Lucene search

[email protected]CVE-2015-4882

HistoryOct 21, 2015 - 11:59 p.m.

CVE-2015-4882

2015-10-2123:59:45

[email protected]

web.nvd.nist.gov

cve-2015-4882

oracle java

vulnerability

remote attack

availability

corba

nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

5.2 Medium

AI Score

Confidence

Low

0.033 Low

EPSS

Percentile

91.4%

JSON

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect availability via vectors related to CORBA.

Affected configurations

NVD

Node

oraclejdkMatch1.6.0update101

oraclejdkMatch1.7.0update85

oraclejdkMatch1.8.0update51

oraclejdkMatch1.8.0update60

oraclejreMatch1.6.0update_101

oraclejreMatch1.7.0update_85

oraclejreMatch1.8.0update_51

oraclejreMatch1.8.0update_60

CPENameOperatorVersion
oracle:jdkoracle jdkeq1.6.0
oracle:jdkoracle jdkeq1.7.0
oracle:jdkoracle jdkeq1.8.0
oracle:jreoracle jreeq1.6.0
oracle:jreoracle jreeq1.7.0
oracle:jreoracle jreeq1.8.0

CPE	Name	Operator	Version
oracle:jdk	oracle jdk	eq	1.6.0
oracle:jdk	oracle jdk	eq	1.7.0
oracle:jdk	oracle jdk	eq	1.8.0
oracle:jre	oracle jre	eq	1.6.0
oracle:jre	oracle jre	eq	1.7.0
oracle:jre	oracle jre	eq	1.8.0

References

lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html

lists.opensuse.org/opensuse-security-announce/2015-11/msg00001.html

lists.opensuse.org/opensuse-security-announce/2015-11/msg00008.html

lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html

lists.opensuse.org/opensuse-security-announce/2015-11/msg00010.html

lists.opensuse.org/opensuse-security-announce/2015-11/msg00019.html

lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html

lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html

lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html

lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html

lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html

lists.opensuse.org/opensuse-security-announce/2015-12/msg00014.html

lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html

lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html

rhn.redhat.com/errata/RHSA-2015-1919.html

rhn.redhat.com/errata/RHSA-2015-1920.html

rhn.redhat.com/errata/RHSA-2015-1921.html

rhn.redhat.com/errata/RHSA-2015-1926.html

rhn.redhat.com/errata/RHSA-2015-1927.html

rhn.redhat.com/errata/RHSA-2015-1928.html

rhn.redhat.com/errata/RHSA-2015-2506.html

rhn.redhat.com/errata/RHSA-2015-2507.html

rhn.redhat.com/errata/RHSA-2015-2508.html

rhn.redhat.com/errata/RHSA-2015-2509.html

www.debian.org/security/2015/dsa-3381

www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html

www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

www.securityfocus.com/bid/77181

www.securitytracker.com/id/1033884

www.ubuntu.com/usn/USN-2784-1

www.ubuntu.com/usn/USN-2827-1

access.redhat.com/errata/RHSA-2016:1430

security.gentoo.org/glsa/201603-11

security.gentoo.org/glsa/201603-14

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

5.2 Medium

AI Score

Confidence

Low

0.033 Low

EPSS

Percentile

91.4%

JSON

Related for CVE-2015-4882

debiancve1 prion1 nvd1 ubuntucve1 cvelist1 nessus55 ibm14 openvas47 amazon3 veracode19 redhat12 debian3 centos4 oraclelinux4 ubuntu2 suse17 mageia1 archlinux6 aix1 freebsd1 f52 kaspersky1 gentoo2