Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
kasperskyKaspersky LabKLA10548
HistoryApr 14, 2015 - 12:00 a.m.

KLA10548 Multiple vulnerabilities in Oracle products

2015-04-1400:00:00
Kaspersky Lab
threats.kaspersky.com
89

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.4

Confidence

Low

EPSS

0.948

Percentile

99.3%

JSON

An unspecified vulnerabilities were found in Oracle products. By exploiting these vulnerabilities malicious users can affect integrity, availability and confidentiality. These vulnerabilities can be exploited remotely via an unknown vectors related to 2D, Hotspot, JavaFX, Delpoyment, Tools, JSSE, Beans and JCE.

Original advisories

Oracle bulletin

Related products

Oracle-Java-JRE-1.7.x

Oracle-Java-JDK-1.7.x

Oracle-Java-JDK-1.8.x-3

Oracle-Java-JRE-1.8.x

Oracle-JRockit

CVE list

CVE-2015-0204 warning

CVE-2015-0484 high

CVE-2015-0492 critical

CVE-2015-0469 critical

CVE-2015-0478 warning

CVE-2015-0480 high

CVE-2015-0477 warning

CVE-2015-0458 critical

CVE-2015-0459 critical

CVE-2015-0470 warning

CVE-2015-0488 critical

CVE-2015-0486 critical

CVE-2015-0491 critical

CVE-2015-0460 critical

Solution

Update to the latest version

Get Java SE

Impacts

  • ACE

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

  • OSI

Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.

  • DoS

Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.

  • SB

Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.

  • LoI

Loss of integrity. Exploitation of vulnerabilities with this impact can lead to partial system fault or system components connection disruption.

Affected Products

  • Oracle Java SE 5u81, 6u91, 7u76, 8u40Oracle JavaFX 2.2.76Oracle JRockit R28.3.5

