Vulnerabilities Threats

English Russian Japanese LatAm Türkiye Brasil France Český Deutschland

KLA10447
Multiple vulnerabilities in Java SE

Updated: 06/18/2020
Detect date
?
 01/13/2015
Severity
?
 Critical
Description

Multiple serious vulnerabilities have been found in Oracle products. Malicious users can exploit these vulnerabilities to cause loss of integrity, denial of service and obtain sensitive information.

Below is a complete list of vulnerabilities

  1. Vectors relsted to Swing, Hotspot, JAX-WS, Deployment, Serviceability, Libraries, Security, 2D and installation process can be exploited remotely or locally via unspecified vulnerabilities;
  2. Vectors related to OpenSSL can be exploited via a padding oracle attack.
Affected products

Oracle Java SE versions 5u75, 6u85, 7u72 and 8u25
Oracle Java SE Embeded 7u71 and 8u6
JRockit 27.8.4 and 28.3.4
Solution

Update to latest version
Get JRockit
Get Java SE
Original advisories

Oracle advisory
Impacts
?
ACE 
[?]

OSI 
[?]

DoS 
[?]

SB 
[?]

WLF 
[?]

PE 
[?]

LoI 
[?]
Related products
 Oracle Java JRE 1.7.x
Oracle Java JDK 1.7.x
Oracle Java JDK 1.8.x
Oracle Java JRE 1.8.x
Oracle JRockit
CVE-IDS
?
CVE-2015-04005.0Critical
CVE-2015-04131.9Warning
CVE-2015-04075.0Critical
CVE-2015-04127.2High
CVE-2015-04036.9High
CVE-2015-03835.4High
CVE-2014-65934.0Warning
CVE-2015-04379.3Critical
CVE-2014-35664.3Warning
CVE-2014-65852.6Warning
CVE-2015-04216.9High
CVE-2015-04105.0Critical
CVE-2014-65912.6Warning
CVE-2015-03959.3Critical
CVE-2014-65874.3Warning
CVE-2015-04065.8High
Exploitation

The following public exploits exists for this vulnerability:

https://www.exploit-db.com/exploits/38641
Find out the statistics of the vulnerabilities spreading in your region
© 2023 AO Kaspersky Lab. All Rights Reserved.
Privacy Policy Cookies

Up