PT-2015-2493 · Oracle+4 · Java Se Embedded+6

Publicado

2015-10-21

·

Atualizado

2024-06-15

·

CVE-2015-4881

CVSS v2.0

10

Alta

VetorAV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 6u101, 7u85, and 8u60 Oracle Java SE Embedded version 8u51
Description The issue is related to errors in the CORBA subcomponent code of the Java Platform. It may allow a remote attacker to execute arbitrary code using a Java Web Start application or a Java applet. The vulnerability can affect confidentiality, integrity, and availability via vectors related to CORBA.
Recommendations For Oracle Java SE versions 6u101, 7u85, and 8u60, update to a version that includes the fix for this issue. For Oracle Java SE Embedded version 8u51, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting the use of Java Web Start applications and Java applets until a patch is available.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-17

Identificadores relacionados

BDU:2015-11858
CESA-2015_1919
CESA-2015_1920
CESA-2015_2086
CVE-2015-4881
DLA-346-1
DSA-3381-1
DSA-3381-2
DSA-3465-1
MGASA-2015-0412
OPENSUSE-SU-2015_1902-1
OPENSUSE-SU-2015_1905-1
OPENSUSE-SU-2015_1906-1
OPENSUSE-SU-2015_1971-1
OPENSUSE-SU-2016_0270-1
OPENSUSE-SU-2024:10197-1
OPENSUSE-SU-2024:10534-1
RHSA-2015:1919
RHSA-2015:1920
RHSA-2015:1921
RHSA-2015:1926
RHSA-2015:1927
RHSA-2015:1928
RHSA-2015:2086
RHSA-2015_1919
RHSA-2015_1920
RHSA-2015_1921
RHSA-2015_1926
RHSA-2015_1927
RHSA-2015_1928
RHSA-2015_2086
SUSE-SU-2015:1874-1
SUSE-SU-2015:1874-2
SUSE-SU-2015:1875-1
SUSE-SU-2015:1875-2
USN-2784-1
USN-2827-1

Produtos afetados

Centos
Java Platform
Java Se
Java Se Embedded
Red Hat
Suse
Ubuntu