Related

nessus 51
kaspersky 1
openvas 48
suse 10
f5 3
ibm 13
redhat 12
debian 3
osv 3
ubuntu 2
archlinux 6
centos 4
veracode 11
amazon 3
oraclelinux 4
mageia 1
aix 1
atlassian 3
nvd 3
debiancve 3
prion 4
ubuntucve 3
cve 4
cvelist 3
nessus
nessus
Oracle Java SE Multiple Vulnerabilities (April 2015 CPU) (FREAK)
2015-04-16 00:00:00
Oracle Java SE 8 < Update 41 Multiple Vulnerabilities
2015-01-22 00:00:00
Oracle Java SE 7 < Update 77 Multiple Vulnerabilities
2015-01-22 00:00:00
kaspersky
kaspersky
KLA10551 Code execution vulnerabilities in Microsoft Office
2015-04-14 00:00:00
openvas
openvas
openSUSE: Security Advisory for java-1_8_0-openjdk (openSUSE-SU-2015:0773-1)
2015-09-18 00:00:00
SUSE: Security Advisory (SUSE-SU-2015:0789-1)
2021-04-19 00:00:00
SUSE: Security Advisory for java-1_7_0-openjdk (SUSE-SU-2015:0833-1)
2015-10-16 00:00:00
suse
suse
Security update for java-1_8_0-openjdk (important)
2015-04-27 13:05:39
Security update for java-1_7_0-openjdk (important)
2015-04-27 13:05:55
Security update for java-1_7_0-openjdk (critical)
2015-05-07 21:04:54
f5
f5
K17125 : Multiple Java vulnerabilities
2015-08-12 00:00:00
SOL17125 - Multiple Java vulnerabilities
2015-08-12 00:00:00
SOL17136 - Java and JRockit vulnerabilities CVE-2015-0478 and CVE-2015-0488
2015-08-24 00:00:00
ibm
ibm
Security Bulletin: April 2015 Java Platform Standard Edition Vulnerabilities in Multiple N series Products
2018-06-18 00:28:27
Security Bulletin: CICS Transaction Gateway for Multiplatforms
2018-06-15 07:03:06
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Tivoli Storage Productivity Center April 2015 CPU
2022-08-19 23:26:06
redhat
redhat
(RHSA-2015:0854) Critical: java-1.8.0-oracle security update
2015-04-17 09:51:55
(RHSA-2015:0857) Critical: java-1.7.0-oracle security update
2015-04-20 13:52:00
(RHSA-2015:0858) Important: java-1.6.0-sun security update
2015-04-20 14:05:19
debian
debian
[SECURITY] [DSA 3234-1] openjdk-6 security update
2015-04-24 18:39:47
[SECURITY] [DSA 3235-1] openjdk-7 security update
2015-04-24 18:41:20
[SECURITY] [DLA 213-1] openjdk-6 security update
2015-04-30 13:41:01
osv
osv
openjdk-6 - security update
2015-04-30 00:00:00
openjdk-6 - security update
2015-04-24 00:00:00
openjdk-7 - security update
2015-04-24 00:00:00
ubuntu
ubuntu
OpenJDK 6 vulnerabilities
2015-04-21 00:00:00
OpenJDK 7 vulnerabilities
2015-04-21 00:00:00
archlinux
archlinux
jre8-openjdk: multiple issues
2015-04-17 00:00:00
jre8-openjdk-headless: multiple issues
2015-04-17 00:00:00
jdk8-openjdk: multiple issues
2015-04-17 00:00:00
centos
centos
java security update
2015-04-15 11:10:56
java security update
2015-04-15 11:08:38
java security update
2015-04-15 11:09:51
veracode
veracode
Sandbox Protection Bypass
2019-05-02 05:13:16
Sandbox Protection Bypass
2019-05-02 05:13:14
Sandbox Protection Bypass
2019-05-02 05:13:14
amazon
amazon
Important: java-1.8.0-openjdk
2015-05-05 15:44:00
Important: java-1.7.0-openjdk
2015-04-23 00:44:00
Important: java-1.6.0-openjdk
2015-04-23 00:44:00
oraclelinux
oraclelinux
java-1.8.0-openjdk security update
2015-04-15 00:00:00
java-1.7.0-openjdk security update
2015-04-15 00:00:00
java-1.6.0-openjdk security update
2015-04-15 00:00:00
mageia
mageia
Updated java-1.7.0-openjdk packages fix security vulnerabilities
2015-04-15 20:22:53
aix
aix
Multiple vulnerabilities in IBM Java SDK affect AIX
2015-06-03 12:58:42
atlassian
atlassian
Multiple vulnerabilites in Java 1.7.0_15
2015-04-16 06:32:43
Multiple vulnerabilites in Java 1.7.0_15
2015-04-16 06:32:43
Multiple vulnerabilites in Java 1.7.0_15
2015-04-16 06:32:43
nvd
nvd
CVE-2015-0492
2015-04-16 16:59:43
CVE-2015-0484
2015-04-16 16:59:36
CVE-2015-0491
2015-04-16 16:59:42
debiancve
debiancve
CVE-2015-0492
2015-04-16 16:59:43
CVE-2015-0491
2015-04-16 16:59:42
CVE-2015-0484
2015-04-16 16:59:36
prion
prion
Design/Logic Flaw
2015-04-16 16:59:00
Design/Logic Flaw
2015-04-16 16:59:00
Design/Logic Flaw
2015-04-16 16:59:00
ubuntucve
ubuntucve
CVE-2015-0484
2015-04-16 00:00:00
CVE-2015-0492
2015-04-16 00:00:00
CVE-2015-0459
2015-04-16 00:00:00
cve
cve
CVE-2015-0484
2015-04-16 16:59:36
CVE-2015-0491
2015-04-16 16:59:42
CVE-2015-0492
2015-04-16 16:59:43
cvelist
cvelist
CVE-2015-0491
2015-04-16 16:00:00
CVE-2015-0492
2015-04-16 16:00:00
CVE-2015-0484
2015-04-16 16:00:00

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.4

Confidence

Low

EPSS

0.948

Percentile

99.3%

JSON
Related for KLA10548
nessus51kaspersky1openvas48suse10f53ibm13redhat12debian3osv3ubuntu2archlinux6centos4veracode11amazon3oraclelinux4mageia1aix1atlassian3nvd3debiancve3prion4ubuntucve3cve4cvelist3