CVE-2015-0192

HIGH

Description

Unspecified vulnerability in IBM Java 8 before SR1, 7 R1 before SR2 FP11, 7 before SR9, 6 R1 before SR8 FP4, 6 before SR16 FP4, and 5.0 before SR16 FP10 allows remote attackers to gain privileges via unknown vectors related to the Java Virtual Machine.

References

http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html

http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html

http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html

http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html

http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html

http://rhn.redhat.com/errata/RHSA-2015-1006.html

http://rhn.redhat.com/errata/RHSA-2015-1007.html

http://rhn.redhat.com/errata/RHSA-2015-1020.html

http://rhn.redhat.com/errata/RHSA-2015-1021.html

http://rhn.redhat.com/errata/RHSA-2015-1091.html

http://www-01.ibm.com/support/docview.wss?uid=swg1IV70682

http://www-01.ibm.com/support/docview.wss?uid=swg1IV70683

http://www-01.ibm.com/support/docview.wss?uid=swg21883640

Details

Source: MITRE

Published: 2015-07-02

Updated: 2019-06-03

Type: NVD-CWE-noinfo

Risk Information

CVSS v2.0

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH

Vulnerable Software

Configuration 1

cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*

cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:* versions from 6.0.0.0 to 6.0.16.4 (inclusive)

cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*

cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:* versions from 7.0.0.0 to 7.0.9 (inclusive)

cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*

ID	Name	Product	Family	Severity
119967	SUSE SLES12 Security Update : java-1_6_0-ibm (SUSE-SU-2015:1161-1) (Bar Mitzvah) (FREAK)	Nessus	SuSE Local Security Checks	critical
85379	SUSE SLES11 Security Update : java-1_7_0-ibm (SUSE-SU-2015:1375-1) (Bar Mitzvah) (Logjam)	Nessus	SuSE Local Security Checks	critical
84441	SUSE SLES11 Security Update : java-1_7_0-ibm (SUSE-SU-2015:1086-4) (Bar Mitzvah) (FREAK)	Nessus	SuSE Local Security Checks	critical
84425	SUSE SLES10 Security Update : IBM Java (SUSE-SU-2015:1138-1) (Bar Mitzvah) (FREAK)	Nessus	SuSE Local Security Checks	critical
84423	SUSE SLES11 Security Update : Java (SUSE-SU-2015:1086-3) (Bar Mitzvah) (FREAK)	Nessus	SuSE Local Security Checks	critical
84337	SUSE SLES11 Security Update : IBM Java (SUSE-SU-2015:1086-2) (Bar Mitzvah) (FREAK)	Nessus	SuSE Local Security Checks	critical
84286	SUSE SLES11 Security Update : IBM Java (SUSE-SU-2015:1086-1) (Bar Mitzvah) (FREAK)	Nessus	SuSE Local Security Checks	critical
84285	SUSE SLES10 Security Update : IBM Java (SUSE-SU-2015:1085-1) (Bar Mitzvah) (FREAK)	Nessus	SuSE Local Security Checks	critical
84260	SUSE SLES12 Security Update : java-1_7_0-ibm (SUSE-SU-2015:1073-1) (Bar Mitzvah)	Nessus	SuSE Local Security Checks	critical
84143	RHEL 5 / 6 : Red Hat Satellite IBM Java Runtime (RHSA-2015:1091) (Bar Mitzvah)	Nessus	Red Hat Local Security Checks	critical
84087	AIX Java Advisory : java_april2015_advisory.asc (Bar Mitzvah) (FREAK)	Nessus	AIX Local Security Checks	critical
83754	RHEL 5 / 6 : java-1.5.0-ibm (RHSA-2015:1021) (Bar Mitzvah)	Nessus	Red Hat Local Security Checks	critical
83753	RHEL 6 / 7 : java-1.7.1-ibm (RHSA-2015:1020) (Bar Mitzvah)	Nessus	Red Hat Local Security Checks	critical
83433	RHEL 5 : java-1.7.0-ibm (RHSA-2015:1007) (Bar Mitzvah)	Nessus	Red Hat Local Security Checks	critical
83432	RHEL 5 / 6 : java-1.6.0-ibm (RHSA-2015:1006) (Bar Mitzvah)	Nessus	Red Hat Local Security Checks	critical

CVE-2015-0192

HIGH

Description

References

Details

Risk Information

CVSS v2.0

Vulnerable Software

Configuration 1

Configuration 2

Configuration 3

Tenable Plugins

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical