CVE-2015-0484 - Vulnerability Details

Vendors	Products
Opensuse	Opensuse
Oracle	Javafx Jdk Jre
Redhat	Rhel Extras Oracle Java
Suse	Linux Enterprise Server

Package	CPE	Advisory	Released Date
Oracle Java for Red Hat Enterprise Linux 5
java-1.7.0-oracle-1:1.7.0.79-1jpp.1.el5_11	cpe:/a:redhat:rhel_extras_oracle_java:5	RHSA-2015:0857	2015-04-20T00:00:00Z
Oracle Java for Red Hat Enterprise Linux 6
java-1.8.0-oracle-1:1.8.0.45-1jpp.2.el6_6	cpe:/a:redhat:rhel_extras_oracle_java:6	RHSA-2015:0854	2015-04-17T00:00:00Z
java-1.7.0-oracle-1:1.7.0.79-1jpp.1.el6_6	cpe:/a:redhat:rhel_extras_oracle_java:6	RHSA-2015:0857	2015-04-20T00:00:00Z
Oracle Java for Red Hat Enterprise Linux 7
java-1.8.0-oracle-1:1.8.0.45-1jpp.2.el7_1	cpe:/a:redhat:rhel_extras_oracle_java:7	RHSA-2015:0854	2015-04-17T00:00:00Z
java-1.7.0-oracle-1:1.7.0.79-1jpp.1.el7_1	cpe:/a:redhat:rhel_extras_oracle_java:7	RHSA-2015:0857	2015-04-20T00:00:00Z

Link	Providers
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00017.html
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00018.html
http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00002.html
http://rhn.redhat.com/errata/RHSA-2015-0854.html
http://rhn.redhat.com/errata/RHSA-2015-0857.html
http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html
http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixJAVA
http://www.securityfocus.com/bid/74135
http://www.securitytracker.com/id/1032120
https://nvd.nist.gov/vuln/detail/CVE-2015-0484
https://security.gentoo.org/glsa/201603-11
https://www.cve.org/CVERecord?id=CVE-2015-0484

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-04-14T00:00:00", "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Oracle Java SE 7u76 and 8u40, and Java FX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2015-0492."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-12-30T16:57:01", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle"}, "references": [{"name": "RHSA-2015:0857", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2015-0857.html"}, {"name": "SUSE-SU-2015:0833", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00002.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"}, {"name": "1032120", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1032120"}, {"name": "GLSA-201603-11", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201603-11"}, {"name": "openSUSE-SU-2015:0773", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00017.html"}, {"name": "74135", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/74135"}, {"name": "openSUSE-SU-2015:0774", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00018.html"}, {"name": "RHSA-2015:0854", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2015-0854.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert_us@oracle.com", "ID": "CVE-2015-0484", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in Oracle Java SE 7u76 and 8u40, and Java FX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2015-0492."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "RHSA-2015:0857", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2015-0857.html"}, {"name": "SUSE-SU-2015:0833", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00002.html"}, {"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"}, {"name": "1032120", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1032120"}, {"name": "GLSA-201603-11", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201603-11"}, {"name": "openSUSE-SU-2015:0773", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00017.html"}, {"name": "74135", "refsource": "BID", "url": "http://www.securityfocus.com/bid/74135"}, {"name": "openSUSE-SU-2015:0774", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00018.html"}, {"name": "RHSA-2015:0854", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2015-0854.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T04:10:11.029Z"}, "title": "CVE Program Container", "references": [{"name": "RHSA-2015:0857", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2015-0857.html"}, {"name": "SUSE-SU-2015:0833", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00002.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"}, {"name": "1032120", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1032120"}, {"name": "GLSA-201603-11", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "https://security.gentoo.org/glsa/201603-11"}, {"name": "openSUSE-SU-2015:0773", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00017.html"}, {"name": "74135", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/74135"}, {"name": "openSUSE-SU-2015:0774", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00018.html"}, {"name": "RHSA-2015:0854", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2015-0854.html"}]}]}, "cveMetadata": {"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2015-0484", "datePublished": "2015-04-16T16:00:00", "dateReserved": "2014-12-17T00:00:00", "dateUpdated": "2024-08-06T04:10:11.029Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : n/a (string)

vendor : n/a (string)

versions : [ »

