5

CVE-2015-1914

IBM Java 7 R1 before SR3, 7 before SR9, 6 R1 before SR8 FP4, 6 before SR16 FP4, and 5.0 before SR16 FP10 allows remote attackers to bypass "permission checks" and obtain sensitive information via vectors related to the Java Virtual Machine.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IbmJava Version >= 5.0.0.0 < 5.0.16.10
IbmJava Version >= 6.0.0.0 < 6.0.16.4
IbmJava Version >= 6.1.0.0 < 6.1.8.4
IbmJava Version >= 7.0.0.0 < 7.0.9.0
IbmJava Version >= 7.1.0.0 < 7.1.3.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 4.55% 0.904
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:P/I:N/A:N
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

http://rhn.redhat.com/errata/RHSA-2015-1006.html
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1007.html
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1020.html
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1021.html
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1091.html
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html
Third Party Advisory
Mailing List
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html
Third Party Advisory
Mailing List
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html
Third Party Advisory
Mailing List
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html
Third Party Advisory
Mailing List
http://www-01.ibm.com/support/docview.wss?uid=swg21883640
Vendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html
Third Party Advisory
Mailing List
http://www-01.ibm.com/support/docview.wss?uid=swg1IV72245
Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg1IV72246
Vendor Advisory
http://www.securityfocus.com/bid/74645
Third Party Advisory
VDB Entry