PT-2015-2476 · Oracle+5 · Java Se Embedded+7
Publicado
2015-10-21
·
Atualizado
2024-06-15
·
CVE-2015-4903
CVSS v2.0
5.0
Média
| Vetor | AV:N/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Oracle Java SE versions 6u101 through 8u60
Java SE Embedded version 8u51
Description
The issue allows remote attackers to affect confidentiality through vectors related to RMI. It is related to errors in the code of the Java Platform, which can be exploited by a remote attacker to gain read access to protected information using a Java Web Start application or a Java applet.
Recommendations
For Oracle Java SE versions 6u101 through 8u60, update to a version that contains a fix for this issue.
For Java SE Embedded version 8u51, update to a version that contains a fix for this issue.
As a temporary workaround, consider restricting access to RMI-related components until a patch is available.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Centos
Ibm Aix
Java Platform
Java Se
Java Se Embedded
Red Hat
Suse
Ubuntu