0 : { »

status : affected (string)

version : n/a (string)

}

]

}

]

datePublic : 2015-04-14T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : Unspecified vulnerability in Oracle Java SE 7u76 and 8u40, and Java FX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2015-0492. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : n/a (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2016-12-30T16:57:01 (string)

orgId : 43595867-4340-4103-b7a2-9a5208d29a85 (string)

shortName : oracle (string)

}

references : [ »

0 : { »

name : RHSA-2015:0857 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_REDHAT (string)

]

url : http://rhn.redhat.com/errata/RHSA-2015-0857.html (string)

}

1 : { »

name : SUSE-SU-2015:0833 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SUSE (string)

]

url : http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00002.html (string)

}

2 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html (string)

}

3 : { »

name : 1032120 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_SECTRACK (string)

]

url : http://www.securitytracker.com/id/1032120 (string)

}

4 : { »

name : GLSA-201603-11 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_GENTOO (string)

]

url : https://security.gentoo.org/glsa/201603-11 (string)

}

5 : { »

name : openSUSE-SU-2015:0773 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SUSE (string)

]

url : http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00017.html (string)

}

6 : { »

name : 74135 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

]

url : http://www.securityfocus.com/bid/74135 (string)

}

7 : { »

name : openSUSE-SU-2015:0774 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SUSE (string)

]

url : http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00018.html (string)

}

8 : { »

name : RHSA-2015:0854 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_REDHAT (string)

]

url : http://rhn.redhat.com/errata/RHSA-2015-0854.html (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : secalert_us@oracle.com (string)

ID : CVE-2015-0484 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : n/a (string)

version : { »

version_data : [ »

0 : { »

version_value : n/a (string)

}

]

}

]

}

vendor_name : n/a (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : Unspecified vulnerability in Oracle Java SE 7u76 and 8u40, and Java FX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2015-0492. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : n/a (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : RHSA-2015:0857 (string)

refsource : REDHAT (string)

url : http://rhn.redhat.com/errata/RHSA-2015-0857.html (string)

}

1 : { »

name : SUSE-SU-2015:0833 (string)

refsource : SUSE (string)

url : http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00002.html (string)

}

2 : { »

name : http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html (string)

refsource : CONFIRM (string)

url : http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html (string)

}

3 : { »

name : 1032120 (string)

refsource : SECTRACK (string)

url : http://www.securitytracker.com/id/1032120 (string)

}

4 : { »

name : GLSA-201603-11 (string)

refsource : GENTOO (string)

url : https://security.gentoo.org/glsa/201603-11 (string)

}

5 : { »

name : openSUSE-SU-2015:0773 (string)

refsource : SUSE (string)

url : http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00017.html (string)

}

6 : { »

name : 74135 (string)

refsource : BID (string)

url : http://www.securityfocus.com/bid/74135 (string)

}

7 : { »

name : openSUSE-SU-2015:0774 (string)

refsource : SUSE (string)

url : http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00018.html (string)

}

8 : { »

name : RHSA-2015:0854 (string)

refsource : REDHAT (string)

url : http://rhn.redhat.com/errata/RHSA-2015-0854.html (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-06T04:10:11.029Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

name : RHSA-2015:0857 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_REDHAT (string)

2 : x_transferred (string)

]

url : http://rhn.redhat.com/errata/RHSA-2015-0857.html (string)

}

1 : { »

name : SUSE-SU-2015:0833 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SUSE (string)

2 : x_transferred (string)

]

url : http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00002.html (string)

}

2 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html (string)

}

3 : { »

name : 1032120 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_SECTRACK (string)

2 : x_transferred (string)

]

url : http://www.securitytracker.com/id/1032120 (string)

}

4 : { »

name : GLSA-201603-11 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_GENTOO (string)

2 : x_transferred (string)

]

url : https://security.gentoo.org/glsa/201603-11 (string)

}

5 : { »

name : openSUSE-SU-2015:0773 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SUSE (string)

2 : x_transferred (string)

]

url : http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00017.html (string)

}

6 : { »

name : 74135 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

2 : x_transferred (string)

]

url : http://www.securityfocus.com/bid/74135 (string)

}

7 : { »

name : openSUSE-SU-2015:0774 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_SUSE (string)

2 : x_transferred (string)

]

url : http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00018.html (string)

