PT-2015-1267 · Oracle+6 · Java Se+7

Published

2015-01-20

Updated

2024-06-15

CVE-2015-0408

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Java SE versions 5.0u75, 6u85, 7u72, and 8u25

Description The issue allows a remote attacker to compromise confidentiality, integrity, and availability using vectors related to the Remote Method Invocation (RMI) interface.

Recommendations For Java SE version 5.0u75, update to a version that is not affected by this issue. For Java SE version 6u85, update to a version that is not affected by this issue. For Java SE version 7u72, update to a version that is not affected by this issue. For Java SE version 8u25, update to a version that is not affected by this issue. As a temporary workaround, consider restricting access to the RMI interface until a patch is available.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-17

Related Identifiers

BDU:2015-10291

CESA-2015_0067

CESA-2015_0069

CESA-2015_0085

CVE-2015-0408

DLA-157-1

DSA-3144-1

DSA-3147-1

HPSBUX03273

HPSBUX03281

MGASA-2015-0037

OPENSUSE-SU-2015_0190-1

OPENSUSE-SU-2024:10534-1

RHSA-2015:0067

RHSA-2015:0068

RHSA-2015:0069

RHSA-2015:0079

RHSA-2015:0080

RHSA-2015:0085

RHSA-2015:0086

RHSA-2015:0133

RHSA-2015:0134

RHSA-2015:0135

RHSA-2015:0136

RHSA-2015:0263

RHSA-2015:0264

RHSA-2015_0067

RHSA-2015_0068

RHSA-2015_0069

RHSA-2015_0079

RHSA-2015_0080

RHSA-2015_0085

RHSA-2015_0086

RHSA-2015_0133

RHSA-2015_0135

RHSA-2015_0136

SUSE-SU-2015:0503-1

USN-2486-1

USN-2487-1

Affected Products

Centos

Hp-Ux

Ibm Aix

Java Platform

Java Se

Red Hat

Suse

Ubuntu

PT-2015-1267 · Oracle+6 · Java Se+7

CVE-2015-0408

Weakness Enumeration

Related Identifiers

Affected Products

References · 473