CVE-2015-4806

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 20-10-2015 02:00

Last modified: - 20-10-2015 02:00

Total changes: - 200

Description

CVE-2015-4806 OpenJDK: HttpURLConnection header restriction bypass (Libraries, 8130193)

Common Vulnerability Scoring System (CVSS)

AV:N/AC:M/Au:N/C:N/I:P/A:N

Low

Attack complexity

Network

Attack vector

None

Availability

None

Confidentiality

Low

Integrity

Privileges required

Scope

User interaction

4.3

Base score

Exploitability score

Impact score

Verification logic

AND

product=java-1.7.0-oracle-1 AND versionEndExcluding=1.7.0.91-1jpp.1.el5_11

vendor=Red Hat Enterprise Linux AND product=rhel_extras_oracle_java AND version=5

AND

product=java-1.6.0-sun-1 AND versionEndExcluding=1.6.0.105-1jpp.2.el5_11

vendor=Red Hat Enterprise Linux AND product=rhel_extras_oracle_java AND version=5

AND

product=java-1.8.0-oracle-1 AND versionEndExcluding=1.8.0.65-1jpp.3.el6_7

vendor=Red Hat Enterprise Linux AND product=rhel_extras_oracle_java AND version=6

AND

product=java-1.7.0-oracle-1 AND versionEndExcluding=1.7.0.91-1jpp.1.el6_7

vendor=Red Hat Enterprise Linux AND product=rhel_extras_oracle_java AND version=6

AND

product=java-1.6.0-sun-1 AND versionEndExcluding=1.6.0.105-1jpp.2.el6_7

vendor=Red Hat Enterprise Linux AND product=rhel_extras_oracle_java AND version=6

AND

product=java-1.8.0-oracle-1 AND versionEndExcluding=1.8.0.65-1jpp.3.el7_1

vendor=Red Hat Enterprise Linux AND product=rhel_extras_oracle_java AND version=7

AND

product=java-1.7.0-oracle-1 AND versionEndExcluding=1.7.0.91-1jpp.1.el7_1

vendor=Red Hat Enterprise Linux AND product=rhel_extras_oracle_java AND version=7

AND

product=java-1.6.0-sun-1 AND versionEndExcluding=1.6.0.105-1jpp.2.el7_1

vendor=Red Hat Enterprise Linux AND product=rhel_extras_oracle_java AND version=7

AND

product=java-1.7.0-openjdk-1 AND versionEndExcluding=1.7.0.91-2.6.2.1.el5_11

vendor=Red Hat Enterprise Linux AND product=enterprise_linux AND version=5

AND

product=java-1.6.0-openjdk-1 AND versionEndExcluding=1.6.0.37-1.13.9.4.el5_11

vendor=Red Hat Enterprise Linux AND product=enterprise_linux AND version=5

AND

product=java-1.7.0-ibm-1 AND versionEndExcluding=1.7.0.9.20-1jpp.1.el5

vendor=Red Hat Enterprise Linux AND product=rhel_extras AND version=5

AND

product=java-1.6.0-ibm-1 AND versionEndExcluding=1.6.0.16.15-1jpp.1.el5

vendor=Red Hat Enterprise Linux AND product=rhel_extras AND version=5

AND

product=java-1.5.0-ibm-1 AND versionEndExcluding=1.5.0.16.14-1jpp.1.el5

vendor=Red Hat Enterprise Linux AND product=rhel_extras AND version=5

AND

product=java-1.8.0-openjdk-1 AND versionEndExcluding=1.8.0.65-0.b17.el6_7

vendor=Red Hat Enterprise Linux AND product=enterprise_linux AND version=6

AND

product=java-1.7.0-openjdk-1 AND versionEndExcluding=1.7.0.91-2.6.2.2.el6_7

vendor=Red Hat Enterprise Linux AND product=enterprise_linux AND version=6

AND

product=java-1.6.0-openjdk-1 AND versionEndExcluding=1.6.0.37-1.13.9.4.el6_7

vendor=Red Hat Enterprise Linux AND product=enterprise_linux AND version=6

AND

product=java-1.7.1-ibm-1 AND versionEndExcluding=1.7.1.3.20-1jpp.1.el6_7

vendor=Red Hat Enterprise Linux AND product=rhel_extras AND version=6

AND

product=java-1.6.0-ibm-1 AND versionEndExcluding=1.6.0.16.15-1jpp.1.el6_7

vendor=Red Hat Enterprise Linux AND product=rhel_extras AND version=6

AND

product=java-1.5.0-ibm-1 AND versionEndExcluding=1.5.0.16.14-1jpp.1.el6_7

vendor=Red Hat Enterprise Linux AND product=rhel_extras AND version=6

AND

product=java-1.8.0-openjdk-1 AND versionEndExcluding=1.8.0.65-2.b17.ael7b_1

vendor=Red Hat Enterprise Linux AND product=enterprise_linux AND version=7

AND

product=java-1.7.0-openjdk-1 AND versionEndExcluding=1.7.0.91-2.6.2.1.el7_1

vendor=Red Hat Enterprise Linux AND product=enterprise_linux AND version=7

AND

product=java-1.6.0-openjdk-1 AND versionEndExcluding=1.6.0.37-1.13.9.4.el7_1

vendor=Red Hat Enterprise Linux AND product=enterprise_linux AND version=7

AND

product=java-1.7.1-ibm-1 AND versionEndExcluding=1.7.1.3.20-1jpp.1.el7

vendor=Red Hat Enterprise Linux AND product=rhel_extras AND version=7

AND

product=java-1.8.0-ibm-1 AND versionEndExcluding=1.8.0.2.0-1jpp.1.el7

vendor=Red Hat Enterprise Linux AND product=rhel_extras AND version=7

AND

product=java-1.7.0-ibm-1 AND versionEndExcluding=1.7.0.9.40-1jpp.1.el5

vendor=Red Hat Enterprise Linux AND product=network_satellite AND version=5.6

AND

product=java-1.7.1-ibm-1 AND versionEndExcluding=1.7.1.3.40-1jpp.1.el6_7

vendor=Red Hat Enterprise Linux AND product=network_satellite AND version=5.6

AND

product=spacewalk-java-0 AND versionEndExcluding=2.0.2-109.el6sat

vendor=Red Hat Enterprise Linux AND product=network_satellite AND version=5.6

AND

product=java-1.7.1-ibm-1 AND versionEndExcluding=1.7.1.3.40-1jpp.1.el6_7

vendor=Red Hat Enterprise Linux AND product=network_satellite AND version=5.7

AND

product=spacewalk-java-0 AND versionEndExcluding=2.3.8-146.el6sat

vendor=Red Hat Enterprise Linux AND product=network_satellite AND version=5.7

Reference

Keywords

CVE-2015-4806

Common vulnerabilities & exposures (CVE)

Description

Common Vulnerability Scoring System (CVSS)

Verification logic

Reference

REDHAT

CVE-2015-4806

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures