Vulnerability Details CVE-2015-1931
IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR1 FP10, 7 R1 before SR3 FP10, 7 before SR9 FP10, 6 R1 before SR8 FP7, 6 before SR16 FP7, and 5.0 before SR16 FP13 stores plaintext information in memory dumps, which allows local users to obtain sensitive information by reading a file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 12.6%
CVSS Severity
CVSS v3 Score 5.5
References
- http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00051.html
- http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00014.html
- http://rhn.redhat.com/errata/RHSA-2015-1485.html
- http://rhn.redhat.com/errata/RHSA-2015-1486.html
- http://rhn.redhat.com/errata/RHSA-2015-1488.html
- http://rhn.redhat.com/errata/RHSA-2015-1544.html
- http://rhn.redhat.com/errata/RHSA-2015-1604.html
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV75182
- http://www-01.ibm.com/support/docview.wss?uid=swg21962302
- http://www.securityfocus.com/bid/75985
- http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00051.html
- http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00014.html
- http://rhn.redhat.com/errata/RHSA-2015-1485.html
- http://rhn.redhat.com/errata/RHSA-2015-1486.html
- http://rhn.redhat.com/errata/RHSA-2015-1488.html
- http://rhn.redhat.com/errata/RHSA-2015-1544.html
- http://rhn.redhat.com/errata/RHSA-2015-1604.html
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV75182
- http://www-01.ibm.com/support/docview.wss?uid=swg21962302
- http://www.securityfocus.com/bid/75985
Products affected by CVE-2015-1931
-
cpe:2.3:a:ibm:java_sdk:5.0.0.0
-
cpe:2.3:a:ibm:java_sdk:5.0.11.0
-
cpe:2.3:a:ibm:java_sdk:5.0.11.1
-
cpe:2.3:a:ibm:java_sdk:5.0.11.2
-
cpe:2.3:a:ibm:java_sdk:5.0.12.0
-
cpe:2.3:a:ibm:java_sdk:5.0.12.1
-
cpe:2.3:a:ibm:java_sdk:5.0.12.2
-
cpe:2.3:a:ibm:java_sdk:5.0.12.3
-
cpe:2.3:a:ibm:java_sdk:5.0.12.4
-
cpe:2.3:a:ibm:java_sdk:5.0.12.5
-
cpe:2.3:a:ibm:java_sdk:5.0.13.0
-
cpe:2.3:a:ibm:java_sdk:5.0.14.0
-
cpe:2.3:a:ibm:java_sdk:5.0.15.0
-
cpe:2.3:a:ibm:java_sdk:5.0.16.0
-
cpe:2.3:a:ibm:java_sdk:5.0.16.1
-
cpe:2.3:a:ibm:java_sdk:5.0.16.11
-
cpe:2.3:a:ibm:java_sdk:5.0.16.2
-
cpe:2.3:a:ibm:java_sdk:5.0.16.3
-
cpe:2.3:a:ibm:java_sdk:5.0.16.4
-
cpe:2.3:a:ibm:java_sdk:5.0.16.5
-
cpe:2.3:a:ibm:java_sdk:5.0.16.6
-
cpe:2.3:a:ibm:java_sdk:5.0.16.8
-
cpe:2.3:a:ibm:java_sdk:6.0.0.0
-
