Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.6
CVSSv2

CVE-2015-4748

Published: 16/07/2015 Updated: 13/05/2022
CVSS v2 Base Score: 7.6 | Impact Score: 10 | Exploitability Score: 4.9
VMScore: 676
Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C
Subscribe to Oracle

Vulnerability Summary

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and Embedded 8u33 allows remote malicious users to affect confidentiality, integrity, and availability via unknown vectors related to Security.

Vulnerable Product Search on Vulmon Subscribe to Product

oracle jrockit r28.3.6

oracle jdk 1.8.0

oracle jre 1.7.0

oracle jre 1.6.0

oracle jre 1.8.0

oracle jdk 1.7.0

oracle jdk 1.6.0

Vendor Advisories

Ubuntu Security Notice: openjdk-6 vulnerabilities
Several security issues were fixed in OpenJDK 6 ...
Ubuntu Security Notice: openjdk-7 vulnerabilities
Several security issues were fixed in OpenJDK 7 ...
Debian Security Advisories: DSA-3339-1 openjdk-6 -- security update
Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, breakouts of the Java sandbox, information disclosure, denial of service or insecure cryptography For the oldstable distribution (wheezy), these problems have been fixed in version 6b36-1138-1~deb7 ...
Debian Security Advisories: DSA-3316-1 openjdk-7 -- security update
Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, breakouts of the Java sandbox, information disclosure, denial of service or insecure cryptography For the oldstable distribution (wheezy), these problems have been fixed in version 7u79-256-1~deb7u ...
Red Hat: CVE-2015-4748
A flaw was found in the way the Libraries component of OpenJDK verified Online Certificate Status Protocol (OCSP) responses An OCSP response with no nextUpdate date specified was incorrectly handled as having unlimited validity, possibly causing a revoked X509 certificate to be interpreted as valid ...
Amazon Linux AMI: ALAS-2015-570
Multiple flaws were discovered in the 2D, CORBA, JMX, Libraries and RMI components in OpenJDK An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions (CVE-2015-4760, CVE-2015-2628, CVE-2015-4731, CVE-2015-2590, CVE-2015-4732, CVE-2015-4733) A flaw was found in the way the Libraries component of OpenJDK ve ...
Amazon Linux AMI: ALAS-2015-586
Multiple flaws were discovered in the 2D, CORBA, JMX, Libraries and RMI components in OpenJDK An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions (CVE-2015-4760, CVE-2015-2628, CVE-2015-4731, CVE-2015-2590, CVE-2015-4732, CVE-2015-4733) A flaw was found in the way the Libraries component of OpenJDK ve ...
Amazon Linux AMI: ALAS-2015-571
Multiple flaws were discovered in the 2D, CORBA, JMX, Libraries and RMI components in OpenJDK An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions (CVE-2015-4760, CVE-2015-2628, CVE-2015-4731, CVE-2015-2590, CVE-2015-4732, CVE-2015-4733) A flaw was found in the way the Libraries component of OpenJDK ve ...

Recent Articles

Juniper patches Logjam, Bar Mitzvah, and various Java vulns
The Register • Richard Chirgwin • 26 Apr 2016

In Junos Space, nobody can hear you patch

Juniper Networks sysadmins can add Junos Space network management patches to their to-do list. The gin palace says “any product or platform running Junos Space before 15.2R1” has the privilege escalation vulnerabilities, adding that “Attack vectors include: cross site request forgeries (CSRF), default authentication credentials, information leak and command injection”. The remotely-exploitable bugs, turned up by the company's internal code review, include six vectors inherited from Oracl...

Read more...

References

NVD-CWE-noinfohttp://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.htmlhttp://www.securityfocus.com/bid/75854http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10727https://security.gentoo.org/glsa/201603-11https://security.gentoo.org/glsa/201603-14https://kc.mcafee.com/corporate/index?page=content&id=SB10139http://www.ubuntu.com/usn/USN-2706-1http://www.ubuntu.com/usn/USN-2696-1http://www.debian.org/security/2015/dsa-3339http://rhn.redhat.com/errata/RHSA-2015-1526.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.htmlhttp://www.securitytracker.com/id/1037732http://www.securitytracker.com/id/1032910http://www.debian.org/security/2015/dsa-3316http://rhn.redhat.com/errata/RHSA-2015-1604.htmlhttp://rhn.redhat.com/errata/RHSA-2015-1544.htmlhttp://rhn.redhat.com/errata/RHSA-2015-1488.htmlhttp://rhn.redhat.com/errata/RHSA-2015-1486.htmlhttp://rhn.redhat.com/errata/RHSA-2015-1485.htmlhttp://rhn.redhat.com/errata/RHSA-2015-1243.htmlhttp://rhn.redhat.com/errata/RHSA-2015-1242.htmlhttp://rhn.redhat.com/errata/RHSA-2015-1241.htmlhttp://rhn.redhat.com/errata/RHSA-2015-1230.htmlhttp://rhn.redhat.com/errata/RHSA-2015-1229.htmlhttp://rhn.redhat.com/errata/RHSA-2015-1228.htmlhttps://nvd.nist.govhttps://usn.ubuntu.com/2706-1/https://access.redhat.com/security/cve/cve-2015-4748
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-21987buffer overflowCVE-2024-28890CVE-2024-27574CVE-2024-27347CVE-2024-31450privilegeSSTICVE-2024-31666
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook