CVE-2015-4871Oracle JDK vulnerability

7 documents7 sources
Severity
5.8MEDIUMNVD
EPSS
2.4%
top 14.93%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Oracle JDKOracle JRE
Timeline
PublishedOct 21
Latest updateMay 14

Description

Unspecified vulnerability in Oracle Java SE 7u85 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries.

CVSS vector

AV:N/AC:M/C:P/I:P/A:NExploitability: 8.6 | Impact: 4.9

Affected Packages2 packages

NVDoracle/jdk1.7.0
NVDoracle/jre1.7.0

Patches

Patch: www.oracle.comPatch: www.oracle.com

🔴Vulnerability Details

3
GHSA
GHSA-gq58-crwm-qgwh: Unspecified vulnerability in Oracle Java SE 7u85 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Librar2022-05-14
OSV
CVE-2015-4871: Unspecified vulnerability in Oracle Java SE 7u85 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Librar2015-10-21
CVEList
CVE-2015-4871: Unspecified vulnerability in Oracle Java SE 7u85 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Librar2015-10-21

📋Vendor Advisories

2
Ubuntu
OpenJDK 7 vulnerability2015-11-25
Red Hat
OpenJDK: protected methods can be used as interface methods via DirectMethodHandle (Libraries)2015-10-20

💬Community

1
Bugzilla
CVE-2015-4871 OpenJDK: protected methods can be used as interface methods via DirectMethodHandle (Libraries)2015-10-21
CVE-2015-4871 — Oracle JDK vulnerability | cvebase