11/msg00019.html

lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html

lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html

lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html

lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html

lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html

lists.opensuse.org/opensuse-security-announce/2015-12/msg00014.html

lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html

lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html

rhn.redhat.com/errata/RHSA-2015-1919.html

rhn.redhat.com/errata/RHSA-2015-1920.html

rhn.redhat.com/errata/RHSA-2015-1921.html

rhn.redhat.com/errata/RHSA-2015-1926.html

rhn.redhat.com/errata/RHSA-2015-1927.html

rhn.redhat.com/errata/RHSA-2015-2506.html

rhn.redhat.com/errata/RHSA-2015-2507.html

rhn.redhat.com/errata/RHSA-2015-2509.html

www.debian.org/security/2015/dsa-3381

www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html

www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

www.securityfocus.com/bid/77242

www.securitytracker.com/id/1033884

www.ubuntu.com/usn/USN-2784-1

access.redhat.com/errata/RHSA-2016:1430

security.gentoo.org/glsa/201603-11

security.gentoo.org/glsa/201603-14

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

AI Score

5.2

Confidence

Low

EPSS

0.008

Percentile

81.6%

Related for CVE-2015-4840

prion1 debiancve1 nvd1 ubuntucve1 cvelist1 openvas39 ibm14 nessus46 suse17 amazon2 oraclelinux3 centos3 redhat9 ubuntu1 veracode17 debian2 mageia1 archlinux6 aix1 f52 freebsd1 kaspersky1 gentoo2 osv2 securityvulns1 oracle1