CVE-2015-0383Insecure Temporary File in Oracle JDK

CWE-377Insecure Temporary File12 documents8 sources
Severity
5.4MEDIUMNVD
EPSS
0.1%
top 75.69%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
10
Canonical Ubuntu LinuxDebian LinuxFedoraproject Fedora+7 more
Timeline
PublishedJan 21
Latest updateMay 13

Description

Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows local users to affect integrity and availability via unknown vectors related to Hotspot.

CVSS vector

AV:L/AC:M/C:N/I:P/A:CExploitability: 3.4 | Impact: 7.8

Affected Packages6 packages

NVDoracle/jrockitr27.8.4, r28.3.4+1
NVDoracle/jdk4 versions+3
NVDoracle/jre4 versions+3

Also affects: Debian Linux 7.0, 8.0, Fedora 20, 21, 22, Ubuntu Linux 10.04, 12.04, 14.04, 14.10, Enterprise Linux 5, 6.0, 7.0

Patches

Patch: www.oracle.comPatch: www.oracle.com

🔴Vulnerability Details

3
GHSA
GHSA-mh42-q7jv-64p4: Unspecified vulnerability in Oracle Java SE 52022-05-13
OSV
CVE-2015-0383: Unspecified vulnerability in Oracle Java SE 52015-01-21
CVEList
CVE-2015-0383: Unspecified vulnerability in Oracle Java SE 52015-01-21

📋Vendor Advisories

5
Ubuntu
OpenJDK 7 vulnerabilities2015-01-28
Ubuntu
OpenJDK 6 vulnerabilities2015-01-27
Red Hat
OpenJDK: insecure hsperfdata temporary file handling (Hotspot, 8050807)2015-01-20
Debian
CVE-2015-0383: openjdk-8 - Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java S...2015
Red Hat
OpenJDK8: insecure hsperfdata temporary file handling, CVE-2015-0383 regression (Hotspot)2014-04-20

💬Community

3
Bugzilla
CVE-2015-3149 java-1.8.0-openjdk: OpenJDK8: insecure hsperfdata temporary file handling, CVE-2015-0383 regression (Hotspot) [fedora-all]2015-04-20
Bugzilla
CVE-2015-3149 OpenJDK8: insecure hsperfdata temporary file handling, CVE-2015-0383 regression (Hotspot)2015-04-20
Bugzilla
CVE-2015-0383 OpenJDK: insecure hsperfdata temporary file handling (Hotspot, 8050807)2014-07-28
CVE-2015-0383 — Insecure Temporary File in Oracle JDK | cvebase