| ID |
CVE-2015-0437
|
| Summary |
Unspecified vulnerability in Oracle Java SE 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. |
| References |
|
| Vulnerable Configurations |
-
cpe:2.3:a:oracle:jdk:1.8.0:update25:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.8.0:update25:*:*:*:*:*:*
-
cpe:2.3:a:oracle:jre:1.8.0:update25:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.8.0:update25:*:*:*:*:*:*
-
cpe:2.3:o:novell:suse_linux_enterprise_desktop:11.0:sp3:*:*:*:*:*:*
cpe:2.3:o:novell:suse_linux_enterprise_desktop:11.0:sp3:*:*:*:*:*:*
|
| CVSS |
| Base: | 9.3 (as of 13-05-2022 - 14:57) |
| Impact: | |
| Exploitability: | |
|
| CWE |
NVD-CWE-noinfo |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| NETWORK |
MEDIUM |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| COMPLETE |
COMPLETE |
COMPLETE |
|
| cvss-vector
via4
|
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
| redhat
via4
|
| advisories | | bugzilla | | id | 1183715 | | title | CVE-2014-6587 OpenJDK: MulticastSocket NULL pointer dereference (Libraries, 8056264) |
| | oval | | OR | | comment | Red Hat Enterprise Linux must be installed | | oval | oval:com.redhat.rhba:tst:20070304026 |
| AND | | comment | Red Hat Enterprise Linux 6 is installed | | oval | oval:com.redhat.rhba:tst:20111656003 |
| OR | | AND | | comment | java-1.8.0-openjdk is earlier than 1:1.8.0.31-1.b13.el6_6 | | oval | oval:com.redhat.rhsa:tst:20150069001 |
| comment | java-1.8.0-openjdk is signed with Red Hat redhatrelease2 key | | oval | oval:com.redhat.rhsa:tst:20141636002 |
|
| AND | | comment | java-1.8.0-openjdk-demo is earlier than 1:1.8.0.31-1.b13.el6_6 | | oval | oval:com.redhat.rhsa:tst:20150069003 |
| comment | java-1.8.0-openjdk-demo is signed with Red Hat redhatrelease2 key | | oval | oval:com.redhat.rhsa:tst:20141636004 |
|
| AND | | comment | java-1.8.0-openjdk-devel is earlier than 1:1.8.0.31-1.b13.el6_6 | | oval | oval:com.redhat.rhsa:tst:20150069005 |
| comment | java-1.8.0-openjdk-devel is signed with Red Hat redhatrelease2 key | | oval | oval:com.redhat.rhsa:tst:20141636006 |
|
| AND | | comment | java-1.8.0-openjdk-headless is earlier than 1:1.8.0.31-1.b13.el6_6 | | oval | oval:com.redhat.rhsa:tst:20150069007 |
| comment | java-1.8.0-openjdk-headless is signed with Red Hat redhatrelease2 key | | oval | oval:com.redhat.rhsa:tst:20141636008 |
|
| AND | | comment | java-1.8.0-openjdk-javadoc is earlier than 1:1.8.0.31-1.b13.el6_6 | | oval | oval:com.redhat.rhsa:tst:20150069009 |
| comment | java-1.8.0-openjdk-javadoc is signed with Red Hat redhatrelease2 key | | oval | oval:com.redhat.rhsa:tst:20141636010 |
|
| AND | | comment | java-1.8.0-openjdk-src is earlier than 1:1.8.0.31-1.b13.el6_6 | | oval | oval:com.redhat.rhsa:tst:20150069011 |
| comment | java-1.8.0-openjdk-src is signed with Red Hat redhatrelease2 key | | oval | oval:com.redhat.rhsa:tst:20141636012 |
|
|
|
|
