Lucene search

[email protected]NVD:CVE-2015-4844

HistoryOct 21, 2015 - 11:59 p.m.

CVE-2015-4844

2015-10-2123:59:12

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.1

Confidence

Low

EPSS

0.023

Percentile

89.7%

JSON

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.

Affected configurations

Nvd

Node

oraclejdkMatch1.6.0update101

oraclejdkMatch1.7.0update85

oraclejdkMatch1.8.0update51

oraclejdkMatch1.8.0update60

oraclejreMatch1.6.0update_101

oraclejreMatch1.7.0update_85

oraclejreMatch1.8.0update_51

oraclejreMatch1.8.0update_60

VendorProductVersionCPE
oraclejdk1.6.0cpe:2.3:a:oracle:jdk:1.6.0:update101:*:*:*:*:*:*
oraclejdk1.7.0cpe:2.3:a:oracle:jdk:1.7.0:update85:*:*:*:*:*:*
oraclejdk1.8.0cpe:2.3:a:oracle:jdk:1.8.0:update51:*:*:*:*:*:*
oraclejdk1.8.0cpe:2.3:a:oracle:jdk:1.8.0:update60:*:*:*:*:*:*
oraclejre1.6.0cpe:2.3:a:oracle:jre:1.6.0:update_101:*:*:*:*:*:*
oraclejre1.7.0cpe:2.3:a:oracle:jre:1.7.0:update_85:*:*:*:*:*:*
oraclejre1.8.0cpe:2.3:a:oracle:jre:1.8.0:update_51:*:*:*:*:*:*
oraclejre1.8.0cpe:2.3:a:oracle:jre:1.8.0:update_60:*:*:*:*:*:*

Vendor	Product	Version	CPE
oracle	jdk	1.6.0	cpe:2.3:a:oracle:jdk:1.6.0:update101::::::
oracle	jdk	1.7.0	cpe:2.3:a:oracle:jdk:1.7.0:update85::::::
oracle	jdk	1.8.0	cpe:2.3:a:oracle:jdk:1.8.0:update51::::::
oracle	jdk	1.8.0	cpe:2.3:a:oracle:jdk:1.8.0:update60::::::
oracle	jre	1.6.0	cpe:2.3:a:oracle:jre:1.6.0:update_101::::::
oracle	jre	1.7.0	cpe:2.3:a:oracle:jre:1.7.0:update_85::::::
oracle	jre	1.8.0	cpe:2.3:a:oracle:jre:1.8.0:update_51::::::
oracle	jre	1.8.0	cpe:2.3:a:oracle:jre:1.8.0:update_60::::::

References

lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html

lists.opensuse.org/opensuse-security-announce/2015-11/msg00001.html

lists.opensuse.org/opensuse-security-announce/2015-11/msg00008.html

lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html

lists.opensuse.org/opensuse-security-announce/2015-11/msg00010.html

lists.opensuse.org/opensuse-security-announce/2015-11/msg00019.html

lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html

lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html

lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html

lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html

lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html

lists.opensuse.org/opensuse-security-announce/2015-12/msg00014.html

lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html

lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html

rhn.redhat.com/errata/RHSA-2015-1919.html

rhn.redhat.com/errata/RHSA-2015-1920.html

rhn.redhat.com/errata/RHSA-2015-1921.html

rhn.redhat.com/errata/RHSA-2015-1926.html

rhn.redhat.com/errata/RHSA-2015-1927.html

rhn.redhat.com/errata/RHSA-2015-1928.html

rhn.redhat.com/errata/RHSA-2015-2506.html

rhn.redhat.com/errata/RHSA-2015-2507.html

rhn.redhat.com/errata/RHSA-2015-2508.html

rhn.redhat.com/errata/RHSA-2015-2509.html

rhn.redhat.com/errata/RHSA-2015-2518.html

www.debian.org/security/2015/dsa-3381

www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html

www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

www.securityfocus.com/bid/77164

www.securitytracker.com/id/1033884

www.ubuntu.com/usn/USN-2784-1

www.ubuntu.com/usn/USN-2827-1

access.redhat.com/errata/RHSA-2016:1430

security.gentoo.org/glsa/201603-11

security.gentoo.org/glsa/201603-14

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.1

Confidence

Low

EPSS

0.023

Percentile

89.7%

JSON

Related for NVD:CVE-2015-4844

openvas47 ubuntucve2 prion1 debiancve1 cve1 mageia2 cvelist1 nessus56 osv2 debian6 ubuntu3 cloudfoundry1 ibm13 redhat12 photon1 amazon3 veracode19 centos4 oraclelinux4 suse9 archlinux6 aix1 freebsd1 f52 kaspersky1