CVE-2015-0460: Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect confidentiality, integrity, and availability via…

CVE-2015-0460 [CRITICAL] OpenJDK 6 vulnerabilities Title: OpenJDK 6 vulnerabilities Summary: Several security issues were fixed in OpenJDK 6. Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. (CVE-2015-0460, CVE-2015-0469) Alexander Cherepanov discovered that OpenJDK JRE was vulnerable to directory traversal issues with respect to handling jar files. An attacker could use this to expose sensitive data. (CVE-2015-0480) Florian Weimer discovered that the RSA implementation in the JCE component in OpenJDK JRE did not follow recommended practices for implementing RSA signatures. An attacker could use this to expose sensitive data. (CVE-2015-0478) A vulnerabilit

CVE-2015-0460 [CRITICAL] OpenJDK 7 vulnerabilities Title: OpenJDK 7 vulnerabilities Summary: Several security issues were fixed in OpenJDK 7. Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. (CVE-2015-0460, CVE-2015-0469) Alexander Cherepanov discovered that OpenJDK JRE was vulnerable to directory traversal issues with respect to handling jar files. An attacker could use this to expose sensitive data. (CVE-2015-0480) Florian Weimer discovered that the RSA implementation in the JCE component in OpenJDK JRE did not follow recommended practices for implementing RSA signatures. An attacker could use this to expose sensitive data. (CVE-2015-0478) A vulnerabilit

CVE-2015-0460 [CRITICAL] OpenJDK: incorrect handling of phantom references (Hotspot, 8071931) OpenJDK: incorrect handling of phantom references (Hotspot, 8071931) Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. A flaw was found in the way the Hotspot component in OpenJDK handled phantom references. An untrusted Java application or applet could use this flaw to corrupt the Java Virtual Machine memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions.

CVE-2015-0460 [CRITICAL] CVE-2015-0460: openjdk-8 - Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows ... Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. Scope: local sid: resolved (fixed in 8u45-b14-1)

CVE-2015-0460 [HIGH] GHSA-hc84-v6qx-7xrf: Unspecified vulnerability in Oracle Java SE 5 Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.

CVE-2015-0460 [CRITICAL] openjdk-7 vulnerabilities openjdk-7 vulnerabilities Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. (CVE-2015-0460, CVE-2015-0469) Alexander Cherepanov discovered that OpenJDK JRE was vulnerable to directory traversal issues with respect to handling jar files. An attacker could use this to expose sensitive data. (CVE-2015-0480) Florian Weimer discovered that the RSA implementation in the JCE component in OpenJDK JRE did not follow recommended practices for implementing RSA signatures. An attacker could use this to expose sensitive data. (CVE-2015-0478) A vulnerability was discovered in the OpenJDK JRE related to data integrity. An

CVE-2015-0460 [CRITICAL] CVE-2015-0460: Unspecified vulnerability in Oracle Java SE 5 Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.

CVE-2015-0460 [CRITICAL] CVE-2015-0460 OpenJDK: incorrect handling of phantom references (Hotspot, 8071931) CVE-2015-0460 OpenJDK: incorrect handling of phantom references (Hotspot, 8071931) A flaw was found in the way the Hotspot JVM handled phantom references. An untrusted Java application or applet could use this flaw to corrupt JVM memory and, possibly, execute arbitrary code, bypassing Java sandbox restrictions. This fix corrects the patch for CVE-2015-0395 (bug 1183031) fixed in Jan 2015 CPU. Discussion: Public now via Oracle Critical Patch Update - April 2015. Fixed in Oracle Java SE 6u95, 7u79, and 8u45. External References: http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixJAVA --- This issue has been addressed in the following products: Red Hat Enterprise Linux 5 Via RHSA-2015:0807 https://rhn.redhat.com/errata/RHSA-2015-0807.html --- This is