PT-2015-2502 · Oracle+5 · Oracle Java Se+6

Published

2015-10-21

·

Updated

2024-06-15

·

CVE-2015-4871

CVSS v2.0

5.8

Medium

VectorAV:N/AC:M/Au:N/C:P/I:P/A:N
Name of the Vulnerable Software and Affected Versions Oracle Java SE version 7u85
Description The issue affects the confidentiality and integrity of the system, allowing remote attackers to exploit it through unknown vectors related to Libraries. This vulnerability is associated with errors in the code of the Libraries subcomponent of the Java Platform. Exploitation of this issue may enable a remote attacker to modify data using a Java Web Start application or a Java applet.
Recommendations For Oracle Java SE version 7u85, update to a version that contains a fix for this issue to prevent exploitation. As a temporary workaround, consider restricting the use of Java Web Start applications and Java applets to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-17

Related Identifiers

BDU:2015-11867
CESA-2016_0053
CESA-2016_0054
CVE-2015-4871
DSA-3381-1
DSA-3381-2
DSA-3401-1
OPENSUSE-SU-2016_0268-1
OPENSUSE-SU-2016_0272-1
OPENSUSE-SU-2016_0279-1
OPENSUSE-SU-2024:10534-1
RHSA-2015:1927
RHSA-2015:2506
RHSA-2015:2507
RHSA-2015:2509
RHSA-2015_1927
RHSA-2015_2506
RHSA-2015_2509
RHSA-2016:0053
RHSA-2016:0054
RHSA-2016:1430
RHSA-2016_0053
RHSA-2016_0054
SUSE-SU-2015:2166-1
SUSE-SU-2015:2168-1
SUSE-SU-2015:2168-2
SUSE-SU-2015:2182-1
SUSE-SU-2015:2192-1
SUSE-SU-2015:2216-1
SUSE-SU-2015:2268-1
SUSE-SU-2016:0265-1
SUSE-SU-2016:0269-1
SUSE-SU-2016_0265-1
SUSE-SU-2016_0269-1
USN-2818-1

Affected Products

Centos
Ibm Aix
Java Platform
Oracle Java Se
Red Hat
Suse
Ubuntu