}

8 : { »

name : RHSA-2015:0854 (string)

tags : [ »

0 : vendor-advisory (string)

1 : x_refsource_REDHAT (string)

2 : x_transferred (string)

]

url : http://rhn.redhat.com/errata/RHSA-2015-0854.html (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 43595867-4340-4103-b7a2-9a5208d29a85 (string)

assignerShortName : oracle (string)

cveId : CVE-2015-0484 (string)

datePublished : 2015-04-16T16:00:00 (string)

dateReserved : 2014-12-17T00:00:00 (string)

dateUpdated : 2024-08-06T04:10:11.029Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update76:*:*:*:*:*:*", "matchCriteriaId": "A2C5FA21-4D3B-4739-92A1-B87A1A63F29B", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update40:*:*:*:*:*:*", "matchCriteriaId": "8348D050-22EF-49AC-960A-ADBA1441FFC0", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.7.0:update76:*:*:*:*:*:*", "matchCriteriaId": "50E5F104-C20F-4E6B-AD70-8FEC1B9A9B46", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jre:1.8.0:update40:*:*:*:*:*:*", "matchCriteriaId": "BB2AF8BC-7643-4CBF-83C0-CA4656AC4FB4", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oracle:javafx:2.2.76:*:*:*:*:*:*:*", "matchCriteriaId": "40229F01-B2C6-44EA-8DF8-C316B52F5848", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:*:*:*", "matchCriteriaId": "8B072472-B463-4647-885D-E40B0115C810", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Oracle Java SE 7u76 and 8u40, and Java FX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2015-0492."}, {"lang": "es", "value": "Vulnerabilidad no especificada en Oracle Java SE 7u76 y 8u40, y Java FX 2.2.76, permite a atacantes remotos afectar la confidencialidad, la integridad y la disponibilidad a trav\u00e9s de vectores desconocidos, una vulnerabilidad diferente a CVE-2015-0492."}], "evaluatorComment": "Per Oracle:  Applies to client deployment of Java only. This vulnerability can be exploited only through sandboxed Java Web Start applications and sandboxed Java applets. (http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html)", "id": "CVE-2015-0484", "lastModified": "2024-11-21T02:23:10.183", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2015-04-16T16:59:36.260", "references": [{"source": "secalert_us@oracle.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00017.html"}, {"source": "secalert_us@oracle.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00018.html"}, {"source": "secalert_us@oracle.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00002.html"}, {"source": "secalert_us@oracle.com", "url": "http://rhn.redhat.com/errata/RHSA-2015-0854.html"}, {"source": "secalert_us@oracle.com", "url": "http://rhn.redhat.com/errata/RHSA-2015-0857.html"}, {"source": "secalert_us@oracle.com", "tags": ["Vendor Advisory"], "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"}, {"source": "secalert_us@oracle.com", "url": "http://www.securityfocus.com/bid/74135"}, {"source": "secalert_us@oracle.com", "url": "http://www.securitytracker.com/id/1032120"}, {"source": "secalert_us@oracle.com", "url": "https://security.gentoo.org/glsa/201603-11"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00017.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00018.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00002.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://rhn.redhat.com/errata/RHSA-2015-0854.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://rhn.redhat.com/errata/RHSA-2015-0857.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/74135"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id/1032120"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.gentoo.org/glsa/201603-11"}], "sourceIdentifier": "secalert_us@oracle.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:oracle:jdk:1.7.0:update76:*:*:*:*:*:* (string)

matchCriteriaId : A2C5FA21-4D3B-4739-92A1-B87A1A63F29B (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:a:oracle:jdk:1.8.0:update40:*:*:*:*:*:* (string)

matchCriteriaId : 8348D050-22EF-49AC-960A-ADBA1441FFC0 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:a:oracle:jre:1.7.0:update76:*:*:*:*:*:* (string)

matchCriteriaId : 50E5F104-C20F-4E6B-AD70-8FEC1B9A9B46 (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:a:oracle:jre:1.8.0:update40:*:*:*:*:*:* (string)

matchCriteriaId : BB2AF8BC-7643-4CBF-83C0-CA4656AC4FB4 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

1 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:oracle:javafx:2.2.76:*:*:*:*:*:*:* (string)

matchCriteriaId : 40229F01-B2C6-44EA-8DF8-C316B52F5848 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

