CVE-2015-0459

HIGH

Description

Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JavaFX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2015-0491.

References

http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00017.html

http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00018.html

http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00002.html

http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html

http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html

http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html

http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html

http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html

http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html

http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html

http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html

http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html

http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html

http://rhn.redhat.com/errata/RHSA-2015-0854.html

http://rhn.redhat.com/errata/RHSA-2015-0857.html

http://rhn.redhat.com/errata/RHSA-2015-0858.html

http://rhn.redhat.com/errata/RHSA-2015-1006.html

http://rhn.redhat.com/errata/RHSA-2015-1007.html

http://rhn.redhat.com/errata/RHSA-2015-1020.html

http://rhn.redhat.com/errata/RHSA-2015-1021.html

http://rhn.redhat.com/errata/RHSA-2015-1091.html

http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html

http://www.securityfocus.com/bid/74083

http://www.securitytracker.com/id/1032120

http://www-01.ibm.com/support/docview.wss?uid=swg21883640

https://security.gentoo.org/glsa/201603-11

Details

Source: MITRE

Published: 2015-04-16

Updated: 2020-09-08

Risk Information

CVSS v2.0

Base Score: 10

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 10

Severity: HIGH

Tenable Plugins

View all (34 total)

IDNameProductFamilySeverity
700650Oracle Java SE 5 < Update 85 / 6 < Update 95 / 7 < Update 79 / 8 < Update 45 Multiple Vulnerabilities (April 2015 CPU) (FREAK)Nessus Network MonitorWeb Clients
critical
119972SUSE SLES12 Security Update : java-1_6_0-ibm (SUSE-SU-2015:2192-1) (Bar Mitzvah) (FREAK)NessusSuSE Local Security Checks
critical
119967SUSE SLES12 Security Update : java-1_6_0-ibm (SUSE-SU-2015:1161-1) (Bar Mitzvah) (FREAK)NessusSuSE Local Security Checks
critical
89904GLSA-201603-11 : Oracle JRE/JDK: Multiple vulnerabilities (Logjam)NessusGentoo Local Security Checks
critical
87914SUSE SLES10 Security Update : java-1_6_0-ibm (SUSE-SU-2016:0113-1) (Bar Mitzvah) (FREAK)NessusSuSE Local Security Checks
critical
87404SUSE SLES12 Security Update : java-1_7_1-ibm (SUSE-SU-2015:2168-2) (FREAK)NessusSuSE Local Security Checks
critical
87277SUSE SLES11 Security Update : java-1_7_0-ibm (SUSE-SU-2015:2216-1) (FREAK)NessusSuSE Local Security Checks
critical
87200SUSE SLES11 Security Update : java-1_7_1-ibm (SUSE-SU-2015:2182-1) (FREAK)NessusSuSE Local Security Checks
critical
87181SUSE SLES12 Security Update : java-1_7_1-ibm (SUSE-SU-2015:2168-1) (FREAK)NessusSuSE Local Security Checks
critical
87180SUSE SLES11 Security Update : java-1_6_0-ibm (SUSE-SU-2015:2166-1) (Bar Mitzvah) (FREAK)NessusSuSE Local Security Checks
critical
84441SUSE SLES11 Security Update : java-1_7_0-ibm (SUSE-SU-2015:1086-4) (Bar Mitzvah) (FREAK)NessusSuSE Local Security Checks
critical
84425SUSE SLES10 Security Update : IBM Java (SUSE-SU-2015:1138-1) (Bar Mitzvah) (FREAK)NessusSuSE Local Security Checks
critical
84423SUSE SLES11 Security Update : Java (SUSE-SU-2015:1086-3) (Bar Mitzvah) (FREAK)NessusSuSE Local Security Checks
critical
84337SUSE SLES11 Security Update : IBM Java (SUSE-SU-2015:1086-2) (Bar Mitzvah) (FREAK)NessusSuSE Local Security Checks
critical
84286SUSE SLES11 Security Update : IBM Java (SUSE-SU-2015:1086-1) (Bar Mitzvah) (FREAK)NessusSuSE Local Security Checks
critical
84285SUSE SLES10 Security Update : IBM Java (SUSE-SU-2015:1085-1) (Bar Mitzvah) (FREAK)NessusSuSE Local Security Checks
critical
84143RHEL 5 / 6 : Red Hat Satellite IBM Java Runtime (RHSA-2015:1091) (Bar Mitzvah)NessusRed Hat Local Security Checks
critical
84087AIX Java Advisory : java_april2015_advisory.asc (Bar Mitzvah) (FREAK)NessusAIX Local Security Checks
critical
83754RHEL 5 / 6 : java-1.5.0-ibm (RHSA-2015:1021) (Bar Mitzvah)NessusRed Hat Local Security Checks
critical
83753RHEL 6 / 7 : java-1.7.1-ibm (RHSA-2015:1020) (Bar Mitzvah)NessusRed Hat Local Security Checks
critical
83433RHEL 5 : java-1.7.0-ibm (RHSA-2015:1007) (Bar Mitzvah)NessusRed Hat Local Security Checks
critical
83432RHEL 5 / 6 : java-1.6.0-ibm (RHSA-2015:1006) (Bar Mitzvah)NessusRed Hat Local Security Checks
critical
83287SuSE 11.3 Security Update : java-1_7_0-openjdk (SAT Patch Number 10621)NessusSuSE Local Security Checks
critical
83107openSUSE Security Update : java-1_8_0-openjdk (openSUSE-2015-332)NessusSuSE Local Security Checks
critical
83106openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2015-331)NessusSuSE Local Security Checks
critical
82910RHEL 5 / 6 / 7 : java-1.6.0-sun (RHSA-2015:0858)NessusRed Hat Local Security Checks
critical
82909RHEL 5 / 6 / 7 : java-1.7.0-oracle (RHSA-2015:0857)NessusRed Hat Local Security Checks
critical
82897RHEL 6 / 7 : java-1.8.0-oracle (RHSA-2015:0854)NessusRed Hat Local Security Checks
critical
82821Oracle Java SE Multiple Vulnerabilities (April 2015 CPU) (Unix) (FREAK)NessusMisc.
critical
82820Oracle Java SE Multiple Vulnerabilities (April 2015 CPU) (FREAK)NessusWindows
critical
8751Oracle Java SE 5 < Update 82 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
critical
8750Oracle Java SE 6 < Update 92 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
critical
8749Oracle Java SE 7 < Update 77 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
critical
8748Oracle Java SE 8 < Update 41 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
critical