PT-2015-2502 · Oracle+5 · Oracle Java Se+6

Publicado

2015-10-21

·

Atualizado

2024-06-15

·

CVE-2015-4871

CVSS v2.0

5.8

Média

VetorAV:N/AC:M/Au:N/C:P/I:P/A:N
Name of the Vulnerable Software and Affected Versions Oracle Java SE version 7u85
Description The issue affects the confidentiality and integrity of the system, allowing remote attackers to exploit it through unknown vectors related to Libraries. This vulnerability is associated with errors in the code of the Libraries subcomponent of the Java Platform. Exploitation of this issue may enable a remote attacker to modify data using a Java Web Start application or a Java applet.
Recommendations For Oracle Java SE version 7u85, update to a version that contains a fix for this issue to prevent exploitation. As a temporary workaround, consider restricting the use of Java Web Start applications and Java applets to minimize the risk of exploitation.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-17

Identificadores relacionados

BDU:2015-11867
CESA-2016_0053
CESA-2016_0054
CVE-2015-4871
DSA-3381-1
DSA-3381-2
DSA-3401-1
OPENSUSE-SU-2016_0268-1
OPENSUSE-SU-2016_0272-1
OPENSUSE-SU-2016_0279-1
OPENSUSE-SU-2024:10534-1
RHSA-2015:1927
RHSA-2015:2506
RHSA-2015:2507
RHSA-2015:2509
RHSA-2015_1927
RHSA-2015_2506
RHSA-2015_2509
RHSA-2016:0053
RHSA-2016:0054
RHSA-2016:1430
RHSA-2016_0053
RHSA-2016_0054
SUSE-SU-2015:2166-1
SUSE-SU-2015:2168-1
SUSE-SU-2015:2168-2
SUSE-SU-2015:2182-1
SUSE-SU-2015:2192-1
SUSE-SU-2015:2216-1
SUSE-SU-2015:2268-1
SUSE-SU-2016:0265-1
SUSE-SU-2016:0269-1
SUSE-SU-2016_0265-1
SUSE-SU-2016_0269-1
USN-2818-1

Produtos afetados

Centos
Ibm Aix
Java Platform
Oracle Java Se
Red Hat
Suse
Ubuntu