ID CVE-2015-4734
Summary Per <a href="http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html">LINK</a>: Applies to client deployment of Java only. This vulnerability can be exploited only through sandboxed Java Web Start applications and sandboxed Java applets.
References
Vulnerable Configurations
  • cpe:2.3:a:oracle:jdk:1.6.0:update_101:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.6.0:update_101:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.7.0:update_85:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.7.0:update_85:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.8.0:update_51:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.8.0:update_51:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jdk:1.8.0:update_60:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.8.0:update_60:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.6.0:update_101:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.6.0:update_101:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.7.0:update_85:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.7.0:update_85:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.8.0:update_51:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.8.0:update_51:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.8.0:update_60:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.8.0:update_60:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 24-12-2016 - 02:59)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
assigner via4 cve@mitre.org
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:N/A:N
non_vulnerable_configuration via4
    redhat via4
    advisories
    • rhsa
      id RHSA-2015:1919
    • rhsa
      id RHSA-2015:1920
    • rhsa
      id RHSA-2015:1921
    • rhsa
      id RHSA-2015:1926
    • rhsa
      id RHSA-2015:1927
    • rhsa
      id RHSA-2015:1928
    • rhsa
      id RHSA-2015:2506
    • rhsa
      id RHSA-2015:2507
    • rhsa
      id RHSA-2015:2508
    • rhsa
      id RHSA-2015:2509
    • rhsa
      id RHSA-2016:1430
    rpms
    • java-1.8.0-openjdk-1:1.8.0.65-0.b17.el6_7
    • java-1.8.0-openjdk-debug-1:1.8.0.65-0.b17.el6_7
    • java-1.8.0-openjdk-demo-1:1.8.0.65-0.b17.el6_7
    • java-1.8.0-openjdk-demo-debug-1:1.8.0.65-0.b17.el6_7
    • java-1.8.0-openjdk-devel-1:1.8.0.65-0.b17.el6_7
    • java-1.8.0-openjdk-devel-debug-1:1.8.0.65-0.b17.el6_7
    • java-1.8.0-openjdk-headless-1:1.8.0.65-0.b17.el6_7
    • java-1.8.0-openjdk-headless-debug-1:1.8.0.65-0.b17.el6_7
    • java-1.8.0-openjdk-javadoc-1:1.8.0.65-0.b17.el6_7
    • java-1.8.0-openjdk-javadoc-debug-1:1.8.0.65-0.b17.el6_7
    • java-1.8.0-openjdk-src-1:1.8.0.65-0.b17.el6_7
    • java-1.8.0-openjdk-src-debug-1:1.8.0.65-0.b17.el6_7
    • java-1.8.0-openjdk-1:1.8.0.65-2.b17.el7_1
    • java-1.8.0-openjdk-accessibility-1:1.8.0.65-2.b17.el7_1
    • java-1.8.0-openjdk-demo-1:1.8.0.65-2.b17.el7_1
    • java-1.8.0-openjdk-devel-1:1.8.0.65-2.b17.el7_1
    • java-1.8.0-openjdk-headless-1:1.8.0.65-2.b17.el7_1
