CVE-2015-0412Oracle JDK vulnerability

10 documents8 sources
Severity
7.2HIGHNVD
OSV3.4
EPSS
1.4%
top 19.21%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
8
Canonical Ubuntu LinuxDebian LinuxNovell Suse Linux Enterprise Desktop+5 more
Timeline
PublishedJan 21
Latest updateMay 13

Description

Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages5 packages

NVDoracle/jdk1.6.0, 1.7.0, 1.8.0+2
NVDoracle/jre1.6.0, 1.7.0, 1.8.0+2

Also affects: Debian Linux 7.0, 8.0, Ubuntu Linux 10.04, 12.04, 14.04, 14.10, Enterprise Linux 5.0, 6.0, 7.0

Patches

Patch: www.oracle.comPatch: www.oracle.com

🔴Vulnerability Details

4
GHSA
GHSA-5rmc-hxjg-x3qp: Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via ve2022-05-13
OSV
openjdk-7 vulnerabilities2015-01-28
OSV
CVE-2015-0412: Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via ve2015-01-21
CVEList
CVE-2015-0412: Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via ve2015-01-21

📋Vendor Advisories

4
Ubuntu
OpenJDK 7 vulnerabilities2015-01-28
Ubuntu
OpenJDK 6 vulnerabilities2015-01-27
Red Hat
OpenJDK: insufficient code privileges checks (JAX-WS, 8054367)2015-01-20
Debian
CVE-2015-0412: openjdk-8 - Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote a...2015

💬Community

1
Bugzilla
CVE-2015-0412 OpenJDK: insufficient code privileges checks (JAX-WS, 8054367)2015-01-16
CVE-2015-0412 — Oracle JDK vulnerability | cvebase