CVE-2015-4903Oracle JDK vulnerability

10 documents8 sources
Severity
5.0MEDIUMNVD
EPSS
3.1%
top 13.21%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Oracle JDKOracle JRE
Timeline
PublishedOct 22
Latest updateMay 13

Description

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via vectors related to RMI.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

NVDoracle/jdk1.6.0, 1.7.0, 1.8.0+2
NVDoracle/jre1.6.0, 1.7.0, 1.8.0+2

🔴Vulnerability Details

4
GHSA
GHSA-wx9q-j373-mc8m: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via ve2022-05-13
OSV
openjdk-7 vulnerabilities2015-10-28
OSV
CVE-2015-4903: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via ve2015-10-21
CVEList
CVE-2015-4903: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via ve2015-10-21

📋Vendor Advisories

4
Ubuntu
OpenJDK 6 vulnerabilities2015-12-03
Ubuntu
OpenJDK 7 vulnerabilities2015-10-28
Red Hat
OpenJDK: insufficient proxy class checks in RemoteObjectInvocationHandler (RMI, 8076339)2015-10-20
Debian
CVE-2015-4903: openjdk-8 - Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE E...2015

💬Community

1
Bugzilla
CVE-2015-4903 OpenJDK: insufficient proxy class checks in RemoteObjectInvocationHandler (RMI, 8076339)2015-10-20
CVE-2015-4903 — Oracle JDK vulnerability | cvebase