OracleCVE-2015-4881CVE-2015-4881
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
94.4%
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA, a different vulnerability than CVE-2015-4835.
Affected configurations
| Vendor | Product | Version | CPE |
|---|---|---|---|
| oracle | jdk | 1.6.0 | cpe:2.3:a:oracle:jdk:1.6.0:update101:*:*:*:*:*:* |
| oracle | jdk | 1.7.0 | cpe:2.3:a:oracle:jdk:1.7.0:update85:*:*:*:*:*:* |
| oracle | jdk | 1.8.0 | cpe:2.3:a:oracle:jdk:1.8.0:update51:*:*:*:*:*:* |
| oracle | jdk | 1.8.0 | cpe:2.3:a:oracle:jdk:1.8.0:update60:*:*:*:*:*:* |
| oracle | jre | 1.6.0 | cpe:2.3:a:oracle:jre:1.6.0:update_101:*:*:*:*:*:* |
| oracle | jre | 1.7.0 | cpe:2.3:a:oracle:jre:1.7.0:update_85:*:*:*:*:*:* |
| oracle | jre | 1.8.0 | cpe:2.3:a:oracle:jre:1.8.0:update_51:*:*:*:*:*:* |
| oracle | jre | 1.8.0 | cpe:2.3:a:oracle:jre:1.8.0:update_60:*:*:*:*:*:* |
References
lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html
lists.opensuse.org/opensuse-security-announce/2015-11/msg00001.html
lists.opensuse.org/opensuse-security-announce/2015-11/msg00008.html
lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html
lists.opensuse.org/opensuse-security-announce/2015-11/msg00010.html
lists.opensuse.org/opensuse-security-announce/2015-11/msg00019.html
lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html
rhn.redhat.com/errata/RHSA-2015-1919.html
rhn.redhat.com/errata/RHSA-2015-1920.html
rhn.redhat.com/errata/RHSA-2015-1921.html
rhn.redhat.com/errata/RHSA-2015-1926.html
rhn.redhat.com/errata/RHSA-2015-1927.html
rhn.redhat.com/errata/RHSA-2015-1928.html
www.debian.org/security/2015/dsa-3381
www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
www.securityfocus.com/bid/77159
www.securitytracker.com/id/1033884
www.ubuntu.com/usn/USN-2784-1
www.ubuntu.com/usn/USN-2827-1
security.gentoo.org/glsa/201603-11
security.gentoo.org/glsa/201603-14
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
94.4%