Searching
..

Click anywhere to stop

KLA10447
Multiple vulnerabilities in Java SE

Updated: 01/22/2024
Detect date
?
01/13/2015
Severity
?
Critical
Description

Multiple serious vulnerabilities have been found in Oracle products. Malicious users can exploit these vulnerabilities to cause loss of integrity, denial of service and obtain sensitive information.

Below is a complete list of vulnerabilities

  1. Vectors relsted to Swing, Hotspot, JAX-WS, Deployment, Serviceability, Libraries, Security, 2D and installation process can be exploited remotely or locally via unspecified vulnerabilities;
  2. Vectors related to OpenSSL can be exploited via a padding oracle attack.
Affected products

Oracle Java SE versions 5u75, 6u85, 7u72 and 8u25
Oracle Java SE Embeded 7u71 and 8u6
JRockit 27.8.4 and 28.3.4

Solution

Update to latest version
Get JRockit
Get Java SE

Original advisories

Oracle advisory

Impacts
?
ACE 
[?]

OSI 
[?]

DoS 
[?]

SB 
[?]

WLF 
[?]

PE 
[?]

LoI 
[?]
Related products
Oracle Java JRE 1.7.x
Oracle Java JDK 1.7.x
Oracle Java JDK 1.8.x
Oracle Java JRE 1.8.x
Oracle JRockit
CVE-IDS
?
CVE-2015-04005.0Warning
CVE-2015-04131.9Warning
CVE-2015-04075.0Warning
CVE-2015-04127.2High
CVE-2015-04036.9High
CVE-2015-03835.4High
CVE-2014-65934.0Warning
CVE-2015-04379.3Critical
CVE-2014-35664.3Warning
CVE-2014-65852.6Warning
CVE-2015-04216.9High
CVE-2015-04105.0Warning
CVE-2014-65912.6Warning
CVE-2015-03959.3Critical
CVE-2014-65874.3Warning
CVE-2015-04065.8High
Exploitation

Public exploits exist for this vulnerability.

Find out the statistics of the vulnerabilities spreading in your region