CVE-2015-0395 — Oracle JDK vulnerability

11 documents8 sources

Severity

9.3CRITICALNVD

OSV3.4

EPSS

19.7%

top 4.56%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Canonical Ubuntu Linux Debian Linux Novell Suse Linux Enterprise Server +4 more

Timeline

PublishedJan 21

Latest updateMay 13

Description

Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages4 packages

▶NVDoracle/jdk4 versions+3

▶NVDoracle/jre4 versions+3

▶NVDopensuse/opensuse13.2

▶NVDnovell/suse_linux_enterprise_server11.0, 12.0+1

Also affects: Debian Linux 7.0, 8.0, Ubuntu Linux 10.04, 12.04, 14.04, 14.10, Enterprise Linux 5, 6.0, 7.0

Patches

Patch: www.oracle.com ↗Patch: www.oracle.com ↗

🔴Vulnerability Details

GHSA

GHSA-7w4x-vjmm-65hg: Unspecified vulnerability in Oracle Java SE 5↗2022-05-13

▶

OSV

openjdk-7 vulnerabilities↗2015-01-28

▶

CVEList

CVE-2015-0395: Unspecified vulnerability in Oracle Java SE 5↗2015-01-21

▶

OSV

CVE-2015-0395: Unspecified vulnerability in Oracle Java SE 5↗2015-01-21

▶

📋Vendor Advisories

Ubuntu

OpenJDK 7 vulnerabilities↗2015-01-28

▶

Ubuntu

OpenJDK 6 vulnerabilities↗2015-01-27

▶

Red Hat

OpenJDK: phantom references handling issue in garbage collector (Hotspot, 8047125)↗2015-01-20

▶

Debian

CVE-2015-0395: openjdk-8 - Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows ...↗2015

▶

💬Community

Bugzilla

CVE-2015-0460 OpenJDK: incorrect handling of phantom references (Hotspot, 8071931)↗2015-04-13

▶

Bugzilla

CVE-2015-0395 OpenJDK: phantom references handling issue in garbage collector (Hotspot, 8047125)↗2015-01-16

▶