| | rhsa | | id | RHSA-2015:0069 | | released | 2015-01-21 | | severity | Important | | title | RHSA-2015:0069: java-1.8.0-openjdk security update (Important) |
|
| bugzilla | | id | 1184278 | | title | CVE-2015-0413 Oracle JDK: unspecified vulnerability fixed in 7u75 and 8u31 (Serviceability) |
| | oval | | OR | | comment | Red Hat Enterprise Linux must be installed | | oval | oval:com.redhat.rhba:tst:20070304026 |
| AND | | comment | Red Hat Enterprise Linux 6 is installed | | oval | oval:com.redhat.rhba:tst:20111656003 |
| OR | | AND | | comment | java-1.8.0-oracle is earlier than 1:1.8.0.31-1jpp.1.el6 | | oval | oval:com.redhat.rhsa:tst:20150080001 |
| comment | java-1.8.0-oracle is signed with Red Hat redhatrelease2 key | | oval | oval:com.redhat.rhsa:tst:20150080002 |
|
| AND | | comment | java-1.8.0-oracle-devel is earlier than 1:1.8.0.31-1jpp.1.el6 | | oval | oval:com.redhat.rhsa:tst:20150080003 |
| comment | java-1.8.0-oracle-devel is signed with Red Hat redhatrelease2 key | | oval | oval:com.redhat.rhsa:tst:20150080004 |
|
| AND | | comment | java-1.8.0-oracle-javafx is earlier than 1:1.8.0.31-1jpp.1.el6 | | oval | oval:com.redhat.rhsa:tst:20150080005 |
| comment | java-1.8.0-oracle-javafx is signed with Red Hat redhatrelease2 key | | oval | oval:com.redhat.rhsa:tst:20150080006 |
|
| AND | | comment | java-1.8.0-oracle-jdbc is earlier than 1:1.8.0.31-1jpp.1.el6 | | oval | oval:com.redhat.rhsa:tst:20150080007 |
| comment | java-1.8.0-oracle-jdbc is signed with Red Hat redhatrelease2 key | | oval | oval:com.redhat.rhsa:tst:20150080008 |
|
| AND | | comment | java-1.8.0-oracle-plugin is earlier than 1:1.8.0.31-1jpp.1.el6 | | oval | oval:com.redhat.rhsa:tst:20150080009 |
| comment | java-1.8.0-oracle-plugin is signed with Red Hat redhatrelease2 key | | oval | oval:com.redhat.rhsa:tst:20150080010 |
|
| AND | | comment | java-1.8.0-oracle-src is earlier than 1:1.8.0.31-1jpp.1.el6 | | oval | oval:com.redhat.rhsa:tst:20150080011 |
| comment | java-1.8.0-oracle-src is signed with Red Hat redhatrelease2 key | | oval | oval:com.redhat.rhsa:tst:20150080012 |
|
|
|
|
| | rhsa | | id | RHSA-2015:0080 | | released | 2015-01-22 | | severity | Critical | | title | RHSA-2015:0080: java-1.8.0-oracle security update (Critical) |
|
| | rpms | - java-1.8.0-openjdk-1:1.8.0.31-1.b13.el6_6
- java-1.8.0-openjdk-debuginfo-1:1.8.0.31-1.b13.el6_6
- java-1.8.0-openjdk-demo-1:1.8.0.31-1.b13.el6_6
- java-1.8.0-openjdk-devel-1:1.8.0.31-1.b13.el6_6
- java-1.8.0-openjdk-headless-1:1.8.0.31-1.b13.el6_6
- java-1.8.0-openjdk-javadoc-1:1.8.0.31-1.b13.el6_6
- java-1.8.0-openjdk-src-1:1.8.0.31-1.b13.el6_6
- java-1.8.0-oracle-1:1.8.0.31-1jpp.1.el6
- java-1.8.0-oracle-devel-1:1.8.0.31-1jpp.1.el6
- java-1.8.0-oracle-javafx-1:1.8.0.31-1jpp.1.el6
- java-1.8.0-oracle-jdbc-1:1.8.0.31-1jpp.1.el6
- java-1.8.0-oracle-plugin-1:1.8.0.31-1jpp.1.el6
- java-1.8.0-oracle-src-1:1.8.0.31-1jpp.1.el6
|
|
| refmap
via4
|
|
| Last major update |
13-05-2022 - 14:57 |
| Published |
21-01-2015 - 19:59 |
| Last modified |
13-05-2022 - 14:57 |
