PT-2015-2551 · Oracle+3 · Java Se+4

Publicado

2015-10-21

Atualizado

2024-06-15

CVE-2015-4810

CVSS v2.0

6.9

Média

Vetor

AV:L/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 7u85 through 8u60

Description The issue is related to errors in the code of the Deployment subcomponent of the Java Platform. It may allow a local attacker to execute arbitrary code using a Java Web Start application or a Java applet, potentially affecting confidentiality, integrity, and availability. Additionally, it could enable an attacker with physical access to the system to obtain sensitive information from the Kerberos Credential Cache.

Recommendations For Oracle Java SE version 7u85, update to a version that includes the fix for this issue. For Oracle Java SE version 8u60, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting the use of Java Web Start applications and Java applets until a patch is available.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-17

Identificadores relacionados

BDU:2015-11916

CVE-2015-4810

OPENSUSE-SU-2015_1905-1

OPENSUSE-SU-2016_0270-1

OPENSUSE-SU-2024:10197-1

RHSA-2015:1926

RHSA-2015:1927

RHSA-2015:2506

RHSA-2015:2507

RHSA-2015:2509

RHSA-2015_1926

RHSA-2015_1927

RHSA-2015_2506

RHSA-2015_2509

RHSA-2016:1430

SUSE-SU-2015:2166-1

SUSE-SU-2015:2168-1

SUSE-SU-2015:2168-2

SUSE-SU-2015:2182-1

SUSE-SU-2015:2192-1

SUSE-SU-2015:2216-1

SUSE-SU-2015:2268-1

Produtos afetados

Ibm Aix

Java Platform

Java Se

Red Hat

Suse

PT-2015-2551 · Oracle+3 · Java Se+4

CVE-2015-4810

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 240