ID CVE-2015-0400
Summary Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to Libraries. As per Oracle: Applies to client deployment of Java only. This vulnerability can be exploited only through sandboxed Java Web Start applications and sandboxed Java applets. http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
References
Vulnerable Configurations
  • cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*
  • cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:*:*:*:*:*:*:*
    cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:*:*:*:*:*:*:*
  • cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:*:*:*:*:*:*:*
    cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:*:*:*:*:*:*:*
  • cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
    cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.6.0:update_85:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.6.0:update_85:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.7.0:update72:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.7.0:update72:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.8.0:update25:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.8.0:update25:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.6.0:update_85:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.6.0:update_85:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.7.0:update_72:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.7.0:update_72:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.8.0:update_25:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.8.0:update_25:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 08-09-2020 - 13:00)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:N/A:N
refmap via4
bid 72159
confirm
gentoo
  • GLSA-201507-14
  • GLSA-201603-14
hp
  • HPSBUX03273
  • HPSBUX03281
  • SSRT101951
  • SSRT101968
sectrack 1031580
suse
  • SUSE-SU-2015:0336
  • SUSE-SU-2015:0503
  • openSUSE-SU-2015:0190
ubuntu
  • USN-2486-1
  • USN-2487-1
xf oracle-cpujan2015-cve20150400(100149)
Last major update 08-09-2020 - 13:00
Published 21-01-2015 - 18:59
Last modified 08-09-2020 - 13:00
Back to Top