CVE-2015-0469Off-by-one Error in Oracle JDK

CWE-193Off-by-one ErrorCWE-122Heap-based Buffer Overflow13 documents8 sources
Severity
10.0CRITICALNVD
OSV9.3
EPSS
8.6%
top 7.56%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Oracle JDKOracle JRE
Timeline
PublishedApr 16
Latest updateMay 13

Description

Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages2 packages

NVDoracle/jdk4 versions+3
NVDoracle/jre4 versions+3

🔴Vulnerability Details

4
GHSA
GHSA-23mh-jxf4-vm3h: Unspecified vulnerability in Oracle Java SE 52022-05-13
OSV
openjdk-7 vulnerabilities2015-04-21
CVEList
CVE-2015-0469: Unspecified vulnerability in Oracle Java SE 52015-04-16
OSV
CVE-2015-0469: Unspecified vulnerability in Oracle Java SE 52015-04-15

📋Vendor Advisories

4
Ubuntu
OpenJDK 6 vulnerabilities2015-04-21
Ubuntu
OpenJDK 7 vulnerabilities2015-04-21
Red Hat
ICU: layout engine glyphStorage off-by-one (OpenJDK 2D, 8067699)2015-04-14
Debian
CVE-2015-0469: openjdk-8 - Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows ...2015

💬Community

4
Bugzilla
CVE-2015-0469 mingw-icu: ICU: layout engine glyphStorage off-by-one (OpenJDK 2D, 8067699) [fedora-all]2015-04-23
Bugzilla
CVE-2015-0469 mingw-icu: ICU: layout engine glyphStorage off-by-one (OpenJDK 2D, 8067699) [epel-7]2015-04-23
Bugzilla
CVE-2015-0469 ICU: layout engine glyphStorage off-by-one (OpenJDK 2D, 8067699) [fedora-all]2015-04-23
Bugzilla
CVE-2015-0469 ICU: layout engine glyphStorage off-by-one (OpenJDK 2D, 8067699)2015-04-10
CVE-2015-0469 — Off-by-one Error in Oracle JDK | cvebase