CVE-2015-5041
published 2016-06-06CVE-2015-5041: The J9 JVM in IBM SDK, Java Technology Edition 6 before SR16 FP20, 6 R1 before SR8 FP20, 7 before SR9 FP30, and 7 R1 before SR3 FP30 allows remote attackers to…
critical9.1CVSS 3.0
AVNACLPRNUINSUCHIHAN
The J9 JVM in IBM SDK, Java Technology Edition 6 before SR16 FP20, 6 R1 before SR8 FP20, 7 before SR9 FP30, and 7 R1 before SR3 FP30 allows remote attackers to obtain sensitive information or inject data by invoking non-public interface methods.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | java_sdk | >= 6.0.0.0 < 6.0.16.20 | 6.0.16.20 |
| ibm | java_sdk | >= 6.1.0.0 < 6.1.8.20 | 6.1.8.20 |
| ibm | java_sdk | >= 7.0.0.0 < 7.0.9.30 | 7.0.9.30 |
| ibm | java_sdk | >= 7.1.0.0 < 7.1.3.30 | 7.1.3.30 |
| ibm | websphere_application_server | <= 3.0.9.20 | — |
| redhat | satellite | — | — |
| redhat | satellite | — | — |
| suse | linux_enterprise_server | — | — |
| suse | linux_enterprise_server | — | — |
| suse | linux_enterprise_software_development_kit | — | — |
| suse | linux_enterprise_software_development_kit | — | — |
| suse | suse_linux_enterprise_server | — | — |