CVE-2015-0383

Published Jan 21, 2015

Last updated 3 months ago

CVSS info 5.4

Overview

Description: Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows local users to affect integrity and availability via unknown vectors related to Hotspot.
Source: secalert_us@oracle.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 5.4
Impact score: 7.8
Exploitability score: 3.4
Vector string: AV:L/AC:M/Au:N/C:N/I:P/A:C

Weaknesses

nvd@nist.gov: NVD-CWE-noinfo

Hype score: Not currently trending

Evaluator

Comment: Per: http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service.
Impact: -
Solution: -

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5D37DF0F-F863-45AC-853A-3E04F9FEC7CA"
          },
          {
            "criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F"
          },
          {
            "criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084"
          },
          {
            "criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "49A63F39-30BE-443F-AF10-6245587D3359"
          },
          {
            "criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA"
          },
          {
            "criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43"
          },
          {
            "criteria": "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9"
          },
          {
            "criteria": "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "56BDB5A0-0839-4A20-A003-B8CD56F48171"
          },
          {
            "criteria": "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "253C303A-E577-4488-93E6-68A8DD942C38"
          },
          {
            "criteria": "cpe:2.3:o:novell:suse_linux_enterprise_desktop:11.0:sp3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A46AFB60-4775-48A9-81FA-5A54CEDA7625"
          },
          {
            "criteria": "cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C384D0B6-8A5C-45CA-8CD9-7F4E967FE4F0"
          },
          {
            "criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AA9B3CC0-DF1C-4A86-B2A3-A9D428A5A6E6"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:oracle:jdk:1.5.0:update75:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8C137033-B58D-47A1-B10E-97E161B9DBB9"
          },
          {
            "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update85:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B47EBED9-2DA8-4282-91B8-4F5BE586078B"
          },
          {
            "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update71:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EB2429BA-65AE-4EC5-B6BC-3767651BEC35"
          },
          {
            "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update72:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D95925E1-5761-4CDD-80A0-52939ABF52F8"
          },
          {
            "criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update25:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E87241E0-A296-4CAA-980A-FC572DAEB9F5"
          },
          {
            "criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "49A6100C-86B5-4180-8807-06FB211443AD"
          },
          {
            "criteria": "cpe:2.3:a:oracle:jre:1.5.0:update75:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8B25BDB2-90A1-40EA-B1EE-CF1B731CE919"
          },
          {
            "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update85:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A9FE9C93-6AE9-49E7-B908-DF85B21F7247"
          },
          {
            "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update71:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "36E6A798-78A6-498E-9668-D5D427890E37"
          },
          {
            "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update72:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E40DC6EF-6153-403A-BAA0-4425385F92DA"
          },
          {
            "criteria": "cpe:2.3:a:oracle:jre:1.8.0:update25:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8A9B64C6-749E-4E98-9ACA-B715A13EA390"
          },
          {
            "criteria": "cpe:2.3:a:oracle:jre:1.8.0:update6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FC4DE6A8-EFB0-480E-863E-BF49823321EE"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:oracle:jrockit:r27.8.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2A02772D-DB3D-444B-AA9B-9367BE6FD677"
          },
          {
            "criteria": "cpe:2.3:a:oracle:jrockit:r28.3.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "39F11BE8-91C7-40ED-841E-6803E053F65D"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Evaluator

Configurations

References