UbuntuUSN-2486-1OpenJDK 6 vulnerabilities
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
100.0%
Releases
- Ubuntu 12.04
- Ubuntu 10.04
Packages
- openjdk-6 - Open Source Java implementation
Details
Several vulnerabilities were discovered in the OpenJDK JRE related to
information disclosure, data integrity and availability. An attacker could
exploit these to cause a denial of service or expose sensitive data over
the network. (CVE-2014-3566, CVE-2014-6587, CVE-2014-6601, CVE-2015-0395,
CVE-2015-0408, CVE-2015-0412)
Several vulnerabilities were discovered in the OpenJDK JRE related to
information disclosure. An attacker could exploit these to expose sensitive
data over the network. (CVE-2014-6585, CVE-2014-6591, CVE-2015-0400,
CVE-2015-0407)
A vulnerability was discovered in the OpenJDK JRE related to
information disclosure and integrity. An attacker could exploit this to
expose sensitive data over the network. (CVE-2014-6593)
A vulnerability was discovered in the OpenJDK JRE related to integrity and
availability. An attacker could exploit this to cause a denial of service.
(CVE-2015-0383)
A vulnerability was discovered in the OpenJDK JRE related to availability.
An attacker could this exploit to cause a denial of service.
(CVE-2015-0410)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 12.04 | noarch | icedtea-6-jre-cacao | < 6b34-1.13.6-1ubuntu0.12.04.1 | UNKNOWN |
| Ubuntu | 12.04 | noarch | icedtea-6-jre-jamvm | < 6b34-1.13.6-1ubuntu0.12.04.1 | UNKNOWN |
| Ubuntu | 12.04 | noarch | openjdk-6-dbg | < 6b34-1.13.6-1ubuntu0.12.04.1 | UNKNOWN |
| Ubuntu | 12.04 | noarch | openjdk-6-demo | < 6b34-1.13.6-1ubuntu0.12.04.1 | UNKNOWN |
| Ubuntu | 12.04 | noarch | openjdk-6-jdk | < 6b34-1.13.6-1ubuntu0.12.04.1 | UNKNOWN |
| Ubuntu | 12.04 | noarch | openjdk-6-jre | < 6b34-1.13.6-1ubuntu0.12.04.1 | UNKNOWN |
| Ubuntu | 12.04 | noarch | openjdk-6-jre-headless | < 6b34-1.13.6-1ubuntu0.12.04.1 | UNKNOWN |
| Ubuntu | 12.04 | noarch | openjdk-6-jre-zero | < 6b34-1.13.6-1ubuntu0.12.04.1 | UNKNOWN |
| Ubuntu | 12.04 | noarch | openjdk-6-jre-lib | < 6b34-1.13.6-1ubuntu0.12.04.1 | UNKNOWN |
| Ubuntu | 10.04 | noarch | openjdk-6-jre-headless | < 6b34-1.13.6-1ubuntu0.10.04.1 | UNKNOWN |
References
ubuntu.com/security/CVE-2014-3566
ubuntu.com/security/CVE-2014-6585
ubuntu.com/security/CVE-2014-6587
ubuntu.com/security/CVE-2014-6591
ubuntu.com/security/CVE-2014-6593
ubuntu.com/security/CVE-2014-6601
ubuntu.com/security/CVE-2015-0383
ubuntu.com/security/CVE-2015-0395
ubuntu.com/security/CVE-2015-0400
ubuntu.com/security/CVE-2015-0407
ubuntu.com/security/CVE-2015-0408
ubuntu.com/security/CVE-2015-0410
ubuntu.com/security/CVE-2015-0412
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
100.0%