CVE-2015-1931 – JDK: plain text data stored in memory dumps
https://notcve.org/view.php?id=CVE-2015-1931
IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR1 FP10, 7 R1 before SR3 FP10, 7 before SR9 FP10, 6 R1 before SR8 FP7, 6 before SR16 FP7, and 5.0 before SR16 FP13 stores plaintext information in memory dumps, which allows local users to obtain sensitive information by reading a file. IBM Java Security Components en IBM SDK, Java Technology Edition 8 versiones anteriores a SR1 FP10, 7 R1 anteriores a SR3 FP10, 7 anteriores a SR9 FP10, 6 R1 anteriores a SR8 FP7, 6 anteriores a SR16 FP7, y 5.0 anteriores a SR16 FP13, almacena información de texto plano en volcados de memoria, lo que permite a usuarios locales obtener información confidencial al leer un archivo • http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00051.html http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00014.html http://rhn.redhat.com/errata/RHSA-2015-1485.html http://rhn.redhat.com/errata/RHSA-2015-1486.html http://rhn.redhat.com/errata/RHSA-2015-1488.html http://rhn.redhat.com/errata/RHSA-2015-1544.html http://rhn.redhat.com/errata/RHSA-2015-1604.html http://www-01.ibm.com/support/docview.wss?uid=swg1IV75182 http://www-01.ibm • CWE-312: Cleartext Storage of Sensitive Information •