    • java-1.8.0-openjdk-javadoc-1:1.8.0.65-2.b17.el7_1
    • java-1.8.0-openjdk-src-1:1.8.0.65-2.b17.el7_1
    • java-1.7.0-openjdk-1:1.7.0.91-2.6.2.2.el6_7
    • java-1.7.0-openjdk-demo-1:1.7.0.91-2.6.2.2.el6_7
    • java-1.7.0-openjdk-devel-1:1.7.0.91-2.6.2.2.el6_7
    • java-1.7.0-openjdk-javadoc-1:1.7.0.91-2.6.2.2.el6_7
    • java-1.7.0-openjdk-src-1:1.7.0.91-2.6.2.2.el6_7
    • java-1.7.0-openjdk-1:1.7.0.91-2.6.2.1.el7_1
    • java-1.7.0-openjdk-accessibility-1:1.7.0.91-2.6.2.1.el7_1
    • java-1.7.0-openjdk-demo-1:1.7.0.91-2.6.2.1.el7_1
    • java-1.7.0-openjdk-devel-1:1.7.0.91-2.6.2.1.el7_1
    • java-1.7.0-openjdk-headless-1:1.7.0.91-2.6.2.1.el7_1
    • java-1.7.0-openjdk-javadoc-1:1.7.0.91-2.6.2.1.el7_1
    • java-1.7.0-openjdk-src-1:1.7.0.91-2.6.2.1.el7_1
    • java-1.7.0-openjdk-1:1.7.0.91-2.6.2.1.el5_11
    • java-1.7.0-openjdk-demo-1:1.7.0.91-2.6.2.1.el5_11
    • java-1.7.0-openjdk-devel-1:1.7.0.91-2.6.2.1.el5_11
    • java-1.7.0-openjdk-javadoc-1:1.7.0.91-2.6.2.1.el5_11
    • java-1.7.0-openjdk-src-1:1.7.0.91-2.6.2.1.el5_11
    • java-1.6.0-openjdk-1:1.6.0.37-1.13.9.4.el5_11
    • java-1.6.0-openjdk-demo-1:1.6.0.37-1.13.9.4.el5_11
    • java-1.6.0-openjdk-devel-1:1.6.0.37-1.13.9.4.el5_11
    • java-1.6.0-openjdk-javadoc-1:1.6.0.37-1.13.9.4.el5_11
    • java-1.6.0-openjdk-src-1:1.6.0.37-1.13.9.4.el5_11
    • java-1.6.0-openjdk-1:1.6.0.37-1.13.9.4.el6_7
    • java-1.6.0-openjdk-demo-1:1.6.0.37-1.13.9.4.el6_7
    • java-1.6.0-openjdk-devel-1:1.6.0.37-1.13.9.4.el6_7
    • java-1.6.0-openjdk-javadoc-1:1.6.0.37-1.13.9.4.el6_7
    • java-1.6.0-openjdk-src-1:1.6.0.37-1.13.9.4.el6_7
    • java-1.6.0-openjdk-1:1.6.0.37-1.13.9.4.el7_1
    • java-1.6.0-openjdk-demo-1:1.6.0.37-1.13.9.4.el7_1
    • java-1.6.0-openjdk-devel-1:1.6.0.37-1.13.9.4.el7_1
    • java-1.6.0-openjdk-javadoc-1:1.6.0.37-1.13.9.4.el7_1
    • java-1.6.0-openjdk-src-1:1.6.0.37-1.13.9.4.el7_1
    refmap via4
    bid 77192
    confirm
    debian DSA-3381
    gentoo
    • GLSA-201603-11
    • GLSA-201603-14
    sectrack 1033884
    suse
    • SUSE-SU-2015:1874
    • SUSE-SU-2015:1875
    • SUSE-SU-2015:2166
    • SUSE-SU-2015:2168
    • SUSE-SU-2015:2182
    • SUSE-SU-2015:2192
    • SUSE-SU-2015:2216
    • SUSE-SU-2015:2268
    • SUSE-SU-2016:0113
    • openSUSE-SU-2015:1902
    • openSUSE-SU-2015:1905
    • openSUSE-SU-2015:1906
    • openSUSE-SU-2015:1971
    • openSUSE-SU-2016:0270
    ubuntu
    • USN-2784-1
    • USN-2827-1
    vulnerable_product via4
    • cpe:2.3:a:oracle:jdk:1.6.0:update_101:*:*:*:*:*:*
    • cpe:2.3:a:oracle:jdk:1.7.0:update_85:*:*:*:*:*:*
    • cpe:2.3:a:oracle:jdk:1.8.0:update_51:*:*:*:*:*:*
    • cpe:2.3:a:oracle:jdk:1.8.0:update_60:*:*:*:*:*:*
    • cpe:2.3:a:oracle:jre:1.6.0:update_101:*:*:*:*:*:*
    • cpe:2.3:a:oracle:jre:1.7.0:update_85:*:*:*:*:*:*
    • cpe:2.3:a:oracle:jre:1.8.0:update_51:*:*:*:*:*:*
    • cpe:2.3:a:oracle:jre:1.8.0:update_60:*:*:*:*:*:*
    Last major update 24-12-2016 - 02:59
    Published 21-10-2015 - 21:59
    Back to Top