CVE-2015-4871

MEDIUM

Description

Unspecified vulnerability in Oracle Java SE 7u85 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries.

References

http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html

http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html

http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html

http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html

http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html

http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00014.html

http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html

http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html

http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html

http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html

http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html

http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html

http://rhn.redhat.com/errata/RHSA-2015-1927.html

http://rhn.redhat.com/errata/RHSA-2015-2506.html

http://rhn.redhat.com/errata/RHSA-2015-2507.html

http://rhn.redhat.com/errata/RHSA-2015-2509.html

http://rhn.redhat.com/errata/RHSA-2016-0053.html

http://rhn.redhat.com/errata/RHSA-2016-0054.html

http://www.debian.org/security/2015/dsa-3381

http://www.debian.org/security/2015/dsa-3401

http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html

http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

http://www.securityfocus.com/bid/77238

http://www.securitytracker.com/id/1033884

http://www.ubuntu.com/usn/USN-2818-1

https://access.redhat.com/errata/RHSA-2016:1430

https://security.gentoo.org/glsa/201603-11

https://security.gentoo.org/glsa/201603-14

Details

Source: MITRE

Published: 2015-10-21

Updated: 2016-12-24

Risk Information

CVSS v2.0

Base Score: 5.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N

Impact Score: 4.9

Exploitability Score: 8.6

Severity: MEDIUM

Tenable Plugins

View all (37 total)

IDNameProductFamilySeverity
700652Oracle Java SE 6 < Update 105 / 7 < Update 91 / 8 < Update 65 Multiple Vulnerabilities (October 2015 CPU)Nessus Network MonitorWeb Clients
critical
119972SUSE SLES12 Security Update : java-1_6_0-ibm (SUSE-SU-2015:2192-1) (Bar Mitzvah) (FREAK)NessusSuSE Local Security Checks
critical
92400RHEL 5 / 6 : java-1.7.0-ibm and java-1.7.1-ibm (RHSA-2016:1430) (SLOTH)NessusRed Hat Local Security Checks
critical
9352Oracle Java SE 6 < Update 105 / 7 < Update 91 / 8 < Update 65 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
critical
89907GLSA-201603-14 : IcedTea: Multiple vulnerabilitiesNessusGentoo Local Security Checks
critical
89904GLSA-201603-11 : Oracle JRE/JDK: Multiple vulnerabilities (Logjam)NessusGentoo Local Security Checks
critical
88655Amazon Linux AMI : java-1.7.0-openjdk (ALAS-2016-643) (SLOTH)NessusAmazon Linux Local Security Checks
critical
88541openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2016-115) (SLOTH)NessusSuSE Local Security Checks
critical
88540openSUSE Security Update : Java7 (openSUSE-2016-110) (SLOTH)NessusSuSE Local Security Checks
critical
88538openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2016-107) (SLOTH)NessusSuSE Local Security Checks
critical
88486SUSE SLED11 Security Update : java-1_7_0-openjdk (SUSE-SU-2016:0269-1) (SLOTH)NessusSuSE Local Security Checks
critical
88485SUSE SLED12 / SLES12 Security Update : java-1_7_0-openjdk (SUSE-SU-2016:0265-1) (SLOTH)NessusSuSE Local Security Checks
critical
88080Scientific Linux Security Update : java-1.7.0-openjdk on SL6.x i386/x86_64 (20160121) (SLOTH)NessusScientific Linux Local Security Checks
critical
88079Scientific Linux Security Update : java-1.7.0-openjdk on SL5.x, SL7.x i386/x86_64 (20160121) (SLOTH)NessusScientific Linux Local Security Checks
critical
88073RHEL 5 / 7 : java-1.7.0-openjdk (RHSA-2016:0054) (SLOTH)NessusRed Hat Local Security Checks
critical
88072RHEL 6 : java-1.7.0-openjdk (RHSA-2016:0053) (SLOTH)NessusRed Hat Local Security Checks
critical
88071Oracle Linux 5 / 7 : java-1.7.0-openjdk (ELSA-2016-0054) (SLOTH)NessusOracle Linux Local Security Checks
critical
88070Oracle Linux 6 : java-1.7.0-openjdk (ELSA-2016-0053) (SLOTH)NessusOracle Linux Local Security Checks
critical
88063CentOS 5 / 7 : java-1.7.0-openjdk (CESA-2016:0054) (SLOTH)NessusCentOS Local Security Checks
critical
88062CentOS 6 : java-1.7.0-openjdk (CESA-2016:0053) (SLOTH)NessusCentOS Local Security Checks
critical
87914SUSE SLES10 Security Update : java-1_6_0-ibm (SUSE-SU-2016:0113-1) (Bar Mitzvah) (FREAK)NessusSuSE Local Security Checks
critical
87405SUSE SLES12 Security Update : java-1_8_0-ibm (SUSE-SU-2015:2268-1)NessusSuSE Local Security Checks
critical
87404SUSE SLES12 Security Update : java-1_7_1-ibm (SUSE-SU-2015:2168-2) (FREAK)NessusSuSE Local Security Checks
critical
87386FreeBSD : java -- multiple vulnerabilities (a5934ba8-a376-11e5-85e9-14dae9d210b8)NessusFreeBSD Local Security Checks
critical
87374AIX Java Advisory : java_oct2015_advisory.asc (October 2015 CPU)NessusAIX Local Security Checks
critical
87277SUSE SLES11 Security Update : java-1_7_0-ibm (SUSE-SU-2015:2216-1) (FREAK)NessusSuSE Local Security Checks
critical
87200SUSE SLES11 Security Update : java-1_7_1-ibm (SUSE-SU-2015:2182-1) (FREAK)NessusSuSE Local Security Checks
critical
87181SUSE SLES12 Security Update : java-1_7_1-ibm (SUSE-SU-2015:2168-1) (FREAK)NessusSuSE Local Security Checks
critical
87180SUSE SLES11 Security Update : java-1_6_0-ibm (SUSE-SU-2015:2166-1) (Bar Mitzvah) (FREAK)NessusSuSE Local Security Checks
critical
87107Ubuntu 14.04 LTS / 15.04 / 15.10 : openjdk-7 vulnerability (USN-2818-1)NessusUbuntu Local Security Checks
medium
87050RHEL 7 : java-1.8.0-ibm (RHSA-2015:2509)NessusRed Hat Local Security Checks
critical
87048RHEL 5 : java-1.7.0-ibm (RHSA-2015:2507)NessusRed Hat Local Security Checks
critical
87047RHEL 6 / 7 : java-1.7.1-ibm (RHSA-2015:2506)NessusRed Hat Local Security Checks
critical
86998Debian DSA-3401-1 : openjdk-7 - security updateNessusDebian Local Security Checks
medium
86561RHEL 5 / 6 / 7 : java-1.7.0-oracle (RHSA-2015:1927)NessusRed Hat Local Security Checks
critical
86543Oracle Java SE Multiple Vulnerabilities (October 2015 CPU) (Unix)NessusMisc.
critical
86542Oracle Java SE Multiple Vulnerabilities (October 2015 CPU)NessusWindows
critical