{ "id": "CVE-2015-4803", "sourceIdentifier": "secalert_us@oracle.com", "published": "2015-10-21T21:59:20.927", "lastModified": "2022-05-13T14:38:26.367", "vulnStatus": "Modified", "evaluatorComment": "Per LINK: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service.", "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4893 and CVE-2015-4911." }, { "lang": "es", "value": "Vulnerabilidad no especificada en Oracle Java SE 6u101, 7u85 y 8u60; Java SE Embedded 8u51 y JRockit R28.3.7 permite a atacantes remotos afectar a la disponibilidad a trav\u00e9s de vectores relacionados con JAXP, una vulnerabilidad diferente a CVE-2015-4893 y CVE-2015-4911." } ], "metrics": { "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0 }, "baseSeverity": "MEDIUM", "exploitabilityScore": 10.0, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "NVD-CWE-noinfo" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:jrockit:r28.3.7:*:*:*:*:*:*:*", "matchCriteriaId": "27BBEF93-7B3E-48C5-84B8-606C6257F020" } ] } ] }, { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:jdk:1.6.0:update101:*:*:*:*:*:*", "matchCriteriaId": "3CB2A0A4-F70C-4161-9504-781E49925180" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update85:*:*:*:*:*:*", "matchCriteriaId": "8D5A88F0-6F37-402F-8153-92B4D4083313" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update51:*:*:*:*:*:*", "matchCriteriaId": "E5D9CEF0-6DE9-4886-91B9-3AEDD6E5A24E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update60:*:*:*:*:*:*", "matchCriteriaId": "5AB1B679-623A-4ADE-B235-A35EFCA0CC9F" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:jre:1.6.0:update_101:*:*:*:*:*:*", "matchCriteriaId": "9907A48A-6F6A-47C9-86AD-0834E1CB30E7" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update_85:*:*:*:*:*:*", "matchCriteriaId": "63A5916F-9EDC-48E3-A3D3-9BF98CD5BC63" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:jre:1.8.0:update_51:*:*:*:*:*:*", "matchCriteriaId": "4B7E7C40-2A96-45AC-BBB6-1E6C07A466A3" }, { "vulnerable": true, "criteria": "cpe:2.3:a:oracle:jre:1.8.0:update_60:*:*:*:*:*:*", "matchCriteriaId": "15C71821-E1E2-4083-92FF-C0FE10443556" } ] } ] } ], "references": [ { "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html", "source": "secalert_us@oracle.com" }, { "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00001.html", "source": "secalert_us@oracle.com" }, { "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00008.html", "source": "secalert_us@oracle.com" }, { "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html", "source": "secalert_us@oracle.com" }, { "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00010.html", "source": "secalert_us@oracle.com" }, { "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00019.html", "source": "secalert_us@oracle.com" }, { "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html", "source": "secalert_us@oracle.com" }, { "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html", "source": "secalert_us@oracle.com" }, { "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html", "source": "secalert_us@oracle.com" }, { "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html", "source": "secalert_us@oracle.com" }, { "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html", "source": "secalert_us@oracle.com" }, { "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00014.html", "source": "secalert_us@oracle.com" }, { "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html", "source": "secalert_us@oracle.com" }, { "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html", "source": "secalert_us@oracle.com" }, { "url": "http://rhn.redhat.com/errata/RHSA-2015-1919.html", "source": "secalert_us@oracle.com" }, { "url": "http://rhn.redhat.com/errata/RHSA-2015-1920.html", "source": "secalert_us@oracle.com" }, { "url": "http://rhn.redhat.com/errata/RHSA-2015-1921.html", "source": "secalert_us@oracle.com" }, { "url": "http://rhn.redhat.com/errata/RHSA-2015-1926.html", "source": "secalert_us@oracle.com" }, { "url": "http://rhn.redhat.com/errata/RHSA-2015-1927.html", "source": "secalert_us@oracle.com" }, { "url": "http://rhn.redhat.com/errata/RHSA-2015-1928.html", "source": "secalert_us@oracle.com" }, { "url": "http://rhn.redhat.com/errata/RHSA-2015-2506.html", "source": "secalert_us@oracle.com" }, { "url": "http://rhn.redhat.com/errata/RHSA-2015-2507.html", "source": "secalert_us@oracle.com" }, { "url": "http://rhn.redhat.com/errata/RHSA-2015-2508.html", "source": "secalert_us@oracle.com" }, { "url": "http://rhn.redhat.com/errata/RHSA-2015-2509.html", "source": "secalert_us@oracle.com" }, { "url": "http://www.debian.org/security/2015/dsa-3381", "source": "secalert_us@oracle.com" }, { "url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", "source": "secalert_us@oracle.com", "tags": [ "Vendor Advisory" ] }, { "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", "source": "secalert_us@oracle.com" }, { "url": "http://www.securityfocus.com/bid/77200", "source": "secalert_us@oracle.com" }, { "url": "http://www.securitytracker.com/id/1033884", "source": "secalert_us@oracle.com" }, { "url": "http://www.ubuntu.com/usn/USN-2784-1", "source": "secalert_us@oracle.com" }, { "url": "http://www.ubuntu.com/usn/USN-2827-1", "source": "secalert_us@oracle.com" }, { "url": "https://access.redhat.com/errata/RHSA-2016:1430", "source": "secalert_us@oracle.com" }, { "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10141", "source": "secalert_us@oracle.com" }, { "url": "https://security.gentoo.org/glsa/201603-11", "source": "secalert_us@oracle.com" }, { "url": "https://security.gentoo.org/glsa/201603-14", "source": "secalert_us@oracle.com" } ] }