Vulnerability Details CVE-2015-1914
IBM Java 7 R1 before SR3, 7 before SR9, 6 R1 before SR8 FP4, 6 before SR16 FP4, and 5.0 before SR16 FP10 allows remote attackers to bypass "permission checks" and obtain sensitive information via vectors related to the Java Virtual Machine.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 48.2%
CVSS Severity
CVSS v2 Score 5.0
References
- http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html
- http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html
- http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html
- http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html
- http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html
- http://rhn.redhat.com/errata/RHSA-2015-1006.html
- http://rhn.redhat.com/errata/RHSA-2015-1007.html
- http://rhn.redhat.com/errata/RHSA-2015-1020.html
- http://rhn.redhat.com/errata/RHSA-2015-1021.html
- http://rhn.redhat.com/errata/RHSA-2015-1091.html
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV72245
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV72246
- http://www-01.ibm.com/support/docview.wss?uid=swg21883640
- http://www.securityfocus.com/bid/74645
- http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html
- http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html
- http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html
- http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html
- http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html
- http://rhn.redhat.com/errata/RHSA-2015-1006.html
- http://rhn.redhat.com/errata/RHSA-2015-1007.html
- http://rhn.redhat.com/errata/RHSA-2015-1020.html
- http://rhn.redhat.com/errata/RHSA-2015-1021.html
- http://rhn.redhat.com/errata/RHSA-2015-1091.html
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV72245
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV72246
- http://www-01.ibm.com/support/docview.wss?uid=swg21883640
- http://www.securityfocus.com/bid/74645
Products affected by CVE-2015-1914
-
cpe:2.3:a:ibm:java:5.0.0.0
-
cpe:2.3:a:ibm:java:5.0.11.0
-
cpe:2.3:a:ibm:java:5.0.11.1
-
cpe:2.3:a:ibm:java:5.0.11.2
-
cpe:2.3:a:ibm:java:5.0.12.0
-
cpe:2.3:a:ibm:java:5.0.12.1
-
cpe:2.3:a:ibm:java:5.0.12.2
-
cpe:2.3:a:ibm:java:5.0.12.3
-
cpe:2.3:a:ibm:java:5.0.12.4
-
cpe:2.3:a:ibm:java:5.0.12.5
-
cpe:2.3:a:ibm:java:5.0.13.0
-
cpe:2.3:a:ibm:java:5.0.14.0
-
cpe:2.3:a:ibm:java:5.0.15.0
-
cpe:2.3:a:ibm:java:5.0.16
-
cpe:2.3:a:ibm:java:5.0.16.0
-
cpe:2.3:a:ibm:java:5.0.16.1
-
cpe:2.3:a:ibm:java:5.0.16.2
-
cpe:2.3:a:ibm:java:5.0.16.3
-
cpe:2.3:a:ibm:java:6.0.0.0
-
cpe:2.3:a:ibm:java:6.0.1.0
-
cpe:2.3:a:ibm:java:6.0.10.0
-
cpe:2.3:a:ibm:java:6.0.10.1
-
cpe:2.3:a:ibm:java:6.0.11.0
-
cpe:2.3:a:ibm:java:6.0.12.0
-
cpe:2.3:a:ibm:java:6.0.13.0
-
cpe:2.3:a:ibm:java:6.0.13.1
-
cpe:2.3:a:ibm:java:6.0.13.2
-
cpe:2.3:a:ibm:java:6.0.14.0
-
cpe:2.3:a:ibm:java:6.0.16
-
cpe:2.3:a:ibm:java:6.0.2.0
-
cpe:2.3:a:ibm:java:6.0.3.0
-
cpe:2.3:a:ibm:java:6.0.4.0
-
cpe:2.3:a:ibm:java:6.0.5.0
-
cpe:2.3:a:ibm:java:6.0.6.0
-
cpe:2.3:a:ibm:java:6.0.7.0
-
cpe:2.3:a:ibm:java:6.0.8.0
-
cpe:2.3:a:ibm:java:6.0.8.1
-
cpe:2.3:a:ibm:java:6.0.9.0
-
cpe:2.3:a:ibm:java:6.0.9.1
-
cpe:2.3:a:ibm:java:6.0.9.2
-
cpe:2.3:a:ibm:java:6.1.0.0
-
cpe:2.3:a:ibm:java:6.1.8
-
cpe:2.3:a:ibm:java:7.0.0.0
-
cpe:2.3:a:ibm:java:7.0.1.0
-
cpe:2.3:a:ibm:java:7.0.2.0
-
cpe:2.3:a:ibm:java:7.0.3.0
-
cpe:2.3:a:ibm:java:7.0.4.0
-
cpe:2.3:a:ibm:java:7.0.4.1
-
cpe:2.3:a:ibm:java:7.0.4.2
-
cpe:2.3:a:ibm:java:7.0.5.0
-
cpe:2.3:a:ibm:java:7.0.9
-
cpe:2.3:a:ibm:java:7.1.0.0
-
cpe:2.3:a:ibm:java:7.1.2
-
cpe:2.3:a:ibm:java:7.1.2.11