PT-2015-1476 · Oracle+3 · Java Se Embedded+6

Published

2015-07-16

Updated

2024-06-15

CVE-2015-2638

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 6u95, 7u80, and 8u45 JavaFX version 2.2.80 Java SE Embedded versions 7u75 and 8u33

Description The issue is related to errors in the code of the Java Platform, allowing remote attackers to affect confidentiality, integrity, and availability. The vulnerability can be exploited by a remote attacker to compromise the security of the system. The exact vectors related to 2D are unknown.

Recommendations For Oracle Java SE versions 6u95, 7u80, and 8u45, update to a version that contains a fix for this issue. For JavaFX version 2.2.80, update to a version that contains a fix for this issue. For Java SE Embedded versions 7u75 and 8u33, update to a version that contains a fix for this issue. As a temporary workaround, consider restricting access to the 2D functionality until a patch is available.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-17

Related Identifiers

BDU:2015-10665

CVE-2015-2638

OPENSUSE-SU-2015_1288-1

OPENSUSE-SU-2015_1289-1

OPENSUSE-SU-2024:10197-1

RHSA-2015:1241

RHSA-2015:1242

RHSA-2015:1243

RHSA-2015:1485

RHSA-2015:1486

RHSA-2015:1488

RHSA-2015:1544

RHSA-2015:1604

RHSA-2015_1241

RHSA-2015_1242

RHSA-2015_1243

RHSA-2015_1485

RHSA-2015_1486

RHSA-2015_1544

SUSE-SU-2015:1319-1

SUSE-SU-2015:1320-1

SUSE-SU-2015:1329-1

SUSE-SU-2015:1331-1

SUSE-SU-2015:1345-1

SUSE-SU-2015:1375-1

SUSE-SU-2015:1509-1

Affected Products

Ibm Aix

Java Platform

Java Se

Java Se Embedded

Javafx

Red Hat

Suse

PT-2015-1476 · Oracle+3 · Java Se Embedded+6

CVE-2015-2638

Weakness Enumeration

Related Identifiers

Affected Products

References · 208