Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS.

Metrics

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:L/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Canonical
  • Ubuntu Linux
Debian
  • Debian Linux
Novell
  • Suse Linux Enterprise Desktop
  • Suse Linux Enterprise Server
Opensuse
  • Opensuse
Oracle
  • Jdk
  • Jre
Redhat
  • Enterprise Linux
  • Network Satellite
  • Rhel Extras
  • Rhel Extras Oracle Java

Configuration 1 [-]

OR cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:novell:suse_linux_enterprise_desktop:11.0:sp3:*:*:*:*:*:*
cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*

Configuration 2 [-]

OR cpe:2.3:a:oracle:jdk:1.6.0:update85:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update72:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.8.0:update25:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update85:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update72:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.8.0:update25:*:*:*:*:*:*
Package CPE Advisory Released Date
Oracle Java for Red Hat Enterprise Linux 5
java-1.7.0-oracle-1:1.7.0.75-1jpp.1.el5_11 cpe:/a:redhat:rhel_extras_oracle_java:5 RHSA-2015:0079 2015-01-22T00:00:00Z
java-1.6.0-sun-1:1.6.0.91-1jpp.1.el5_11 cpe:/a:redhat:rhel_extras_oracle_java:5 RHSA-2015:0086 2015-01-26T00:00:00Z
Oracle Java for Red Hat Enterprise Linux 6
java-1.7.0-oracle-1:1.7.0.75-1jpp.1.el6 cpe:/a:redhat:rhel_extras_oracle_java:6 RHSA-2015:0079 2015-01-22T00:00:00Z
java-1.8.0-oracle-1:1.8.0.31-1jpp.1.el6 cpe:/a:redhat:rhel_extras_oracle_java:6 RHSA-2015:0080 2015-01-22T00:00:00Z
java-1.6.0-sun-1:1.6.0.91-1jpp.1.el6 cpe:/a:redhat:rhel_extras_oracle_java:6 RHSA-2015:0086 2015-01-26T00:00:00Z
Oracle Java for Red Hat Enterprise Linux 7
java-1.7.0-oracle-1:1.7.0.75-1jpp.2.el7 cpe:/a:redhat:rhel_extras_oracle_java:7 RHSA-2015:0079 2015-01-22T00:00:00Z
java-1.6.0-sun-1:1.6.0.91-1jpp.1.el7 cpe:/a:redhat:rhel_extras_oracle_java:7 RHSA-2015:0086 2015-01-26T00:00:00Z
Red Hat Enterprise Linux 5
java-1.7.0-openjdk-1:1.7.0.75-2.5.4.0.el5_11 cpe:/o:redhat:enterprise_linux:5 RHSA-2015:0068 2015-01-20T00:00:00Z
java-1.6.0-openjdk-1:1.6.0.34-1.13.6.1.el5_11 cpe:/o:redhat:enterprise_linux:5 RHSA-2015:0085 2015-01-26T00:00:00Z
Red Hat Enterprise Linux 5 Supplementary
java-1.7.0-ibm-1:1.7.0.8.10-1jpp.4.el5 cpe:/a:redhat:rhel_extras:5 RHSA-2015:0134 2015-02-05T00:00:00Z
java-1.6.0-ibm-1:1.6.0.16.3-1jpp.1.el5 cpe:/a:redhat:rhel_extras:5 RHSA-2015:0135 2015-02-05T00:00:00Z
Red Hat Enterprise Linux 6
java-1.7.0-openjdk-1:1.7.0.75-2.5.4.0.el6_6 cpe:/o:redhat:enterprise_linux:6 RHSA-2015:0067 2015-01-21T00:00:00Z
java-1.8.0-openjdk-1:1.8.0.31-1.b13.el6_6 cpe:/o:redhat:enterprise_linux:6 RHSA-2015:0069 2015-01-21T00:00:00Z
java-1.6.0-openjdk-1:1.6.0.34-1.13.6.1.el6_6 cpe:/o:redhat:enterprise_linux:6 RHSA-2015:0085 2015-01-26T00:00:00Z
Red Hat Enterprise Linux 7
java-1.7.0-openjdk-1:1.7.0.75-2.5.4.2.el7_0 cpe:/o:redhat:enterprise_linux:7 RHSA-2015:0067 2015-01-21T00:00:00Z
java-1.6.0-openjdk-1:1.6.0.34-1.13.6.1.el7_0 cpe:/o:redhat:enterprise_linux:7 RHSA-2015:0085 2015-01-26T00:00:00Z
Red Hat Satellite 5.6
java-1.6.0-ibm-1:1.6.0.16.3-1jpp.1.el6 cpe:/a:redhat:network_satellite:5.6::el5 RHSA-2015:0264 2015-02-24T00:00:00Z
Red Hat Satellite 5.7
java-1.6.0-ibm-1:1.6.0.16.3-1jpp.1.el6 cpe:/a:redhat:network_satellite:5.7::el6 RHSA-2015:0263 2015-02-24T00:00:00Z
Supplementary for Red Hat Enterprise Linux 6
java-1.7.1-ibm-1:1.7.1.2.10-1jpp.3.el6_6 cpe:/a:redhat:rhel_extras:6 RHSA-2015:0133 2015-02-05T00:00:00Z
java-1.6.0-ibm-1:1.6.0.16.3-1jpp.1.el6_6 cpe:/a:redhat:rhel_extras:6 RHSA-2015:0135 2015-02-05T00:00:00Z
Supplementary for Red Hat Enterprise Linux 7
java-1.7.1-ibm-1:1.7.1.2.10-1jpp.3.el7_0 cpe:/a:redhat:rhel_extras:7 RHSA-2015:0133 2015-02-05T00:00:00Z
References
Link Providers
http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581 cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html cve-icon cve-icon
http://marc.info/?l=bugtraq&m=142496355704097&w=2 cve-icon cve-icon
http://marc.info/?l=bugtraq&m=142607790919348&w=2 cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2015-0068.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2015-0079.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2015-0080.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2015-0085.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2015-0086.html cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2015-0264.html cve-icon cve-icon
http://www.debian.org/security/2015/dsa-3144 cve-icon cve-icon
http://www.debian.org/security/2015/dsa-3147 cve-icon cve-icon
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html cve-icon cve-icon
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html#AppendixJAVA cve-icon
http://www.securityfocus.com/bid/72136 cve-icon cve-icon
http://www.securitytracker.com/id/1031580 cve-icon cve-icon
http://www.ubuntu.com/usn/USN-2486-1 cve-icon cve-icon
http://www.ubuntu.com/usn/USN-2487-1 cve-icon cve-icon
http://www.vmware.com/security/advisories/VMSA-2015-0003.html cve-icon cve-icon
https://exchange.xforce.ibmcloud.com/vulnerabilities/100140 cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2015-0412 cve-icon
https://security.gentoo.org/glsa/201507-14 cve-icon cve-icon
https://security.gentoo.org/glsa/201603-14 cve-icon cve-icon
https://www-304.ibm.com/support/docview.wss?uid=swg21695474 cve-icon cve-icon
https://www.cve.org/CVERecord?id=CVE-2015-0412 cve-icon
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: oracle

Published: 2015-01-21T19:00:00

Updated: 2024-08-06T04:10:10.443Z

Reserved: 2014-12-17T00:00:00

Link: CVE-2015-0412

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2015-01-21T19:59:01.123

Modified: 2022-05-13T14:57:20.827

Link: CVE-2015-0412

cve-icon Redhat

Severity : Critical

Publid Date: 2015-01-20T00:00:00Z

Links: CVE-2015-0412 - Bugzilla