CVSS: 5.8EPSS: 0%CPEs: 8EXPL: 0CVE-2015-0480 – OpenJDK: jar directory traversal issues (Tools, 8064601)
https://notcve.org/view.php?id=CVE-2015-0480
Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect integrity and availability via unknown vectors related to Tools. Vulnerabilidad no especificada en Oracle Java SE 5.0u81, 6u91, 7u76, y 8u40 permite a atacantes remotos afectar la integridad y la disponibilidad a través de vectores desconocidos relacionados con Tools. A directory traversal flaw was found in the way the jar tool extracted JAR archive files. A specially crafted JAR archive could cause jar to overwrite arbitrary files writable by the user running jar when the archive was extracted. • http://advisories.mageia.org/MGASA-2015-0158.html http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00017.html http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00018.html http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html http:/ • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.0EPSS: 1%CPEs: 13EXPL: 0CVE-2015-0400
https://notcve.org/view.php?id=CVE-2015-0400
Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to Libraries. Vulnerabilidad no especificada en Oracle Java SE 6u85, 7u72, y 8u25 permite a atacantes remotos afectar la confidencialidad a través de vectores desconocidos relacionados con Libraries. • http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581 http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html http://marc.info/?l=bugtraq&m=142496355704097&w=2 http://marc.info/?l=bugtraq&m=142607790919348&w=2 http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html http://www.securi •
CVSS: 6.9EPSS: 0%CPEs: 7EXPL: 0CVE-2015-0403 – JDK: unspecified vulnerability fixed in 6u91, 7u75 and 8u31 (Deployment)
https://notcve.org/view.php?id=CVE-2015-0403
Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. Vulnerabilidad no especificada en Oracle Java SE 6u85, 7u72, y 8u25 permite a usuarios locales afectar la confidencialidad, la integridad y la disponibilidad a través de vectores desconocidos relacionados con Deployment. • http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581 http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html http://marc.info/?l=bugtraq&m=142496355704097&w=2 http://marc.info/?l=bugtraq&m=142607790919348&w=2 http://rhn.redhat.com/errata/RHSA-2015-0079.html http://rhn.redhat.com/errata/RHSA-2015-0080.html http://rhn.redhat.com/errata/RHSA-2015-0086.html http://rhn.redhat.com/errata/RHSA-2015-0264.html http://www.oracle. •
CVSS: 5.8EPSS: 1%CPEs: 7EXPL: 0CVE-2015-0406 – JDK: unspecified vulnerability fixed in 6u91, 7u75 and 8u31 (Deployment)
https://notcve.org/view.php?id=CVE-2015-0406
Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality and availability via unknown vectors related to Deployment. Vulnerabilidad no especificada en Oracle Java SE 6u85, 7u72, y 8u25 permite a atacantes remotos afectar la confidencialidad y la disponibilidad a través de vectores desconocidos relacionados con Deployment. • http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581 http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html http://marc.info/?l=bugtraq&m=142496355704097&w=2 http://marc.info/?l=bugtraq&m=142607790919348&w=2 http://rhn.redhat.com/errata/RHSA-2015-0079.html http://rhn.redhat.com/errata/RHSA-2015-0080.html http://rhn.redhat.com/errata/RHSA-2015-0086.html http://rhn.redhat.com/errata/RHSA-2015-0264.html http://www.oracle. •
CVSS: 10.0EPSS: 2%CPEs: 20EXPL: 0CVE-2015-0408 – OpenJDK: incorrect context class loader use in RMI transport (RMI, 8055309)
https://notcve.org/view.php?id=CVE-2015-0408
Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI. Vulnerabilidad no especificada en Oracle Java SE 5.0u75, 6u85, 7u72, y 8u25 permite a atacantes remotos afectar la confidencialidad, la integridad y la disponibilidad a través de vectores relacionados con RMI. An improper permission check issue was discovered in the RMI component in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. • http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581 http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html http://marc.info/?l=bugtraq&m=142496355704097&w=2 http://marc.info/?l=bugtraq&m=142607790919348&w=2 http://rhn.redhat.com/errata/RHSA-2015-0068.html http://rhn.redhat.com/errata/RHSA& •