2 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:* (string)

matchCriteriaId : 03117DF1-3BEC-4B8D-AD63-DBBDB2126081 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:*:*:* (string)

matchCriteriaId : 8B072472-B463-4647-885D-E40B0115C810 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : Unspecified vulnerability in Oracle Java SE 7u76 and 8u40, and Java FX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2015-0492. (string)

}

1 : { »

lang : es (string)

value : Vulnerabilidad no especificada en Oracle Java SE 7u76 y 8u40, y Java FX 2.2.76, permite a atacantes remotos afectar la confidencialidad, la integridad y la disponibilidad a través de vectores desconocidos, una vulnerabilidad diferente a CVE-2015-0492. (string)

}

]

evaluatorComment : Per Oracle: Applies to client deployment of Java only. This vulnerability can be exploited only through sandboxed Java Web Start applications and sandboxed Java applets. (http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html) (string)

id : CVE-2015-0484 (string)

lastModified : 2024-11-21T02:23:10.183 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : MEDIUM (string)

cvssData : { »

accessComplexity : MEDIUM (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : PARTIAL (string)

baseScore : 6.8 (number)

confidentialityImpact : PARTIAL (string)

integrityImpact : PARTIAL (string)

vectorString : AV:N/AC:M/Au:N/C:P/I:P/A:P (string)

version : 2.0 (string)

}

exploitabilityScore : 8.6 (number)

impactScore : 6.4 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

}

published : 2015-04-16T16:59:36.260 (string)

references : [ »

0 : { »

source : secalert_us@oracle.com (string)

url : http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00017.html (string)

}

1 : { »

source : secalert_us@oracle.com (string)

url : http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00018.html (string)

}

2 : { »

source : secalert_us@oracle.com (string)

url : http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00002.html (string)

}

3 : { »

source : secalert_us@oracle.com (string)

url : http://rhn.redhat.com/errata/RHSA-2015-0854.html (string)

}

4 : { »

source : secalert_us@oracle.com (string)

url : http://rhn.redhat.com/errata/RHSA-2015-0857.html (string)

}

5 : { »

source : secalert_us@oracle.com (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html (string)

}

6 : { »

source : secalert_us@oracle.com (string)

url : http://www.securityfocus.com/bid/74135 (string)

}

7 : { »

source : secalert_us@oracle.com (string)

url : http://www.securitytracker.com/id/1032120 (string)

}

8 : { »

source : secalert_us@oracle.com (string)

url : https://security.gentoo.org/glsa/201603-11 (string)

}

9 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00017.html (string)

}

10 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00018.html (string)

}

11 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00002.html (string)

}

12 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://rhn.redhat.com/errata/RHSA-2015-0854.html (string)

}

13 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://rhn.redhat.com/errata/RHSA-2015-0857.html (string)

}

14 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html (string)

}

15 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://www.securityfocus.com/bid/74135 (string)

}

16 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://www.securitytracker.com/id/1032120 (string)

}

17 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://security.gentoo.org/glsa/201603-11 (string)

}

]

sourceIdentifier : secalert_us@oracle.com (string)

vulnStatus : Modified (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : NVD-CWE-noinfo (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Show plain JSON

