ID CVE-2015-4734
Summary Unspecified vulnerability in Oracle Java SE 6u101, 7u85 and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via vectors related to JGSS. Per <a href="http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html">LINK</a>: Applies to client deployment of Java only. This vulnerability can be exploited only through sandboxed Java Web Start applications and sandboxed Java applets.
References
Vulnerable Configurations
  • cpe:2.3:a:oracle:jdk:1.6.0:update_101:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.6.0:update_101:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.7.0:update_85:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.7.0:update_85:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.8.0:update_51:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.8.0:update_51:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.8.0:update_60:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.8.0:update_60:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.6.0:update_101:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.6.0:update_101:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.7.0:update_85:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.7.0:update_85:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.8.0:update_51:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.8.0:update_51:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.8.0:update_60:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.8.0:update_60:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 24-12-2016 - 02:59)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:N/A:N
redhat via4
advisories
  • rhsa
    id RHSA-2015:1919
  • rhsa
    id RHSA-2015:1920
  • rhsa
    id RHSA-2015:1921
  • rhsa
    id RHSA-2015:1926
  • rhsa
    id RHSA-2015:1927
  • rhsa
    id RHSA-2015:1928
  • rhsa
    id RHSA-2015:2506
  • rhsa
    id RHSA-2015:2507
  • rhsa
    id RHSA-2015:2508
  • rhsa
    id RHSA-2015:2509
  • rhsa
    id RHSA-2016:1430
rpms
  • java-1.8.0-openjdk-1:1.8.0.65-0.b17.el6_7
  • java-1.8.0-openjdk-debug-1:1.8.0.65-0.b17.el6_7
  • java-1.8.0-openjdk-demo-1:1.8.0.65-0.b17.el6_7
  • java-1.8.0-openjdk-demo-debug-1:1.8.0.65-0.b17.el6_7
  • java-1.8.0-openjdk-devel-1:1.8.0.65-0.b17.el6_7
  • java-1.8.0-openjdk-devel-debug-1:1.8.0.65-0.b17.el6_7
  • java-1.8.0-openjdk-headless-1:1.8.0.65-0.b17.el6_7
  • java-1.8.0-openjdk-headless-debug-1:1.8.0.65-0.b17.el6_7
  • java-1.8.0-openjdk-javadoc-1:1.8.0.65-0.b17.el6_7
  • java-1.8.0-openjdk-javadoc-debug-1:1.8.0.65-0.b17.el6_7
  • java-1.8.0-openjdk-src-1:1.8.0.65-0.b17.el6_7
  • java-1.8.0-openjdk-src-debug-1:1.8.0.65-0.b17.el6_7
  • java-1.8.0-openjdk-1:1.8.0.65-2.b17.el7_1
  • java-1.8.0-openjdk-accessibility-1:1.8.0.65-2.b17.el7_1
  • java-1.8.0-openjdk-demo-1:1.8.0.65-2.b17.el7_1
  • java-1.8.0-openjdk-devel-1:1.8.0.65-2.b17.el7_1
  • java-1.8.0-openjdk-headless-1:1.8.0.65-2.b17.el7_1
  • java-1.8.0-openjdk-javadoc-1:1.8.0.65-2.b17.el7_1
  • java-1.8.0-openjdk-src-1:1.8.0.65-2.b17.el7_1
  • java-1.7.0-openjdk-1:1.7.0.91-2.6.2.2.el6_7
  • java-1.7.0-openjdk-demo-1:1.7.0.91-2.6.2.2.el6_7
  • java-1.7.0-openjdk-devel-1:1.7.0.91-2.6.2.2.el6_7
  • java-1.7.0-openjdk-javadoc-1:1.7.0.91-2.6.2.2.el6_7
  • java-1.7.0-openjdk-src-1:1.7.0.91-2.6.2.2.el6_7
  • java-1.7.0-openjdk-1:1.7.0.91-2.6.2.1.el7_1
  • java-1.7.0-openjdk-accessibility-1:1.7.0.91-2.6.2.1.el7_1
  • java-1.7.0-openjdk-demo-1:1.7.0.91-2.6.2.1.el7_1
  • java-1.7.0-openjdk-devel-1:1.7.0.91-2.6.2.1.el7_1
  • java-1.7.0-openjdk-headless-1:1.7.0.91-2.6.2.1.el7_1
  • java-1.7.0-openjdk-javadoc-1:1.7.0.91-2.6.2.1.el7_1
  • java-1.7.0-openjdk-src-1:1.7.0.91-2.6.2.1.el7_1
  • java-1.7.0-openjdk-1:1.7.0.91-2.6.2.1.el5_11
  • java-1.7.0-openjdk-demo-1:1.7.0.91-2.6.2.1.el5_11
  • java-1.7.0-openjdk-devel-1:1.7.0.91-2.6.2.1.el5_11
  • java-1.7.0-openjdk-javadoc-1:1.7.0.91-2.6.2.1.el5_11
  • java-1.7.0-openjdk-src-1:1.7.0.91-2.6.2.1.el5_11
  • java-1.6.0-openjdk-1:1.6.0.37-1.13.9.4.el5_11
  • java-1.6.0-openjdk-demo-1:1.6.0.37-1.13.9.4.el5_11
  • java-1.6.0-openjdk-devel-1:1.6.0.37-1.13.9.4.el5_11
  • java-1.6.0-openjdk-javadoc-1:1.6.0.37-1.13.9.4.el5_11
  • java-1.6.0-openjdk-src-1:1.6.0.37-1.13.9.4.el5_11
  • java-1.6.0-openjdk-1:1.6.0.37-1.13.9.4.el6_7
  • java-1.6.0-openjdk-demo-1:1.6.0.37-1.13.9.4.el6_7
  • java-1.6.0-openjdk-devel-1:1.6.0.37-1.13.9.4.el6_7
  • java-1.6.0-openjdk-javadoc-1:1.6.0.37-1.13.9.4.el6_7
  • java-1.6.0-openjdk-src-1:1.6.0.37-1.13.9.4.el6_7
  • java-1.6.0-openjdk-1:1.6.0.37-1.13.9.4.el7_1
  • java-1.6.0-openjdk-demo-1:1.6.0.37-1.13.9.4.el7_1
  • java-1.6.0-openjdk-devel-1:1.6.0.37-1.13.9.4.el7_1
  • java-1.6.0-openjdk-javadoc-1:1.6.0.37-1.13.9.4.el7_1
  • java-1.6.0-openjdk-src-1:1.6.0.37-1.13.9.4.el7_1
refmap via4
bid 77192
confirm
debian DSA-3381
gentoo
  • GLSA-201603-11
  • GLSA-201603-14
sectrack 1033884
suse
  • SUSE-SU-2015:1874
  • SUSE-SU-2015:1875
  • SUSE-SU-2015:2166
  • SUSE-SU-2015:2168
  • SUSE-SU-2015:2182
  • SUSE-SU-2015:2192
  • SUSE-SU-2015:2216
  • SUSE-SU-2015:2268
  • SUSE-SU-2016:0113
  • openSUSE-SU-2015:1902
  • openSUSE-SU-2015:1905
  • openSUSE-SU-2015:1906
  • openSUSE-SU-2015:1971
  • openSUSE-SU-2016:0270
ubuntu
  • USN-2784-1
  • USN-2827-1
Last major update 24-12-2016 - 02:59
Published 21-10-2015 - 21:59
Back to Top