Lucene search

OracleCVE-2015-4901

HistoryOct 22, 2015 - 12:00 a.m.

CVE-2015-4901

2015-10-2200:00:01

oracle

web.nvd.nist.gov

cve-2015-4901

oracle

java

se 8u60

vulnerability

confidentiality

integrity

availability

remote attackers

javafx

nvd

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

3.6

Confidence

High

EPSS

0.011

Percentile

84.6%

JSON

Unspecified vulnerability in Oracle Java SE 8u60 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to JavaFX.

Affected configurations

Nvd

Node

oraclejdkMatch1.8.0update60

oraclejreMatch1.8.0update_60

VendorProductVersionCPE
oraclejdk1.8.0cpe:2.3:a:oracle:jdk:1.8.0:update60:*:*:*:*:*:*
oraclejre1.8.0cpe:2.3:a:oracle:jre:1.8.0:update_60:*:*:*:*:*:*

Vendor	Product	Version	CPE
oracle	jdk	1.8.0	cpe:2.3:a:oracle:jdk:1.8.0:update60::::::
oracle	jre	1.8.0	cpe:2.3:a:oracle:jre:1.8.0:update_60::::::

References

lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html

lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html

rhn.redhat.com/errata/RHSA-2015-1926.html

www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html

www.securityfocus.com/bid/77226

www.securitytracker.com/id/1033884

security.gentoo.org/glsa/201603-11

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

3.6

Confidence

High

EPSS

0.011

Percentile

84.6%

JSON

Related for CVE-2015-4901