{"affected_release": [{"advisory": "RHSA-2015:0857", "cpe": "cpe:/a:redhat:rhel_extras_oracle_java:5", "package": "java-1.7.0-oracle-1:1.7.0.79-1jpp.1.el5_11", "product_name": "Oracle Java for Red Hat Enterprise Linux 5", "release_date": "2015-04-20T00:00:00Z"}, {"advisory": "RHSA-2015:0854", "cpe": "cpe:/a:redhat:rhel_extras_oracle_java:6", "package": "java-1.8.0-oracle-1:1.8.0.45-1jpp.2.el6_6", "product_name": "Oracle Java for Red Hat Enterprise Linux 6", "release_date": "2015-04-17T00:00:00Z"}, {"advisory": "RHSA-2015:0857", "cpe": "cpe:/a:redhat:rhel_extras_oracle_java:6", "package": "java-1.7.0-oracle-1:1.7.0.79-1jpp.1.el6_6", "product_name": "Oracle Java for Red Hat Enterprise Linux 6", "release_date": "2015-04-20T00:00:00Z"}, {"advisory": "RHSA-2015:0854", "cpe": "cpe:/a:redhat:rhel_extras_oracle_java:7", "package": "java-1.8.0-oracle-1:1.8.0.45-1jpp.2.el7_1", "product_name": "Oracle Java for Red Hat Enterprise Linux 7", "release_date": "2015-04-17T00:00:00Z"}, {"advisory": "RHSA-2015:0857", "cpe": "cpe:/a:redhat:rhel_extras_oracle_java:7", "package": "java-1.7.0-oracle-1:1.7.0.79-1jpp.1.el7_1", "product_name": "Oracle Java for Red Hat Enterprise Linux 7", "release_date": "2015-04-20T00:00:00Z"}], "bugzilla": {"description": "JDK: unspecified vulnerability fixed in 7u79 and 8u45 (JavaFX)", "id": "1211773", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1211773"}, "csaw": false, "cvss": {"cvss_base_score": "6.8", "cvss_scoring_vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "status": "verified"}, "details": ["Unspecified vulnerability in Oracle Java SE 7u76 and 8u40, and Java FX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2015-0492."], "name": "CVE-2015-0484", "public_date": "2015-04-14T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2015-0484\nhttps://nvd.nist.gov/vuln/detail/CVE-2015-0484\nhttp://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixJAVA"], "threat_severity": "Important"}

{

affected_release : [ »

0 : { »

advisory : RHSA-2015:0857 (string)

cpe : cpe:/a:redhat:rhel_extras_oracle_java:5 (string)

package : java-1.7.0-oracle-1:1.7.0.79-1jpp.1.el5_11 (string)

product_name : Oracle Java for Red Hat Enterprise Linux 5 (string)

release_date : 2015-04-20T00:00:00Z (string)

}

1 : { »

advisory : RHSA-2015:0854 (string)

cpe : cpe:/a:redhat:rhel_extras_oracle_java:6 (string)

package : java-1.8.0-oracle-1:1.8.0.45-1jpp.2.el6_6 (string)

product_name : Oracle Java for Red Hat Enterprise Linux 6 (string)

release_date : 2015-04-17T00:00:00Z (string)

}

2 : { »

advisory : RHSA-2015:0857 (string)

cpe : cpe:/a:redhat:rhel_extras_oracle_java:6 (string)

package : java-1.7.0-oracle-1:1.7.0.79-1jpp.1.el6_6 (string)

product_name : Oracle Java for Red Hat Enterprise Linux 6 (string)

release_date : 2015-04-20T00:00:00Z (string)

}

3 : { »

advisory : RHSA-2015:0854 (string)

cpe : cpe:/a:redhat:rhel_extras_oracle_java:7 (string)

package : java-1.8.0-oracle-1:1.8.0.45-1jpp.2.el7_1 (string)

product_name : Oracle Java for Red Hat Enterprise Linux 7 (string)

release_date : 2015-04-17T00:00:00Z (string)

}

4 : { »

advisory : RHSA-2015:0857 (string)

cpe : cpe:/a:redhat:rhel_extras_oracle_java:7 (string)

package : java-1.7.0-oracle-1:1.7.0.79-1jpp.1.el7_1 (string)

product_name : Oracle Java for Red Hat Enterprise Linux 7 (string)

release_date : 2015-04-20T00:00:00Z (string)

}

]

bugzilla : { »

description : JDK: unspecified vulnerability fixed in 7u79 and 8u45 (JavaFX) (string)

id : 1211773 (string)

url : https://bugzilla.redhat.com/show_bug.cgi?id=1211773 (string)

}

csaw : false (boolean)

cvss : { »

cvss_base_score : 6.8 (string)

cvss_scoring_vector : AV:N/AC:M/Au:N/C:P/I:P/A:P (string)

status : verified (string)

}

details : [ »

0 : Unspecified vulnerability in Oracle Java SE 7u76 and 8u40, and Java FX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2015-0492. (string)

]

name : CVE-2015-0484 (string)

public_date : 2015-04-14T00:00:00Z (string)

references : [ »

0 : https://www.cve.org/CVERecord?id=CVE-2015-0484 https://nvd.nist.gov/vuln/detail/CVE-2015-0484 http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixJAVA (string)

]

threat_severity : Important (string)

}

Metrics

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object