CVE-2015-0407

Опубликовано: 21 янв. 2015

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to Swing.

Комментарий

As per Oracle:

Applies to client deployment of Java only. This vulnerability can be exploited only through sandboxed Java Web Start applications and sandboxed Java applets.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*

Конфигурация 2

Одно из

cpe:2.3:a:oracle:jdk:1.5.0:update75:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.6.0:update85:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.7.0:update72:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.8.0:update25:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.5.0:update75:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.6.0:update85:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.7.0:update72:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.8.0:update25:*:*:*:*:*:*

EPSS

Процентиль: 81%

0.01626

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

CVE-2015-0407

ubuntu

больше 10 лет назад

Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to Swing.

CVE-2015-0407

redhat

больше 10 лет назад

Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to Swing.

CVE-2015-0407

debian

больше 10 лет назад

Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u ...

GHSA-gr6w-54mw-4jfq

github

больше 3 лет назад

Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to Swing.

ELSA-2015-0085

oracle-oval

больше 10 лет назад

ELSA-2015-0085: java-1.6.0-openjdk security update (IMPORTANT)

EPSS

Процентиль: 81%

0.01626

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-noinfo