Lucene search

[email protected]CVE-2015-4903

HistoryOct 22, 2015 - 12:00 a.m.

CVE-2015-4903

2015-10-2200:00:04

[email protected]

web.nvd.nist.gov

cve-2015-4903

oracle

java se

vulnerability

confidentiality

rmi

nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

5 Medium

AI Score

Confidence

Low

0.009 Low

EPSS

Percentile

82.5%

JSON

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via vectors related to RMI.

Affected configurations

NVD

Node

oraclejdkMatch1.6.0update101

oraclejdkMatch1.7.0update85

oraclejdkMatch1.8.0update51

oraclejdkMatch1.8.0update60

oraclejreMatch1.6.0update_101

oraclejreMatch1.7.0update_85

oraclejreMatch1.8.0update_51

oraclejreMatch1.8.0update_60

CPENameOperatorVersion
oracle:jdkoracle jdkeq1.6.0
oracle:jdkoracle jdkeq1.7.0
oracle:jdkoracle jdkeq1.8.0
oracle:jreoracle jreeq1.6.0
oracle:jreoracle jreeq1.7.0
oracle:jreoracle jreeq1.8.0

CPE	Name	Operator	Version
oracle:jdk	oracle jdk	eq	1.6.0
oracle:jdk	oracle jdk	eq	1.7.0
oracle:jdk	oracle jdk	eq	1.8.0
oracle:jre	oracle jre	eq	1.6.0
oracle:jre	oracle jre	eq	1.7.0
oracle:jre	oracle jre	eq	1.8.0

References

lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html

lists.opensuse.org/opensuse-security-announce/2015-11/msg00001.html

lists.opensuse.org/opensuse-security-announce/2015-11/msg00008.html

lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html

lists.opensuse.org/opensuse-security-announce/2015-11/msg00010.html

lists.opensuse.org/opensuse-security-announce/2015-11/msg00019.html

lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html

lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html

lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html

lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html

lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html

lists.opensuse.org/opensuse-security-announce/2015-12/msg00014.html

lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html

lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html

rhn.redhat.com/errata/RHSA-2015-1919.html

rhn.redhat.com/errata/RHSA-2015-1920.html

rhn.redhat.com/errata/RHSA-2015-1921.html

rhn.redhat.com/errata/RHSA-2015-1926.html

rhn.redhat.com/errata/RHSA-2015-1927.html

rhn.redhat.com/errata/RHSA-2015-1928.html

rhn.redhat.com/errata/RHSA-2015-2506.html

rhn.redhat.com/errata/RHSA-2015-2507.html

rhn.redhat.com/errata/RHSA-2015-2508.html

rhn.redhat.com/errata/RHSA-2015-2509.html

rhn.redhat.com/errata/RHSA-2015-2518.html

www.debian.org/security/2015/dsa-3381

www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html

www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

www.securityfocus.com/bid/77194

www.securitytracker.com/id/1033884

www.ubuntu.com/usn/USN-2784-1

www.ubuntu.com/usn/USN-2827-1

access.redhat.com/errata/RHSA-2016:1430

security.gentoo.org/glsa/201603-11

security.gentoo.org/glsa/201603-14

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

5 Medium

AI Score

Confidence

Low

0.009 Low

EPSS

Percentile

82.5%

JSON

Related for CVE-2015-4903

ubuntucve1 prion1 nvd1 debiancve1 cvelist1 ibm15 redhat13 nessus54 openvas47 amazon3 veracode19 debian3 centos4 oraclelinux4 suse17 ubuntu2 mageia1 archlinux6 aix1 freebsd1 f52 kaspersky1 gentoo1