CVE-2015-1914
Published Jul 2, 2015
Last updated 5 years ago
Overview
- Description
- IBM Java 7 R1 before SR3, 7 before SR9, 6 R1 before SR8 FP4, 6 before SR16 FP4, and 5.0 before SR16 FP10 allows remote attackers to bypass "permission checks" and obtain sensitive information via vectors related to the Java Virtual Machine.
- Source
- psirt@us.ibm.com
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- CWE-200
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0D291505-B2CB-48F6-B4B9-8343DB71B4A2",
"versionEndExcluding": "5.0.16.10",
"versionStartIncluding": "5.0.0.0"
},
{
"criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "34A916D0-0419-47B4-91D7-3E1E74233DEC",
"versionEndExcluding": "6.0.16.4",
"versionStartIncluding": "6.0.0.0"
},
{
"criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FE2C442C-B649-4BEE-A228-467597CCA5F7",
"versionEndExcluding": "6.1.8.4",
"versionStartIncluding": "6.1.0.0"
},
{
"criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2A22DE1A-87C0-42EE-85ED-368F168D4DAF",
"versionEndExcluding": "7.0.9.0",
"versionStartIncluding": "7.0.0.0"
},
{
"criteria": "cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A058B1EB-3B24-430C-A278-7ABF45262756",
"versionEndExcluding": "7.1.3.0",
"versionStartIncluding": "7.1.0.0"
}
],
"operator": "OR"
}
]
}
]