Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2015-0395

Опубликовано: 20 янв. 2015
Источник: redhat
CVSS2: 6.8
EPSS Средний

Описание

Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.

A flaw was found in the way the Hotspot garbage collector handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5java-1.7.0-ibmNot affected
Red Hat Enterprise Linux 6java-1.7.1-ibmNot affected
Red Hat Enterprise Linux 7java-1.7.1-ibmNot affected
Red Hat Enterprise Linux 7java-1.8.0-openjdkNot affected
Red Hat Enterprise Linux 7java-1.8.0-oracleNot affected
Oracle Java for Red Hat Enterprise Linux 5java-1.7.0-oracleFixedRHSA-2015:007922.01.2015
Oracle Java for Red Hat Enterprise Linux 5java-1.6.0-sunFixedRHSA-2015:008626.01.2015
Oracle Java for Red Hat Enterprise Linux 6java-1.7.0-oracleFixedRHSA-2015:007922.01.2015
Oracle Java for Red Hat Enterprise Linux 6java-1.8.0-oracleFixedRHSA-2015:008022.01.2015
Oracle Java for Red Hat Enterprise Linux 6java-1.6.0-sunFixedRHSA-2015:008626.01.2015

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Critical
https://bugzilla.redhat.com/show_bug.cgi?id=1183031OpenJDK: phantom references handling issue in garbage collector (Hotspot, 8047125)

EPSS

Процентиль: 96%
0.24877
Средний

6.8 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2015-0395

ubuntu
больше 10 лет назад

Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.

nvd логотип

CVE-2015-0395

nvd
больше 10 лет назад

Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.

debian логотип

CVE-2015-0395

debian
больше 10 лет назад

Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u ...

github логотип

GHSA-7w4x-vjmm-65hg

github
больше 3 лет назад

Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.

oracle-oval логотип

ELSA-2015-0085

oracle-oval
больше 10 лет назад

ELSA-2015-0085: java-1.6.0-openjdk security update (IMPORTANT)

EPSS

Процентиль: 96%
0.24877
Средний

6.8 Medium

CVSS2