10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
9.6 High
AI Score
Confidence
High
0.286 Low
EPSS
Percentile
96.9%
An unspecified vulnerabilities were found in Oracle Java SE. By exploiting these vulnerabilities malicious users can cause denial of service or obtain sensitive information. These vulnerabilities can be exploited remotely via an unknown vectors.
Technical details
Vulnerabilities related to CORBA, Libraries, RMI, Serialization, 2D, JavaFX, Deployment, JAXP, JGSS and Security subcomponents.
Public exploits exist for this vulnerability.
CVE-2015-4843 critical
CVE-2015-4842 warning
CVE-2015-4840 warning
CVE-2015-4860 critical
CVE-2015-4844 critical
CVE-2015-4916 warning
CVE-2015-4883 critical
CVE-2015-4734 warning
CVE-2015-4881 critical
CVE-2015-4810 high
CVE-2015-4835 critical
CVE-2015-4872 warning
CVE-2015-4908 warning
CVE-2015-4871 high
CVE-2015-4906 warning
CVE-2015-4911 warning
CVE-2015-4893 warning
CVE-2015-4902 warning
CVE-2015-4903 warning
CVE-2015-4868 high
CVE-2015-4882 warning
CVE-2015-4901 critical
CVE-2015-4806 high
CVE-2015-4805 critical
CVE-2015-4803 warning
Update to the latest version
Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.
Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
Loss of integrity. Exploitation of vulnerabilities with this impact can lead to partial system fault or system components connection disruption.
www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html#AppendixJAVA
statistics.securelist.com/
threats.kaspersky.com/en/product/Oracle-Java-JDK-1.7.x/
threats.kaspersky.com/en/product/Oracle-Java-JDK-1.8.x-3/
threats.kaspersky.com/en/product/Oracle-Java-JRE-1.7.x/
threats.kaspersky.com/en/product/Oracle-Java-JRE-1.8.x/