JDK: unspecified Java sandbox restrictions bypass

🗓️ 13 May 2015 13:33:04Reported by RedHatType

redhat

redhat🔗 access.redhat.com👁 3 Views

Unspecified IBM Java sandbox bypass vulnerability enables remote privilege escalation via JVM.

Reporter	Title	Published	Views	Family All 75
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in current releases of the IBM® SDK, Java™ Technology Edition	15 Jun 201807:02	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in RC4 cipher stream and multiple vulnerabilities in IBM SDK Java Technology Edition affects IBM Systems Director	31 Jan 201902:10	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in RC4 cipher stream (CVE-2015-2808) and multiple vulnerabilities in IBM SDK Java Technology Edition affects IBM Systems Director	31 Jan 201902:10	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java affect IBM Security Network Protection	16 Jun 201821:25	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in RC4 cipher stream (CVE-2015-2808) and multiple vulnerabilities in IBM SDK Java Technology Edition affects IBM Systems Director.	31 Jan 201902:10	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities, including Freak and Bar Mitzvah, in IBM Java SDK affect IBM i.	18 Dec 201914:26	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java SDK 7 affect IBM Systems Director Storage Control	31 Jan 201902:10	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Runtime Environment Java Technology Edition, Version 1.5.0 and 1.7.0 affect IBM Flex System Manager (FSM)	18 Jun 201801:29	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java SDK including Logjam affect IBM Fabric Manager (IFM)	30 Jan 201908:20	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Rational Functional Tester	29 Sep 201820:06	–	ibm

OS	OS Version	Architecture	Package	Package Version	Filename
Red Hat Enterprise Linux	5	i386	java-1.7.0-ibm	1:1.7.0.9.0-1jpp.1.el5	java-1.7.0-ibm-1:1.7.0.9.0-1jpp.1.el5.i386.rpm
Red Hat Enterprise Linux	5	ppc	java-1.7.0-ibm	1:1.7.0.9.0-1jpp.1.el5	java-1.7.0-ibm-1:1.7.0.9.0-1jpp.1.el5.ppc.rpm
Red Hat Enterprise Linux	5	ppc64	java-1.7.0-ibm	1:1.7.0.9.0-1jpp.1.el5	java-1.7.0-ibm-1:1.7.0.9.0-1jpp.1.el5.ppc64.rpm
Red Hat Enterprise Linux	5	s390	java-1.7.0-ibm	1:1.7.0.9.0-1jpp.1.el5	java-1.7.0-ibm-1:1.7.0.9.0-1jpp.1.el5.s390.rpm
Red Hat Enterprise Linux	5	s390x	java-1.7.0-ibm	1:1.7.0.9.0-1jpp.1.el5	java-1.7.0-ibm-1:1.7.0.9.0-1jpp.1.el5.s390x.rpm
Red Hat Enterprise Linux	5	x86_64	java-1.7.0-ibm	1:1.7.0.9.0-1jpp.1.el5	java-1.7.0-ibm-1:1.7.0.9.0-1jpp.1.el5.x86_64.rpm
Red Hat Enterprise Linux	5	i386	java-1.7.0-ibm-demo	1:1.7.0.9.0-1jpp.1.el5	java-1.7.0-ibm-demo-1:1.7.0.9.0-1jpp.1.el5.i386.rpm
Red Hat Enterprise Linux	5	ppc	java-1.7.0-ibm-demo	1:1.7.0.9.0-1jpp.1.el5	java-1.7.0-ibm-demo-1:1.7.0.9.0-1jpp.1.el5.ppc.rpm
Red Hat Enterprise Linux	5	ppc64	java-1.7.0-ibm-demo	1:1.7.0.9.0-1jpp.1.el5	java-1.7.0-ibm-demo-1:1.7.0.9.0-1jpp.1.el5.ppc64.rpm
Red Hat Enterprise Linux	5	s390	java-1.7.0-ibm-demo	1:1.7.0.9.0-1jpp.1.el5	java-1.7.0-ibm-demo-1:1.7.0.9.0-1jpp.1.el5.s390.rpm

Source	Link
access	www.access.redhat.com/security/cve/CVE-2015-0192
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
nvd	www.nvd.nist.gov/vuln/detail/CVE-2015-0192
cve	www.cve.org/CVERecord

13 Jan 2026 21:13Current

5.8Medium risk

Vulners AI Score5.8

CVSS 27.5

EPSS0.02496

ibm java sandbox bypass remote privilege escalation java virtual machine