CVE-2015-4902

Warnung

EPSS 9.38%
Veröffentlicht 22.10.2015 00:00:03
Zuletzt bearbeitet 12.04.2025 10:46:40
Quelle secalert_us@oracle.com
Teams Watchlist Login
Unerledigt Login

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60 allows remote attackers to affect integrity via unknown vectors related to Deployment.

Betroffene Produkte Warnungen 1 Metriken 3 CWE 1 Referenzen 25

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Oracle ≫ Jdk Version1.6.0 Updateupdate101

Oracle ≫ Jdk Version1.7.0 Updateupdate85

Oracle ≫ Jdk Version1.8.0 Updateupdate60

Oracle ≫ Jre Version1.6.0 Updateupdate101

Oracle ≫ Jre Version1.7.0 Updateupdate85

Oracle ≫ Jre Version1.8.0 Updateupdate60

Redhat ≫ Satellite Version5.6

Redhat ≫ Satellite Version5.7

Redhat ≫ Enterprise Linux Desktop Version5.0

Redhat ≫ Enterprise Linux Desktop Version6.0

Redhat ≫ Enterprise Linux Desktop Version7.0

Redhat ≫ Enterprise Linux Eus Version6.7

Redhat ≫ Enterprise Linux Eus Version7.2

Redhat ≫ Enterprise Linux Eus Version7.3

Redhat ≫ Enterprise Linux Eus Version7.4

Redhat ≫ Enterprise Linux Eus Version7.5

Redhat ≫ Enterprise Linux Eus Compute Node Version7.2

Redhat ≫ Enterprise Linux Eus Compute Node Version7.3

Redhat ≫ Enterprise Linux For Ibm Z Systems Version5.0_s390x

Redhat ≫ Enterprise Linux For Ibm Z Systems Version6.0_s390x

Redhat ≫ Enterprise Linux For Ibm Z Systems Version7.0_s390x

Redhat ≫ Enterprise Linux For Ibm Z Systems Eus Version6.7_s390x

Redhat ≫ Enterprise Linux For Ibm Z Systems Eus Version7.2_s390x

Redhat ≫ Enterprise Linux For Ibm Z Systems Eus Version7.3_s390x

Redhat ≫ Enterprise Linux For Ibm Z Systems Eus Version7.4_s390x

Redhat ≫ Enterprise Linux For Ibm Z Systems Eus Version7.5_s390x

Redhat ≫ Enterprise Linux For Power Big Endian Version5.0_ppc

Redhat ≫ Enterprise Linux For Power Big Endian Version6.0_ppc64

Redhat ≫ Enterprise Linux For Power Big Endian Version7.0_ppc64

Redhat ≫ Enterprise Linux For Power Big Endian Eus Version6.7_ppc64

Redhat ≫ Enterprise Linux For Power Big Endian Eus Version7.2_ppc64

Redhat ≫ Enterprise Linux For Power Big Endian Eus Version7.3_ppc64

Redhat ≫ Enterprise Linux For Power Big Endian Eus Version7.4_ppc64

Redhat ≫ Enterprise Linux For Power Big Endian Eus Version7.5_ppc64

Redhat ≫ Enterprise Linux For Power Little Endian Version7.0_ppc64le

Redhat ≫ Enterprise Linux For Power Little Endian Eus Version7.2_ppc64le

Redhat ≫ Enterprise Linux For Power Little Endian Eus Version7.3_ppc64le

Redhat ≫ Enterprise Linux For Power Little Endian Eus Version7.4_ppc64le

Redhat ≫ Enterprise Linux For Power Little Endian Eus Version7.5_ppc64le

Redhat ≫ Enterprise Linux For Scientific Computing Version6.0

Redhat ≫ Enterprise Linux For Scientific Computing Version7.0

Redhat ≫ Enterprise Linux Server Version5.0

Redhat ≫ Enterprise Linux Server Version6.0

Redhat ≫ Enterprise Linux Server Version7.0

Redhat ≫ Enterprise Linux Server From Rhui Version5.0

Redhat ≫ Enterprise Linux Server From Rhui Version6.0

Redhat ≫ Enterprise Linux Server From Rhui Version7.0

Redhat ≫ Enterprise Linux Workstation Version5.0

Redhat ≫ Enterprise Linux Workstation Version6.0

Redhat ≫ Enterprise Linux Workstation Version7.0

Suse ≫ Linux Enterprise Module For Legacy Version12

Opensuse ≫ Leap Version42.1

Opensuse ≫ Opensuse Version13.2

Suse ≫ Linux Enterprise Server Version10 Updatesp4 SwEditionltss

Suse ≫ Linux Enterprise Server Version11 Updatesp2 SwEditionltss

Suse ≫ Linux Enterprise Server Version11 Updatesp3 SwPlatform-

Suse ≫ Linux Enterprise Server Version11 Updatesp3 SwPlatformvmware

Suse ≫ Linux Enterprise Server Version11 Updatesp4

Suse ≫ Linux Enterprise Server Version12 Update-

Suse ≫ Linux Enterprise Server Version12 Updatesp1

Suse ≫ Linux Enterprise Software Development Kit Version11 Updatesp3

Suse ≫ Linux Enterprise Software Development Kit Version11 Updatesp4

Suse ≫ Linux Enterprise Software Development Kit Version12 Update-

Suse ≫ Linux Enterprise Software Development Kit Version12 Updatesp1

03.03.2022: CISA Known Exploited Vulnerabilities (KEV) Catalog

Oracle Java SE Integrity Check Vulnerability

Schwachstelle

Unspecified vulnerability in Oracle Java SE allows remote attackers to affect integrity via Unknown vectors related to deployment.

Beschreibung

Apply updates per vendor instructions.

Erforderliche Maßnahmen

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	9.38%	0.925

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:P/A:N
134c704f-9b21-4f2e-91b3-4a467353bcc0	5.3	3.9	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

CWE-284 Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html

Patch

Vendor Advisory

http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html

Third Party Advisory

https://security.gentoo.org/glsa/201603-11

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00014.html

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2015-1926.html

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2015-1927.html

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2015-1928.html

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2015-2506.html

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2015-2507.html

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2015-2508.html

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2015-2509.html

Third Party Advisory

http://www.securitytracker.com/id/1033884

Third Party Advisory

Broken Link

VDB Entry

https://access.redhat.com/errata/RHSA-2016:1430

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2015-2518.html

Third Party Advisory

http://www.securityfocus.com/bid/77241

Third Party Advisory

Broken Link

VDB Entry

https://nvd.nist.gov/vuln/detail/CVE-2015-4902

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2015-4902

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2015-4902

EUVD