cpe:2.3:a:ibm:java_sdk:6.0.1.0
-
cpe:2.3:a:ibm:java_sdk:6.0.1.8.15
-
cpe:2.3:a:ibm:java_sdk:6.0.10.0
-
cpe:2.3:a:ibm:java_sdk:6.0.10.1
-
cpe:2.3:a:ibm:java_sdk:6.0.11.0
-
cpe:2.3:a:ibm:java_sdk:6.0.12.0
-
cpe:2.3:a:ibm:java_sdk:6.0.13.0
-
cpe:2.3:a:ibm:java_sdk:6.0.13.1
-
cpe:2.3:a:ibm:java_sdk:6.0.13.2
-
cpe:2.3:a:ibm:java_sdk:6.0.14.0
-
cpe:2.3:a:ibm:java_sdk:6.0.15.0
-
cpe:2.3:a:ibm:java_sdk:6.0.15.1
-
cpe:2.3:a:ibm:java_sdk:6.0.15.21
-
cpe:2.3:a:ibm:java_sdk:6.0.16.0
-
cpe:2.3:a:ibm:java_sdk:6.0.16.3
-
cpe:2.3:a:ibm:java_sdk:6.0.2.0
-
cpe:2.3:a:ibm:java_sdk:6.0.3.0
-
cpe:2.3:a:ibm:java_sdk:6.0.4.0
-
cpe:2.3:a:ibm:java_sdk:6.0.5.0
-
cpe:2.3:a:ibm:java_sdk:6.0.6.0
-
cpe:2.3:a:ibm:java_sdk:6.0.7.0
-
cpe:2.3:a:ibm:java_sdk:6.0.8.0
-
cpe:2.3:a:ibm:java_sdk:6.0.8.1
-
cpe:2.3:a:ibm:java_sdk:6.0.9.0
-
cpe:2.3:a:ibm:java_sdk:6.0.9.1
-
cpe:2.3:a:ibm:java_sdk:6.0.9.2
-
cpe:2.3:a:ibm:java_sdk:6.1.0.0
-
cpe:2.3:a:ibm:java_sdk:6.1.8.2
-
cpe:2.3:a:ibm:java_sdk:7.0.0.0
-
cpe:2.3:a:ibm:java_sdk:7.0.1.0
-
cpe:2.3:a:ibm:java_sdk:7.0.2.0
-
cpe:2.3:a:ibm:java_sdk:7.0.3.0
-
cpe:2.3:a:ibm:java_sdk:7.0.4.0
-
cpe:2.3:a:ibm:java_sdk:7.0.4.1
-
cpe:2.3:a:ibm:java_sdk:7.0.4.2
-
cpe:2.3:a:ibm:java_sdk:7.0.5.0
-
cpe:2.3:a:ibm:java_sdk:7.0.6.0
-
cpe:2.3:a:ibm:java_sdk:7.0.6.1
-
cpe:2.3:a:ibm:java_sdk:7.0.7.0
-
cpe:2.3:a:ibm:java_sdk:7.0.8.10
-
cpe:2.3:a:ibm:java_sdk:7.1.0.0
-
cpe:2.3:a:ibm:java_sdk:7.1.1.0
-
cpe:2.3:a:ibm:java_sdk:7.1.2.10
-
cpe:2.3:a:ibm:java_sdk:8.0.0.0
-
cpe:2.3:a:redhat:satellite:5.6
-
cpe:2.3:a:redhat:satellite:5.7
-
cpe:2.3:o:redhat:enterprise_linux_desktop:5.0
-
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0
-
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0
-
cpe:2.3:o:redhat:enterprise_linux_eus:6.7
-
cpe:2.3:o:redhat:enterprise_linux_eus:7.1
-
cpe:2.3:o:redhat:enterprise_linux_eus:7.2
-
cpe:2.3:o:redhat:enterprise_linux_eus:7.3
-
cpe:2.3:o:redhat:enterprise_linux_eus:7.4
-
cpe:2.3:o:redhat:enterprise_linux_eus:7.5
-
cpe:2.3:o:redhat:enterprise_linux_server:5.0
-
cpe:2.3:o:redhat:enterprise_linux_server:6.0
-
cpe:2.3:o:redhat:enterprise_linux_server:7.0
-
cpe:2.3:o:redhat:enterprise_linux_workstation:5.0
-
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0
-
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0
-
cpe:2.3:o:suse:linux_enterprise_server:11
-
cpe:2.3:o:suse:linux_enterprise_software_development_kit:11