ID CVE-2015-0477
Summary Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect integrity via unknown vectors related to Beans. Per Oracle: Applies to client deployment of Java only. This vulnerability can be exploited only through sandboxed Java Web Start applications and sandboxed Java applets. (http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html)
References
Vulnerable Configurations
  • cpe:2.3:a:oracle:jdk:1.5.0:update_81:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.5.0:update_81:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.6.0:update_91:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.6.0:update_91:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.7.0:update_76:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.7.0:update_76:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.8.0:update_40:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.8.0:update_40:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.5.0:update_81:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.5.0:update_81:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.6.0:update_91:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.6.0:update_91:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.7.0:update_76:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.7.0:update_76:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.8.0:update_40:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.8.0:update_40:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 04-11-2017 - 01:29)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:P/A:N
redhat via4
advisories
  • rhsa
    id RHSA-2015:0806
  • rhsa
    id RHSA-2015:0807
  • rhsa
    id RHSA-2015:0808
  • rhsa
    id RHSA-2015:0809
  • rhsa
    id RHSA-2015:0854
  • rhsa
    id RHSA-2015:0857
  • rhsa
    id RHSA-2015:0858
  • rhsa
    id RHSA-2015:1006
  • rhsa
    id RHSA-2015:1007
  • rhsa
    id RHSA-2015:1020
  • rhsa
    id RHSA-2015:1021
  • rhsa
    id RHSA-2015:1091
rpms
  • java-1.7.0-openjdk-1:1.7.0.79-2.5.5.1.el6_6
  • java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.1.el6_6
  • java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.1.el6_6
  • java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.1.el6_6
  • java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.1.el6_6
  • java-1.7.0-openjdk-1:1.7.0.79-2.5.5.1.el7_1
  • java-1.7.0-openjdk-accessibility-1:1.7.0.79-2.5.5.1.el7_1
  • java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.1.el7_1
  • java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.1.el7_1
  • java-1.7.0-openjdk-headless-1:1.7.0.79-2.5.5.1.el7_1
  • java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.1.el7_1
  • java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.1.el7_1
  • java-1.7.0-openjdk-1:1.7.0.79-2.5.5.2.el5_11
  • java-1.7.0-openjdk-demo-1:1.7.0.79-2.5.5.2.el5_11
  • java-1.7.0-openjdk-devel-1:1.7.0.79-2.5.5.2.el5_11
  • java-1.7.0-openjdk-javadoc-1:1.7.0.79-2.5.5.2.el5_11
  • java-1.7.0-openjdk-src-1:1.7.0.79-2.5.5.2.el5_11
  • java-1.6.0-openjdk-1:1.6.0.35-1.13.7.1.el5_11
  • java-1.6.0-openjdk-demo-1:1.6.0.35-1.13.7.1.el5_11
  • java-1.6.0-openjdk-devel-1:1.6.0.35-1.13.7.1.el5_11
  • java-1.6.0-openjdk-javadoc-1:1.6.0.35-1.13.7.1.el5_11
  • java-1.6.0-openjdk-src-1:1.6.0.35-1.13.7.1.el5_11
  • java-1.6.0-openjdk-1:1.6.0.35-1.13.7.1.el6_6
  • java-1.6.0-openjdk-demo-1:1.6.0.35-1.13.7.1.el6_6
  • java-1.6.0-openjdk-devel-1:1.6.0.35-1.13.7.1.el6_6
  • java-1.6.0-openjdk-javadoc-1:1.6.0.35-1.13.7.1.el6_6
  • java-1.6.0-openjdk-src-1:1.6.0.35-1.13.7.1.el6_6
  • java-1.6.0-openjdk-1:1.6.0.35-1.13.7.1.el7_1
  • java-1.6.0-openjdk-demo-1:1.6.0.35-1.13.7.1.el7_1
  • java-1.6.0-openjdk-devel-1:1.6.0.35-1.13.7.1.el7_1
  • java-1.6.0-openjdk-javadoc-1:1.6.0.35-1.13.7.1.el7_1
  • java-1.6.0-openjdk-src-1:1.6.0.35-1.13.7.1.el7_1
  • java-1.8.0-openjdk-1:1.8.0.45-28.b13.el6_6
  • java-1.8.0-openjdk-demo-1:1.8.0.45-28.b13.el6_6
  • java-1.8.0-openjdk-devel-1:1.8.0.45-28.b13.el6_6
  • java-1.8.0-openjdk-headless-1:1.8.0.45-28.b13.el6_6
  • java-1.8.0-openjdk-javadoc-1:1.8.0.45-28.b13.el6_6
  • java-1.8.0-openjdk-src-1:1.8.0.45-28.b13.el6_6
  • java-1.8.0-openjdk-1:1.8.0.45-30.b13.el7_1
  • java-1.8.0-openjdk-accessibility-1:1.8.0.45-30.b13.el7_1
  • java-1.8.0-openjdk-demo-1:1.8.0.45-30.b13.el7_1
  • java-1.8.0-openjdk-devel-1:1.8.0.45-30.b13.el7_1
  • java-1.8.0-openjdk-headless-1:1.8.0.45-30.b13.el7_1
  • java-1.8.0-openjdk-javadoc-1:1.8.0.45-30.b13.el7_1
  • java-1.8.0-openjdk-src-1:1.8.0.45-30.b13.el7_1
refmap via4
bid 74119
confirm
debian
  • DSA-3234
  • DSA-3235
  • DSA-3316
gentoo GLSA-201603-11
mandriva MDVSA-2015:212
sectrack 1032120
suse
  • SUSE-SU-2015:0833
  • SUSE-SU-2015:1085
  • SUSE-SU-2015:1086
  • SUSE-SU-2015:1138
  • SUSE-SU-2015:1161
  • SUSE-SU-2015:2166
  • SUSE-SU-2015:2168
  • SUSE-SU-2015:2182
  • SUSE-SU-2015:2192
  • SUSE-SU-2015:2216
  • SUSE-SU-2016:0113
  • openSUSE-SU-2015:0773
  • openSUSE-SU-2015:0774
ubuntu
  • USN-2573-1
  • USN-2574-1
Last major update 04-11-2017 - 01:29
Published 16-04-2015 - 16:59
Back to Top