- Description
- Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA, a different vulnerability than CVE-2015-4835.
- Source
- secalert_us@oracle.com
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 10
- Impact score
- 10
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:C/I:C/A:C
- Hype score
- Not currently trending
- Comment
- Per <a href="http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html">LINK</a>: Applies to client deployment of Java only. This vulnerability can be exploited only through sandboxed Java Web Start applications and sandboxed Java applets.
- Impact
- -
- Solution
- -
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update101:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3CB2A0A4-F70C-4161-9504-781E49925180"
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update85:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8D5A88F0-6F37-402F-8153-92B4D4083313"
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update51:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E5D9CEF0-6DE9-4886-91B9-3AEDD6E5A24E"
},
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update60:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5AB1B679-623A-4ADE-B235-A35EFCA0CC9F"
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.6.0:update_101:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9907A48A-6F6A-47C9-86AD-0834E1CB30E7"
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update_85:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "63A5916F-9EDC-48E3-A3D3-9BF98CD5BC63"
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update_51:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4B7E7C40-2A96-45AC-BBB6-1E6C07A466A3"
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update_60:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "15C71821-E1E2-4083-92FF-C0FE10443556"
}
],
"operator": "OR"
}
]
}
]