Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2015-0477

Published: 16/04/2015 Updated: 13/05/2022
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Subscribe to Jdk

Vulnerability Summary

Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote malicious users to affect integrity via unknown vectors related to Beans.

Vulnerable Product Search on Vulmon Subscribe to Product

oracle jdk 1.8.0

oracle jdk 1.5.0

oracle jdk 1.6.0

oracle jdk 1.7.0

oracle jre 1.5.0

oracle jre 1.6.0

oracle jre 1.7.0

oracle jre 1.8.0

Vendor Advisories

Ubuntu Security Notice: openjdk-7 vulnerabilities
Several security issues were fixed in OpenJDK 7 ...
Ubuntu Security Notice: openjdk-6 vulnerabilities
Several security issues were fixed in OpenJDK 6 ...
Debian Security Advisories: DSA-3234-1 openjdk-6 -- security update
Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, breakouts of the Java sandbox, information disclosure or denial of service For the stable distribution (wheezy), these problems have been fixed in version 6b35-1137-1~deb7u1 We recommend that you ...
Debian Security Advisories: DSA-3235-1 openjdk-7 -- security update
Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, breakouts of the Java sandbox, information disclosure or denial of service For the stable distribution (wheezy), these problems have been fixed in version 7u79-255-1~deb7u1 For the upcoming stable ...
Debian Security Advisories: DSA-3316-1 openjdk-7 -- security update
Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, breakouts of the Java sandbox, information disclosure, denial of service or insecure cryptography For the oldstable distribution (wheezy), these problems have been fixed in version 7u79-256-1~deb7u ...
Red Hat: CVE-2015-0477
A flaw was discovered in the Beans component in OpenJDK An untrusted Java application or applet could use these flaws to bypass certain Java sandbox restrictions ...
Amazon Linux AMI: ALAS-2015-515
An off-by-one flaw, leading to a buffer overflow, was found in the font parsing code in the 2D component in OpenJDK A specially crafted font file could possibly cause the Java Virtual Machine to execute arbitrary code, allowing an untrusted Java application or applet to bypass Java sandbox restrictions (CVE-2015-0469) A flaw was found in the way ...
Amazon Linux AMI: ALAS-2015-516
An off-by-one flaw, leading to a buffer overflow, was found in the font parsing code in the 2D component in OpenJDK A specially crafted font file could possibly cause the Java Virtual Machine to execute arbitrary code, allowing an untrusted Java application or applet to bypass Java sandbox restrictions (CVE-2015-0469) A flaw was found in the way ...
Amazon Linux AMI: ALAS-2015-517
An off-by-one flaw, leading to a buffer overflow, was found in the font parsing code in the 2D component in OpenJDK A specially crafted font file could possibly cause the Java Virtual Machine to execute arbitrary code, allowing an untrusted Java application or applet to bypass Java sandbox restrictions (CVE-2015-0469) A flaw was found in the way ...

References

NVD-CWE-noinfohttp://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.htmlhttp://rhn.redhat.com/errata/RHSA-2015-0807.htmlhttp://rhn.redhat.com/errata/RHSA-2015-0809.htmlhttp://rhn.redhat.com/errata/RHSA-2015-0808.htmlhttp://rhn.redhat.com/errata/RHSA-2015-0806.htmlhttp://www.debian.org/security/2015/dsa-3234http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00018.htmlhttp://www.mandriva.com/security/advisories?name=MDVSA-2015:212http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00017.htmlhttp://advisories.mageia.org/MGASA-2015-0158.htmlhttp://www.debian.org/security/2015/dsa-3235http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00002.htmlhttp://www-01.ibm.com/support/docview.wss?uid=swg21883640https://security.gentoo.org/glsa/201603-11http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.htmlhttp://rhn.redhat.com/errata/RHSA-2015-1091.htmlhttp://rhn.redhat.com/errata/RHSA-2015-1021.htmlhttp://rhn.redhat.com/errata/RHSA-2015-1020.htmlhttp://rhn.redhat.com/errata/RHSA-2015-1007.htmlhttp://rhn.redhat.com/errata/RHSA-2015-1006.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.htmlhttp://www.ubuntu.com/usn/USN-2574-1http://www.ubuntu.com/usn/USN-2573-1http://www.securitytracker.com/id/1032120http://www.securityfocus.com/bid/74119http://rhn.redhat.com/errata/RHSA-2015-0858.htmlhttp://rhn.redhat.com/errata/RHSA-2015-0857.htmlhttp://rhn.redhat.com/errata/RHSA-2015-0854.htmlhttp://www.debian.org/security/2015/dsa-3316https://usn.ubuntu.com/2574-1/https://nvd.nist.govhttps://access.redhat.com/security/cve/cve-2015-0477
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675CVE-2024-3400CVE-2024-23557mass assignmentCVE-2023-1389local file inclusionCVE-2024-32596file uploadCVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook