Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
10
CVSSv2

CVE-2015-4760

Published: 16/07/2015 Updated: 13/05/2022
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
VMScore: 890
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Oracle

Vulnerability Summary

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote malicious users to affect confidentiality, integrity, and availability via unknown vectors related to 2D.

Vulnerable Product Search on Vulmon Subscribe to Product

oracle jre 1.6.0

oracle jre 1.8.0

oracle jre 1.7.0

oracle jdk 1.8.0

oracle jdk 1.6.0

oracle jdk 1.7.0

Vendor Advisories

Ubuntu Security Notice: icu vulnerabilities
Several security issues were fixed in ICU ...
Ubuntu Security Notice: openjdk-6 vulnerabilities
Several security issues were fixed in OpenJDK 6 ...
Ubuntu Security Notice: openjdk-7 vulnerabilities
Several security issues were fixed in OpenJDK 7 ...
Debian Security Advisories: DSA-3323-1 icu -- security update
Several vulnerabilities were discovered in the International Components for Unicode (ICU) library CVE-2014-8146 The Unicode Bidirectional Algorithm implementation does not properly track directionally isolated pieces of text, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly execut ...
Debian Security Advisories: DSA-3339-1 openjdk-6 -- security update
Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, breakouts of the Java sandbox, information disclosure, denial of service or insecure cryptography For the oldstable distribution (wheezy), these problems have been fixed in version 6b36-1138-1~deb7 ...
Debian Security Advisories: DSA-3316-1 openjdk-7 -- security update
Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in the execution of arbitrary code, breakouts of the Java sandbox, information disclosure, denial of service or insecure cryptography For the oldstable distribution (wheezy), these problems have been fixed in version 7u79-256-1~deb7u ...
Red Hat: CVE-2015-4760
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D ...
Amazon Linux AMI: ALAS-2015-570
Multiple flaws were discovered in the 2D, CORBA, JMX, Libraries and RMI components in OpenJDK An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions (CVE-2015-4760, CVE-2015-2628, CVE-2015-4731, CVE-2015-2590, CVE-2015-4732, CVE-2015-4733) A flaw was found in the way the Libraries component of OpenJDK ve ...
Amazon Linux AMI: ALAS-2015-586
Multiple flaws were discovered in the 2D, CORBA, JMX, Libraries and RMI components in OpenJDK An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions (CVE-2015-4760, CVE-2015-2628, CVE-2015-4731, CVE-2015-2590, CVE-2015-4732, CVE-2015-4733) A flaw was found in the way the Libraries component of OpenJDK ve ...
Amazon Linux AMI: ALAS-2015-571
Multiple flaws were discovered in the 2D, CORBA, JMX, Libraries and RMI components in OpenJDK An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions (CVE-2015-4760, CVE-2015-2628, CVE-2015-4731, CVE-2015-2590, CVE-2015-4732, CVE-2015-4733) A flaw was found in the way the Libraries component of OpenJDK ve ...

References

NVD-CWE-noinfohttp://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.htmlhttp://www.securityfocus.com/bid/75784https://security.gentoo.org/glsa/201603-11https://security.gentoo.org/glsa/201603-14http://www.ubuntu.com/usn/USN-2740-1http://www.debian.org/security/2015/dsa-3323http://www.ubuntu.com/usn/USN-2706-1http://www.ubuntu.com/usn/USN-2696-1http://www.debian.org/security/2015/dsa-3339http://rhn.redhat.com/errata/RHSA-2015-1526.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.htmlhttp://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.htmlhttp://www.securitytracker.com/id/1032910http://www.debian.org/security/2015/dsa-3316http://rhn.redhat.com/errata/RHSA-2015-1604.htmlhttp://rhn.redhat.com/errata/RHSA-2015-1544.htmlhttp://rhn.redhat.com/errata/RHSA-2015-1488.htmlhttp://rhn.redhat.com/errata/RHSA-2015-1486.htmlhttp://rhn.redhat.com/errata/RHSA-2015-1485.htmlhttp://rhn.redhat.com/errata/RHSA-2015-1243.htmlhttp://rhn.redhat.com/errata/RHSA-2015-1242.htmlhttp://rhn.redhat.com/errata/RHSA-2015-1241.htmlhttp://rhn.redhat.com/errata/RHSA-2015-1230.htmlhttp://rhn.redhat.com/errata/RHSA-2015-1229.htmlhttp://rhn.redhat.com/errata/RHSA-2015-1228.htmlhttps://nvd.nist.govhttps://usn.ubuntu.com/2740-1/https://access.redhat.com/security/cve/cve-2015-4760
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38298CVE-2024-20356CVE-2023-21987CVE-2024-33217bypassCVE-2024-31804CVE-2024-32660unauthorizedSSRF
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook