Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.3
CVSSv2

CVE-2015-0437

Published: 21/01/2015 Updated: 13/05/2022
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
VMScore: 828
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Subscribe to Oracle

Vulnerability Summary

Unspecified vulnerability in Oracle Java SE 8u25 allows remote malicious users to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.

Vulnerable Product Search on Vulmon Subscribe to Product

oracle jdk 1.8.0

oracle jre 1.8.0

novell suse linux enterprise desktop 11.0

Vendor Advisories

Red Hat: Important: java-1.8.0-openjdk security update
Synopsis Important: java-180-openjdk security update Type/Severity Security Advisory: Important Topic Updated java-180-openjdk packages that fix multiple security issues arenow available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having Important securityimpact Com ...
Red Hat: Critical: java-1.8.0-oracle security update
Synopsis Critical: java-180-oracle security update Type/Severity Security Advisory: Critical Topic Updated java-180-oracle packages that fix several security issues are nowavailable for Oracle Java for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having Critical securityi ...
Amazon Linux AMI: ALAS-2015-472
Multiple flaws were found in the way the Hotspot component in OpenJDK verified bytecode from the class files, and in the way this component generated code for bytecode An untrusted Java application or applet could possibly use these flaws to bypass Java sandbox restrictions (CVE-2014-6601, CVE-2015-0437) Multiple improper permission check issues ...
Red Hat: CVE-2015-0437
A flaw was found in the way the Hotspot component in OpenJDK in the way this component generated code for bytecode An untrusted Java application or applet could possibly use this flaw to bypass Java sandbox restrictions ...

References

NVD-CWE-noinfohttp://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.htmlhttp://www.securitytracker.com/id/1031580http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.htmlhttp://rhn.redhat.com/errata/RHSA-2015-0080.htmlhttps://security.gentoo.org/glsa/201603-11http://www.securityfocus.com/bid/72146https://exchange.xforce.ibmcloud.com/vulnerabilities/100144https://access.redhat.com/errata/RHSA-2015:0069https://nvd.nist.govhttps://access.redhat.com/security/cve/cve-2015-0437https://alas.aws.amazon.com/ALAS-2015-472.html
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761command injectionCVE-2024-3676IDORCVE-2024-30039CVE-2024-32113CVE-2024-30049CVE-2024-4776SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook