CVE-2015-0192high
New! CVE Severity Now Using CVSS v3
The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
Description
Unspecified vulnerability in IBM Java 8 before SR1, 7 R1 before SR2 FP11, 7 before SR9, 6 R1 before SR8 FP4, 6 before SR16 FP4, and 5.0 before SR16 FP10 allows remote attackers to gain privileges via unknown vectors related to the Java Virtual Machine.
References
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html
http://rhn.redhat.com/errata/RHSA-2015-1006.html
http://rhn.redhat.com/errata/RHSA-2015-1007.html
http://rhn.redhat.com/errata/RHSA-2015-1020.html
http://rhn.redhat.com/errata/RHSA-2015-1021.html
http://rhn.redhat.com/errata/RHSA-2015-1091.html
http://www-01.ibm.com/support/docview.wss?uid=swg1IV70682
Details
Source: MITRE
Published: 2015-07-02
Updated: 2019-06-03
Type: NVD-CWE-noinfo
Risk Information
CVSS v2
Base Score: 7.5
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Impact Score: 6.4
Exploitability Score: 10
Severity: HIGH
Vulnerable Software
Configuration 1
OR
cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:* versions from 6.0.0.0 to 6.0.16.4 (inclusive)
cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:java:*:*:*:*:*:*:*:* versions from 7.0.0.0 to 7.0.9 (inclusive)
Configuration 2
OR
cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:6.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.1:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
Configuration 3
OR
cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:ltss:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:ltss:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:12:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:*:*:*:*:*:*:*
Tenable Plugins
| ID | Name | Product | Family | Severity |
|---|---|---|---|---|
| 119967 | SUSE SLES12 Security Update : java-1_6_0-ibm (SUSE-SU-2015:1161-1) (Bar Mitzvah) (FREAK) | Nessus | SuSE Local Security Checks | critical |
| 85379 | SUSE SLES11 Security Update : java-1_7_0-ibm (SUSE-SU-2015:1375-1) (Bar Mitzvah) (Logjam) | Nessus | SuSE Local Security Checks | low |
| 84441 | SUSE SLES11 Security Update : java-1_7_0-ibm (SUSE-SU-2015:1086-4) (Bar Mitzvah) (FREAK) | Nessus | SuSE Local Security Checks | critical |
| 84425 | SUSE SLES10 Security Update : IBM Java (SUSE-SU-2015:1138-1) (Bar Mitzvah) (FREAK) | Nessus | SuSE Local Security Checks | critical |
| 84423 | SUSE SLES11 Security Update : Java (SUSE-SU-2015:1086-3) (Bar Mitzvah) (FREAK) | Nessus | SuSE Local Security Checks | critical |
| 84337 | SUSE SLES11 Security Update : IBM Java (SUSE-SU-2015:1086-2) (Bar Mitzvah) (FREAK) | Nessus | SuSE Local Security Checks | critical |
| 84286 | SUSE SLES11 Security Update : IBM Java (SUSE-SU-2015:1086-1) (Bar Mitzvah) (FREAK) | Nessus | SuSE Local Security Checks | critical |
| 84285 | SUSE SLES10 Security Update : IBM Java (SUSE-SU-2015:1085-1) (Bar Mitzvah) (FREAK) | Nessus | SuSE Local Security Checks | critical |
| 84260 | SUSE SLES12 Security Update : java-1_7_0-ibm (SUSE-SU-2015:1073-1) (Bar Mitzvah) | Nessus | SuSE Local Security Checks | critical |
| 84143 | RHEL 5 / 6 : Red Hat Satellite IBM Java Runtime (RHSA-2015:1091) (Bar Mitzvah) | Nessus | Red Hat Local Security Checks | critical |
| 84087 | AIX Java Advisory : java_april2015_advisory.asc (Bar Mitzvah) (FREAK) | Nessus | AIX Local Security Checks | critical |
| 83754 | RHEL 5 / 6 : java-1.5.0-ibm (RHSA-2015:1021) (Bar Mitzvah) | Nessus | Red Hat Local Security Checks | critical |
| 83753 | RHEL 6 / 7 : java-1.7.1-ibm (RHSA-2015:1020) (Bar Mitzvah) | Nessus | Red Hat Local Security Checks | critical |
| 83433 | RHEL 5 : java-1.7.0-ibm (RHSA-2015:1007) (Bar Mitzvah) | Nessus | Red Hat Local Security Checks | critical |
| 83432 | RHEL 5 / 6 : java-1.6.0-ibm (RHSA-2015:1006) (Bar Mitzvah) | Nessus | Red Hat Local Security Checks | critical |