English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.108397
Category:General
Title:Oracle Java SE JRE Multiple Unspecified Vulnerabilities-02 (Apr 2015) - Linux
Summary:Oracle Java SE JRE is prone to multiple unspecified vulnerabilities.
Description:Summary:
Oracle Java SE JRE is prone to multiple unspecified vulnerabilities.

Vulnerability Insight:
Multiple flaws exist due to:

- An error in the Java Cryptography Extension (JCE) subcomponent's RSA signature
implementation.

- An error in the JSSE subcomponent that is triggered when checking X.509
certificate options.

- An error in the 'ReferenceProcessor::process_discovered_references' function
in share/vm/memory/referenceProcessor.cpp script.

- Two unspecified errors related to the 2D subcomponent.

- An error in the Beans subcomponent related to permissions and resource
loading.

- An off-by-one overflow condition in the functions
'LigatureSubstitutionProcessor::processStateEntry' and
'LigatureSubstitutionProcessor2::processStateEntry' within LigatureSubstProc.cpp
and LigatureSubstProc2.cpp scripts respectively.

- An unspecified error.

Vulnerability Impact:
Successful exploitation will allow attackers
to gain knowledge of potentially sensitive information, conduct
denial-of-service attacks, execute arbitrary code and other unspecified impact.

Affected Software/OS:
Oracle Java SE 5.0 update 81 and prior,
6 update 91 and prior, 7 update 76 and prior, and 8 update 40 and prior on
Linux.

Solution:
Apply the patch from the referenced advisory.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2015-0491
BugTraq ID: 74094
http://www.securityfocus.com/bid/74094
https://security.gentoo.org/glsa/201603-11
RedHat Security Advisories: RHSA-2015:0854
http://rhn.redhat.com/errata/RHSA-2015-0854.html
RedHat Security Advisories: RHSA-2015:0857
http://rhn.redhat.com/errata/RHSA-2015-0857.html
RedHat Security Advisories: RHSA-2015:0858
http://rhn.redhat.com/errata/RHSA-2015-0858.html
RedHat Security Advisories: RHSA-2015:1006
http://rhn.redhat.com/errata/RHSA-2015-1006.html
RedHat Security Advisories: RHSA-2015:1007
http://rhn.redhat.com/errata/RHSA-2015-1007.html
RedHat Security Advisories: RHSA-2015:1020
http://rhn.redhat.com/errata/RHSA-2015-1020.html
RedHat Security Advisories: RHSA-2015:1021
http://rhn.redhat.com/errata/RHSA-2015-1021.html
RedHat Security Advisories: RHSA-2015:1091
http://rhn.redhat.com/errata/RHSA-2015-1091.html
http://www.securitytracker.com/id/1032120
SuSE Security Announcement: SUSE-SU-2015:0833 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00002.html
SuSE Security Announcement: SUSE-SU-2015:1085 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html
SuSE Security Announcement: SUSE-SU-2015:1086 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html
SuSE Security Announcement: SUSE-SU-2015:1138 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html
SuSE Security Announcement: SUSE-SU-2015:1161 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html
SuSE Security Announcement: SUSE-SU-2015:2166 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html
SuSE Security Announcement: SUSE-SU-2015:2168 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html
SuSE Security Announcement: SUSE-SU-2015:2182 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html
SuSE Security Announcement: SUSE-SU-2015:2192 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html
SuSE Security Announcement: SUSE-SU-2015:2216 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html
SuSE Security Announcement: SUSE-SU-2016:0113 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html
SuSE Security Announcement: openSUSE-SU-2015:0773 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00017.html
SuSE Security Announcement: openSUSE-SU-2015:0774 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00018.html
Common Vulnerability Exposure (CVE) ID: CVE-2015-0488
BugTraq ID: 74111
http://www.securityfocus.com/bid/74111
Debian Security Information: DSA-3234 (Google Search)
http://www.debian.org/security/2015/dsa-3234
Debian Security Information: DSA-3235 (Google Search)
http://www.debian.org/security/2015/dsa-3235
Debian Security Information: DSA-3316 (Google Search)
http://www.debian.org/security/2015/dsa-3316
http://www.mandriva.com/security/advisories?name=MDVSA-2015:212
RedHat Security Advisories: RHSA-2015:0806
http://rhn.redhat.com/errata/RHSA-2015-0806.html
RedHat Security Advisories: RHSA-2015:0807
http://rhn.redhat.com/errata/RHSA-2015-0807.html
RedHat Security Advisories: RHSA-2015:0808
http://rhn.redhat.com/errata/RHSA-2015-0808.html
RedHat Security Advisories: RHSA-2015:0809
http://rhn.redhat.com/errata/RHSA-2015-0809.html
http://www.ubuntu.com/usn/USN-2573-1
http://www.ubuntu.com/usn/USN-2574-1
Common Vulnerability Exposure (CVE) ID: CVE-2015-0480
BugTraq ID: 74104
http://www.securityfocus.com/bid/74104
Common Vulnerability Exposure (CVE) ID: CVE-2015-0478
BugTraq ID: 74147
http://www.securityfocus.com/bid/74147
http://www.securitytracker.com/id/1035517
Common Vulnerability Exposure (CVE) ID: CVE-2015-0477
BugTraq ID: 74119
http://www.securityfocus.com/bid/74119
Common Vulnerability Exposure (CVE) ID: CVE-2015-0469
BugTraq ID: 74072
http://www.securityfocus.com/bid/74072
Common Vulnerability Exposure (CVE) ID: CVE-2015-0460
BugTraq ID: 74097
http://www.securityfocus.com/bid/74097
Common Vulnerability Exposure (CVE) ID: CVE-2015-0459
BugTraq ID: 74083
http://www.securityfocus.com/bid/74083
CopyrightCopyright (C) 2015 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.