Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2015-0412

Опубликовано: 20 янв. 2015
Источник: redhat
CVSS2: 6.8

Описание

Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS.

An improper permission check issue was discovered in the JAX-WS component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 7java-1.8.0-openjdkNot affected
Red Hat Enterprise Linux 7java-1.8.0-oracleNot affected
Oracle Java for Red Hat Enterprise Linux 5java-1.7.0-oracleFixedRHSA-2015:007922.01.2015
Oracle Java for Red Hat Enterprise Linux 5java-1.6.0-sunFixedRHSA-2015:008626.01.2015
Oracle Java for Red Hat Enterprise Linux 6java-1.7.0-oracleFixedRHSA-2015:007922.01.2015
Oracle Java for Red Hat Enterprise Linux 6java-1.8.0-oracleFixedRHSA-2015:008022.01.2015
Oracle Java for Red Hat Enterprise Linux 6java-1.6.0-sunFixedRHSA-2015:008626.01.2015
Oracle Java for Red Hat Enterprise Linux 7java-1.7.0-oracleFixedRHSA-2015:007922.01.2015
Oracle Java for Red Hat Enterprise Linux 7java-1.6.0-sunFixedRHSA-2015:008626.01.2015
Red Hat Enterprise Linux 5java-1.7.0-openjdkFixedRHSA-2015:006820.01.2015

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Critical
https://bugzilla.redhat.com/show_bug.cgi?id=1183021OpenJDK: insufficient code privileges checks (JAX-WS, 8054367)

6.8 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2015-0412

ubuntu
почти 11 лет назад

Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS.

nvd логотип

CVE-2015-0412

nvd
почти 11 лет назад

Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS.

debian логотип

CVE-2015-0412

debian
почти 11 лет назад

Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allow ...

github логотип

GHSA-5rmc-hxjg-x3qp

github
больше 3 лет назад

Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS.

oracle-oval логотип

ELSA-2015-0085

oracle-oval
почти 11 лет назад

ELSA-2015-0085: java-1.6.0-openjdk security update (IMPORTANT)

6.8 Medium

CVSS2