Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
kasperskyKaspersky LabKLA10683
HistoryOct 20, 2015 - 12:00 a.m.

KLA10683 Multiple vulnerabilities in Oracle Java SE

2015-10-2000:00:00
Kaspersky Lab
threats.kaspersky.com
89

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9.6 High

AI Score

Confidence

High

0.286 Low

EPSS

Percentile

96.9%

JSON

An unspecified vulnerabilities were found in Oracle Java SE. By exploiting these vulnerabilities malicious users can cause denial of service or obtain sensitive information. These vulnerabilities can be exploited remotely via an unknown vectors.

Technical details

Vulnerabilities related to CORBA, Libraries, RMI, Serialization, 2D, JavaFX, Deployment, JAXP, JGSS and Security subcomponents.

Original advisories

Oracle bulletin

Exploitation

Public exploits exist for this vulnerability.

Related products

Oracle-Java-JRE-1.7.x

Oracle-Java-JDK-1.7.x

Oracle-Java-JDK-1.8.x-3

Oracle-Java-JRE-1.8.x

CVE list

CVE-2015-4843 critical

CVE-2015-4842 warning

CVE-2015-4840 warning

CVE-2015-4860 critical

CVE-2015-4844 critical

CVE-2015-4916 warning

CVE-2015-4883 critical

CVE-2015-4734 warning

CVE-2015-4881 critical

CVE-2015-4810 high

CVE-2015-4835 critical

CVE-2015-4872 warning

CVE-2015-4908 warning

CVE-2015-4871 high

CVE-2015-4906 warning

CVE-2015-4911 warning

CVE-2015-4893 warning

CVE-2015-4902 warning

CVE-2015-4903 warning

CVE-2015-4868 high

CVE-2015-4882 warning

CVE-2015-4901 critical

CVE-2015-4806 high

CVE-2015-4805 critical

CVE-2015-4803 warning

Solution

Update to the latest version

Get Java

Impacts

  • OSI

Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.

  • DoS

Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.

  • SB

Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.

  • LoI

Loss of integrity. Exploitation of vulnerabilities with this impact can lead to partial system fault or system components connection disruption.

Affected Products

  • Oracle Java SE 6u101, 7u85 and 8u60Oracle Java SE Embedded 8u51Oracle Java SE 6u101, 7u85 and 8u60Oracle Java SE Embedded 8u51

Related

freebsd 1
nessus 55
archlinux 6
f5 2
suse 17
ibm 21
openvas 48
amazon 3
redhat 12
ubuntu 2
veracode 19
centos 4
debian 3
oraclelinux 4
aix 1
mageia 1
freebsd
freebsd
java -- multiple vulnerabilities
2015-10-20 00:00:00
nessus
nessus
FreeBSD : java -- multiple vulnerabilities (a5934ba8-a376-11e5-85e9-14dae9d210b8)
2015-12-16 00:00:00
openSUSE Security Update : java-1_8_0-openjdk (openSUSE-2015-696)
2015-11-05 00:00:00
RHEL 6 / 7 : java-1.8.0-oracle (RHSA-2015:1926)
2015-10-23 00:00:00
archlinux
archlinux
jre8-openjdk-headless: multiple issues
2015-10-23 00:00:00
jdk8-openjdk: multiple issues
2015-10-23 00:00:00
jdk7-openjdk: multiple issues
2015-10-23 00:00:00
f5
f5
Multiple Java vulnerabilities
2015-11-26 18:23:00
SOL05200155 - Multiple Java vulnerabilities
2015-11-26 00:00:00
suse
suse
Security update for java-1_8_0-openjdk (important)
2015-11-04 17:12:12
Security update for java-1_7_0-openjdk (important)
2015-11-04 17:12:29
Security update for java-1_8_0-ibm (important)
2015-12-14 17:10:33
ibm
ibm
Security Bulletin: October 2015 Java Platform Standard Edition Vulnerabilities in Multiple N Series Products
2018-06-18 00:32:30
Security Bulletin: Multiple Java Vulnerabilities fixed in IBM Security Directory Server
2018-06-16 21:39:03
Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Security Guardium
2018-06-16 21:38:46
openvas
openvas
Oracle: Security Advisory (ELSA-2015-1921)
2015-10-22 00:00:00
SUSE: Security Advisory (SUSE-SU-2015:1874-1)
2021-04-19 00:00:00
Oracle Java SE JRE Multiple Unspecified Vulnerabilities-02 (Oct 2015) - Linux
2015-10-27 00:00:00
amazon
amazon
Critical: java-1.7.0-openjdk
2015-10-27 13:52:00
Important: java-1.6.0-openjdk
2015-12-14 10:00:00
Important: java-1.8.0-openjdk
2015-10-27 16:39:00
redhat
redhat
(RHSA-2015:1928) Important: java-1.6.0-sun security update
2015-10-22 18:21:17
(RHSA-2015:1926) Critical: java-1.8.0-oracle security update
2015-10-22 18:19:40
(RHSA-2015:2086) Important: java-1.6.0-openjdk security update
2015-11-18 00:00:00
ubuntu
ubuntu
OpenJDK 7 vulnerabilities
2015-10-28 00:00:00
OpenJDK 6 vulnerabilities
2015-12-03 00:00:00
veracode
veracode
Authentication Bypass
2019-05-02 05:19:32
Authentication Bypass
2019-05-02 05:19:33
Authentication Bypass
2019-05-02 05:19:33
centos
centos
java security update
2015-10-21 23:13:49
java security update
2015-11-18 19:46:16
java security update
2015-10-21 23:14:14
debian
debian
[SECURITY] [DLA 346-1] openjdk-6 security update
2015-11-24 08:56:52
[SECURITY] [DSA 3381-1] openjdk-7 security update
2015-10-27 21:21:20
[SECURITY] [DSA 3381-2] openjdk-7 security update
2015-11-01 22:21:57
oraclelinux
oraclelinux
java-1.6.0-openjdk security update
2015-11-18 00:00:00
java-1.7.0-openjdk security update
2015-10-21 00:00:00
java-1.7.0-openjdk security update
2015-10-21 00:00:00
aix
aix
Multiple vulnerabilities in IBM Java SDK affect AIX
2015-12-10 08:51:54
mageia
mageia
Updated java-1.8.0-openjdk packages fix security vulnerabilities
2015-10-25 19:34:48

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

9.6 High

AI Score

Confidence

High

0.286 Low

EPSS

Percentile

96.9%

JSON
Related for KLA10683
freebsd1nessus55archlinux6f52suse17ibm21openvas48amazon3redhat12ubuntu2veracode19centos4debian3oraclelinux4aix1mageia1