Vulnerability Details CVE-2015-2590
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2015-4732.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.682
EPSS Ranking 98.5%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 10.0
Proposed Action
An unspecified vulnerability exists within Oracle Java Runtime Environment that allows an attacker to perform remote code execution.
Ransomware Campaign
Unknown
References
- http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html
- http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html
- http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html
- http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html
- http://rhn.redhat.com/errata/RHSA-2015-1228.html
- http://rhn.redhat.com/errata/RHSA-2015-1229.html
- http://rhn.redhat.com/errata/RHSA-2015-1230.html
- http://rhn.redhat.com/errata/RHSA-2015-1241.html
- http://rhn.redhat.com/errata/RHSA-2015-1242.html
- http://rhn.redhat.com/errata/RHSA-2015-1243.html
- http://rhn.redhat.com/errata/RHSA-2015-1485.html
- http://rhn.redhat.com/errata/RHSA-2015-1486.html
- http://rhn.redhat.com/errata/RHSA-2015-1488.html
- http://rhn.redhat.com/errata/RHSA-2015-1526.html
- http://rhn.redhat.com/errata/RHSA-2015-1544.html
- http://rhn.redhat.com/errata/RHSA-2015-1604.html
- http://www.debian.org/security/2015/dsa-3316
- http://www.debian.org/security/2015/dsa-3339
- http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
- http://www.securityfocus.com/bid/75818
- http://www.securitytracker.com/id/1032910
- http://www.ubuntu.com/usn/USN-2696-1
- http://www.ubuntu.com/usn/USN-2706-1
- https://security.gentoo.org/glsa/201603-11
- https://security.gentoo.org/glsa/201603-14
- http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html
- http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html
- http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html
- http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html
- http://rhn.redhat.com/errata/RHSA-2015-1228.html
- http://rhn.redhat.com/errata/RHSA-2015-1229.html
- http://rhn.redhat.com/errata/RHSA-2015-1230.html
- http://rhn.redhat.com/errata/RHSA-2015-1241.html
- http://rhn.redhat.com/errata/RHSA-2015-1242.html
- http://rhn.redhat.com/errata/RHSA-2015-1243.html
- http://rhn.redhat.com/errata/RHSA-2015-1485.html
- http://rhn.redhat.com/errata/RHSA-2015-1486.html
- http://rhn.redhat.com/errata/RHSA-2015-1488.html
- http://rhn.redhat.com/errata/RHSA-2015-1526.html
- http://rhn.redhat.com/errata/RHSA-2015-1544.html
- http://rhn.redhat.com/errata/RHSA-2015-1604.html
- http://www.debian.org/security/2015/dsa-3316
- http://www.debian.org/security/2015/dsa-3339
- http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
- http://www.securityfocus.com/bid/75818
- http://www.securitytracker.com/id/1032910
- http://www.ubuntu.com/usn/USN-2696-1
- http://www.ubuntu.com/usn/USN-2706-1
- https://security.gentoo.org/glsa/201603-11
- https://security.gentoo.org/glsa/201603-14
Products affected by CVE-2015-2590
-
cpe:2.3:a:oracle:jdk:1.6.0
-
cpe:2.3:a:oracle:jdk:1.7.0
-
cpe:2.3:a:oracle:jdk:1.8.0
-
cpe:2.3:a:oracle:jre:1.6.0
-
cpe:2.3:a:oracle:jre:1.7.0
-
cpe:2.3:a:oracle:jre:1.8.0
-
cpe:2.3:a:redhat:satellite:5.6
-
cpe:2.3:a:redhat:satellite:5.7
-
cpe:2.3:a:suse:linux_enterprise_debuginfo:11
-
cpe:2.3:o:canonical:ubuntu_linux:12.04
-
cpe:2.3:o:canonical:ubuntu_linux:14.04
-
cpe:2.3:o:canonical:ubuntu_linux:15.04
-
cpe:2.3:o:debian:debian_linux:7.0
-
cpe:2.3:o:debian:debian_linux:8.0
-
cpe:2.3:o:opensuse:opensuse:13.1
-
cpe:2.3:o:opensuse:opensuse:13.2
-
cpe:2.3:o:redhat:enterprise_linux_desktop:5.0
-
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0
-
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0
-
cpe:2.3:o:redhat:enterprise_linux_eus:6.6
-
cpe:2.3:o:redhat:enterprise_linux_eus:6.7
-
cpe:2.3:o:redhat:enterprise_linux_eus:7.1
-
cpe:2.3:o:redhat:enterprise_linux_eus:7.2
-
cpe:2.3:o:redhat:enterprise_linux_eus:7.3
-
cpe:2.3:o:redhat:enterprise_linux_eus:7.4
-
cpe:2.3:o:redhat:enterprise_linux_eus:7.5
-
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.0_s390x
-
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:6.7_s390x
-
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.1_s390x
-
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.2_s390x
-
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.3_s390x
-
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.4_s390x
-
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:7.5_s390x
-
cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.0_ppc64
-
cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0_ppc64
-
cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:6.7_ppc64
-
cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.1_ppc64
-
cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.2_ppc64
-
cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.3_ppc64
-
cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.4_ppc64
-
cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.5_ppc64
-
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:7.0_ppc64le
-
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.1_ppc64le
-
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.2_ppc64le
-
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.3_ppc64le
-
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.4_ppc64le
-
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:7.5_ppc64le
-
cpe:2.3:o:redhat:enterprise_linux_server:5.0
-
cpe:2.3:o:redhat:enterprise_linux_server:6.0
-
cpe:2.3:o:redhat:enterprise_linux_server:7.0
-
cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6
-
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3
-
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4
-
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6
-
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7
-
cpe:2.3:o:redhat:enterprise_linux_server_tus:6.6
-
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3
-
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6
-
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7
-
cpe:2.3:o:redhat:enterprise_linux_workstation:5.0
-
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0
-
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0
-
cpe:2.3:o:suse:linux_enterprise_desktop:11
-
cpe:2.3:o:suse:linux_enterprise_desktop:12
-
cpe:2.3:o:suse:linux_enterprise_server:12