CVE-2015-2638

HIGH

Description

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JavaFX 2.2.80; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.

References

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html

http://rhn.redhat.com/errata/RHSA-2015-1241.html

http://rhn.redhat.com/errata/RHSA-2015-1242.html

http://rhn.redhat.com/errata/RHSA-2015-1243.html

http://rhn.redhat.com/errata/RHSA-2015-1485.html

http://rhn.redhat.com/errata/RHSA-2015-1486.html

http://rhn.redhat.com/errata/RHSA-2015-1488.html

http://rhn.redhat.com/errata/RHSA-2015-1544.html

http://rhn.redhat.com/errata/RHSA-2015-1604.html

http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html

http://www.securityfocus.com/bid/75833

http://www.securitytracker.com/id/1032910

https://security.gentoo.org/glsa/201603-11

Details

Source: MITRE

Published: 2015-07-16

Updated: 2018-01-05

Type: NVD-CWE-noinfo

Risk Information

CVSS v2.0

Base Score: 10

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 10

Severity: HIGH

Vulnerable Software

Configuration 1

cpe:2.3:a:oracle:jdk:1.6.0:update_95:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.7.0:update_75:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.7.0:update_80:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.8.0:update_33:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.8.0:update_45:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.6.0:update_95:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.7.0:update_75:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.7.0:update_80:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.8.0:update_33:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.8.0:update_45:*:*:*:*:*:*

Configuration 2

cpe:2.3:a:oracle:javafx:2.2.80:*:*:*:*:*:*:*

Tenable Plugins

View all (23 total)

ID	Name	Product	Family	Severity
700651	Oracle Java SE Multiple 6 < Update 101 / 7 < Update 85 / 8 < Update 51 Multiple Vulnerabilities (July 2015 CPU) (Bar Mitzvah)	Nessus Network Monitor	Web Clients	critical
119969	SUSE SLES12 Security Update : java-1_6_0-ibm (SUSE-SU-2015:1345-1) (Bar Mitzvah) (Logjam)	Nessus	SuSE Local Security Checks	critical
89904	GLSA-201603-11 : Oracle JRE/JDK: Multiple vulnerabilities (Logjam)	Nessus	Gentoo Local Security Checks	critical
8918	Oracle Java SE 6 < Update 101 / 7 < Update 85 / 8 < Update 51 Multiple Vulnerabilities	Nessus Network Monitor	Web Clients	critical
85869	SUSE SLES11 Security Update : java-1_6_0-ibm (SUSE-SU-2015:1509-1) (Bar Mitzvah) (Logjam)	Nessus	SuSE Local Security Checks	critical
85447	AIX Java Advisory : java_july2015_advisory.asc (Logjam)	Nessus	AIX Local Security Checks	critical
85379	SUSE SLES11 Security Update : java-1_7_0-ibm (SUSE-SU-2015:1375-1) (Bar Mitzvah) (Logjam)	Nessus	SuSE Local Security Checks	critical
85373	RHEL 5 / 6 : Red Hat Satellite IBM Java Runtime (RHSA-2015:1604) (Logjam)	Nessus	Red Hat Local Security Checks	critical
85238	RHEL 5 / 6 : java-1.5.0-ibm (RHSA-2015:1544) (Logjam)	Nessus	Red Hat Local Security Checks	critical
85214	SUSE SLES12 Security Update : java-1_7_1-ibm (SUSE-SU-2015:1331-1) (Bar Mitzvah) (Logjam)	Nessus	SuSE Local Security Checks	critical
85213	SUSE SLES11 Security Update : java-1_7_1-ibm (SUSE-SU-2015:1329-1) (Bar Mitzvah) (Logjam)	Nessus	SuSE Local Security Checks	critical
85153	SUSE SLED11 Security Update : java-1_7_0-openjdk (SUSE-SU-2015:1320-1) (Bar Mitzvah) (Logjam)	Nessus	SuSE Local Security Checks	critical
85152	SUSE SLED12 / SLES12 Security Update : java-1_7_0-openjdk (SUSE-SU-2015:1319-1) (Bar Mitzvah) (Logjam)	Nessus	SuSE Local Security Checks	critical
85002	openSUSE Security Update : java-1_8_0-openjdk (openSUSE-2015-512) (Bar Mitzvah) (Logjam)	Nessus	SuSE Local Security Checks	critical
85001	openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2015-511) (Bar Mitzvah) (Logjam)	Nessus	SuSE Local Security Checks	critical
84978	RHEL 5 : java-1.7.0-ibm (RHSA-2015:1488) (Logjam)	Nessus	Red Hat Local Security Checks	critical
84956	RHEL 5 / 6 : java-1.6.0-ibm (RHSA-2015:1486) (Logjam)	Nessus	Red Hat Local Security Checks	critical
84955	RHEL 6 / 7 : java-1.7.1-ibm (RHSA-2015:1485) (Logjam)	Nessus	Red Hat Local Security Checks	critical
84873	RHEL 5 / 6 / 7 : java-1.6.0-sun (RHSA-2015:1243) (Bar Mitzvah) (Logjam)	Nessus	Red Hat Local Security Checks	critical
84872	RHEL 5 / 6 / 7 : java-1.7.0-oracle (RHSA-2015:1242) (Bar Mitzvah) (Logjam)	Nessus	Red Hat Local Security Checks	critical
84871	RHEL 6 / 7 : java-1.8.0-oracle (RHSA-2015:1241) (Bar Mitzvah) (Logjam)	Nessus	Red Hat Local Security Checks	critical
84825	Oracle Java SE Multiple Vulnerabilities (July 2015 CPU) (Unix) (Bar Mitzvah)	Nessus	Misc.	critical
84824	Oracle Java SE Multiple Vulnerabilities (July 2015 CPU) (Bar Mitzvah)	Nessus	Windows	critical