PT-2015-2529 · Oracle+5 · Java Se Embedded+7

Published

2015-10-21

·

Updated

2024-06-15

·

CVE-2015-4840

CVSS v2.0

5.0

Medium

VectorAV:N/AC:L/Au:N/C:P/I:N/A:N
Name of the Vulnerable Software and Affected Versions Oracle Java SE versions 7u85 through 8u60 Java SE Embedded version 8u51
Description The issue is related to errors in the code of the 2D subcomponent of the Java Platform. It allows remote attackers to affect confidentiality via unknown vectors related to 2D, potentially enabling them to read protected information using a Java Web Start application or Java applet.
Recommendations For Oracle Java SE versions 7u85 through 8u60, update to a version that fixes the issue. For Java SE Embedded version 8u51, update to a version that fixes the issue. As a temporary workaround, consider restricting the use of Java Web Start applications and Java applets until a patch is available.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-17

Related Identifiers

BDU:2015-11894
CESA-2015_1919
CESA-2015_1920
CVE-2015-4840
DSA-3381-1
DSA-3381-2
MGASA-2015-0412
OPENSUSE-SU-2015_1902-1
OPENSUSE-SU-2015_1905-1
OPENSUSE-SU-2015_1906-1
OPENSUSE-SU-2015_1971-1
OPENSUSE-SU-2016_0270-1
OPENSUSE-SU-2024:10197-1
OPENSUSE-SU-2024:10534-1
RHSA-2015:1919
RHSA-2015:1920
RHSA-2015:1921
RHSA-2015:1926
RHSA-2015:1927
RHSA-2015:2506
RHSA-2015:2507
RHSA-2015:2509
RHSA-2015_1919
RHSA-2015_1920
RHSA-2015_1921
RHSA-2015_1926
RHSA-2015_1927
RHSA-2015_2506
RHSA-2015_2509
RHSA-2016:1430
SUSE-SU-2015:1874-1
SUSE-SU-2015:1874-2
SUSE-SU-2015:1875-1
SUSE-SU-2015:1875-2
SUSE-SU-2015:2166-1
SUSE-SU-2015:2168-1
SUSE-SU-2015:2168-2
SUSE-SU-2015:2182-1
SUSE-SU-2015:2192-1
SUSE-SU-2015:2216-1
SUSE-SU-2015:2268-1
USN-2784-1

Affected Products

Centos
Ibm Aix
Java Platform
Java Se
Java Se Embedded
Red Hat
Suse
Ubuntu