CVE-2015-0460

Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.

CVSS v2.0 9.3 HIGH

9.3^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability : 8.6 / Impact : 10.0

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html	Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2015-0807.html
http://rhn.redhat.com/errata/RHSA-2015-0809.html
http://rhn.redhat.com/errata/RHSA-2015-0808.html
http://rhn.redhat.com/errata/RHSA-2015-0806.html
http://www.debian.org/security/2015/dsa-3234
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00018.html
http://www.mandriva.com/security/advisories?name=MDVSA-2015:212
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00017.html
http://advisories.mageia.org/MGASA-2015-0158.html
http://www.debian.org/security/2015/dsa-3235
http://www.securityfocus.com/bid/74097
http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00002.html
https://security.gentoo.org/glsa/201603-11
http://www.ubuntu.com/usn/USN-2574-1
http://www.ubuntu.com/usn/USN-2573-1
http://www.securitytracker.com/id/1032120
http://rhn.redhat.com/errata/RHSA-2015-0858.html
http://rhn.redhat.com/errata/RHSA-2015-0857.html
http://rhn.redhat.com/errata/RHSA-2015-0854.html
http://www.debian.org/security/2015/dsa-3316

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:oracle:jdk:1.8.0:update40::::::
	cpe:2.3:a:oracle:jdk:1.5.0:update8::::::
	cpe:2.3:a:oracle:jdk:1.6.0:update91::::::
	cpe:2.3:a:oracle:jdk:1.7.0:update76::::::
	cpe:2.3:a:oracle:jre:1.5.0:update81::::::
	cpe:2.3:a:oracle:jre:1.6.0:update91::::::
	cpe:2.3:a:oracle:jre:1.7.0:update76::::::
	cpe:2.3:a:oracle:jre:1.8.0:update40::::::

Information

Published : 2015-04-16 09:59

Updated : 2022-05-13 07:57

NVD link : CVE-2015-0460

Mitre link : CVE-2015-0460

JSON object : View

CWE

NVD-CWE-noinfo

Products Affected

oracle

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html", "name": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html", "tags": ["Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://rhn.redhat.com/errata/RHSA-2015-0807.html", "name": "RHSA-2015:0807", "tags": [], "refsource": "REDHAT"}, {"url": "http://rhn.redhat.com/errata/RHSA-2015-0809.html", "name": "RHSA-2015:0809", "tags": [], "refsource": "REDHAT"}, {"url": "http://rhn.redhat.com/errata/RHSA-2015-0808.html", "name": "RHSA-2015:0808", "tags": [], "refsource": "REDHAT"}, {"url": "http://rhn.redhat.com/errata/RHSA-2015-0806.html", "name": "RHSA-2015:0806", "tags": [], "refsource": "REDHAT"}, {"url": "http://www.debian.org/security/2015/dsa-3234", "name": "DSA-3234", "tags": [], "refsource": "DEBIAN"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00018.html", "name": "openSUSE-SU-2015:0774", "tags": [], "refsource": "SUSE"}, {"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:212", "name": "MDVSA-2015:212", "tags": [], "refsource": "MANDRIVA"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00017.html", "name": "openSUSE-SU-2015:0773", "tags": [], "refsource": "SUSE"}, {"url": "http://advisories.mageia.org/MGASA-2015-0158.html", "name": "http://advisories.mageia.org/MGASA-2015-0158.html", "tags": [], "refsource": "CONFIRM"}, {"url": "http://www.debian.org/security/2015/dsa-3235", "name": "DSA-3235", "tags": [], "refsource": "DEBIAN"}, {"url": "http://www.securityfocus.com/bid/74097", "name": "74097", "tags": [], "refsource": "BID"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00002.html", "name": "SUSE-SU-2015:0833", "tags": [], "refsource": "SUSE"}, {"url": "https://security.gentoo.org/glsa/201603-11", "name": "GLSA-201603-11", "tags": [], "refsource": "GENTOO"}, {"url": "http://www.ubuntu.com/usn/USN-2574-1", "name": "USN-2574-1", "tags": [], "refsource": "UBUNTU"}, {"url": "http://www.ubuntu.com/usn/USN-2573-1", "name": "USN-2573-1", "tags": [], "refsource": "UBUNTU"}, {"url": "http://www.securitytracker.com/id/1032120", "name": "1032120", "tags": [], "refsource": "SECTRACK"}, {"url": "http://rhn.redhat.com/errata/RHSA-2015-0858.html", "name": "RHSA-2015:0858", "tags": [], "refsource": "REDHAT"}, {"url": "http://rhn.redhat.com/errata/RHSA-2015-0857.html", "name": "RHSA-2015:0857", "tags": [], "refsource": "REDHAT"}, {"url": "http://rhn.redhat.com/errata/RHSA-2015-0854.html", "name": "RHSA-2015:0854", "tags": [], "refsource": "REDHAT"}, {"url": "http://www.debian.org/security/2015/dsa-3316", "name": "DSA-3316", "tags": [], "refsource": "DEBIAN"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2015-0460", "ASSIGNER": "secalert_us@oracle.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "HIGH", "impactScore": 10.0, "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2015-04-16T16:59Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:oracle:jdk:1.8.0:update40:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:jdk:1.5.0:update8:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update91:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update76:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:jre:1.5.0:update81:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update91:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update76:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:oracle:jre:1.8.0:update40:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2022-05-13T14:57Z"}

9.3 /10