CVE-2015-0478

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 14-04-2015 02:00

Last modified: - 14-04-2015 02:00

Total changes: - 218

Description

CVE-2015-0478 OpenJDK: insufficient hardening of RSA-CRT implementation (JCE, 8071726)

Common Vulnerability Scoring System (CVSS)

AV:N/AC:H/Au:N/C:P/I:N/A:N

High

Attack complexity

Network

Attack vector

None

Availability

Low

Confidentiality

None

Integrity

Privileges required

Scope

User interaction

2.6

Base score

Exploitability score

Impact score

Verification logic

AND

product=java-1.7.0-oracle-1 AND versionEndExcluding=1.7.0.79-1jpp.1.el5_11

vendor=Red Hat Enterprise Linux AND product=rhel_extras_oracle_java AND version=5

AND

product=java-1.6.0-sun-1 AND versionEndExcluding=1.6.0.95-1jpp.3.el5_11

vendor=Red Hat Enterprise Linux AND product=rhel_extras_oracle_java AND version=5

AND

product=java-1.8.0-oracle-1 AND versionEndExcluding=1.8.0.45-1jpp.2.el6_6

vendor=Red Hat Enterprise Linux AND product=rhel_extras_oracle_java AND version=6

AND

product=java-1.7.0-oracle-1 AND versionEndExcluding=1.7.0.79-1jpp.1.el6_6

vendor=Red Hat Enterprise Linux AND product=rhel_extras_oracle_java AND version=6

AND

product=java-1.6.0-sun-1 AND versionEndExcluding=1.6.0.95-1jpp.3.el6_6

vendor=Red Hat Enterprise Linux AND product=rhel_extras_oracle_java AND version=6

AND

product=java-1.8.0-oracle-1 AND versionEndExcluding=1.8.0.45-1jpp.2.el7_1

vendor=Red Hat Enterprise Linux AND product=rhel_extras_oracle_java AND version=7

AND

product=java-1.7.0-oracle-1 AND versionEndExcluding=1.7.0.79-1jpp.1.el7_1

vendor=Red Hat Enterprise Linux AND product=rhel_extras_oracle_java AND version=7

AND

product=java-1.6.0-sun-1 AND versionEndExcluding=1.6.0.95-1jpp.3.el7_1

vendor=Red Hat Enterprise Linux AND product=rhel_extras_oracle_java AND version=7

AND

product=java-1.7.0-openjdk-1 AND versionEndExcluding=1.7.0.79-2.5.5.2.el5_11

vendor=Red Hat Enterprise Linux AND product=enterprise_linux AND version=5

AND

product=java-1.6.0-openjdk-1 AND versionEndExcluding=1.6.0.35-1.13.7.1.el5_11

vendor=Red Hat Enterprise Linux AND product=enterprise_linux AND version=5

AND

product=java-1.6.0-ibm-1 AND versionEndExcluding=1.6.0.16.4-1jpp.1.el5

vendor=Red Hat Enterprise Linux AND product=rhel_extras AND version=5

AND

product=java-1.7.0-ibm-1 AND versionEndExcluding=1.7.0.9.0-1jpp.1.el5

vendor=Red Hat Enterprise Linux AND product=rhel_extras AND version=5

AND

product=java-1.5.0-ibm-1 AND versionEndExcluding=1.5.0.16.10-1jpp.1.el5

vendor=Red Hat Enterprise Linux AND product=rhel_extras AND version=5

AND

product=java-1.7.0-openjdk-1 AND versionEndExcluding=1.7.0.79-2.5.5.1.el6_6

vendor=Red Hat Enterprise Linux AND product=enterprise_linux AND version=6

AND

product=java-1.6.0-openjdk-1 AND versionEndExcluding=1.6.0.35-1.13.7.1.el6_6

vendor=Red Hat Enterprise Linux AND product=enterprise_linux AND version=6

AND

product=java-1.8.0-openjdk-1 AND versionEndExcluding=1.8.0.45-28.b13.el6_6

vendor=Red Hat Enterprise Linux AND product=enterprise_linux AND version=6

AND

product=java-1.7.0-openjdk-1 AND versionEndExcluding=1.7.0.79-2.5.5.1.ael7b_1

vendor=Red Hat Enterprise Linux AND product=enterprise_linux AND version=7

AND

product=java-1.6.0-openjdk-1 AND versionEndExcluding=1.6.0.35-1.13.7.1.el7_1

vendor=Red Hat Enterprise Linux AND product=enterprise_linux AND version=7

AND

product=java-1.8.0-openjdk-1 AND versionEndExcluding=1.8.0.45-30.b13.ael7b_1

vendor=Red Hat Enterprise Linux AND product=enterprise_linux AND version=7

AND

product=java-1.6.0-ibm-1 AND versionEndExcluding=1.6.0.16.4-1jpp.1.el6_6

vendor=Red Hat Enterprise Linux AND product=network_satellite AND version=5.6

AND

product=java-1.6.0-ibm-1 AND versionEndExcluding=1.6.0.16.4-1jpp.1.el6_6

vendor=Red Hat Enterprise Linux AND product=network_satellite AND version=5.7

AND

product=java-1.6.0-ibm-1 AND versionEndExcluding=1.6.0.16.4-1jpp.1.el6_6

vendor=Red Hat Enterprise Linux AND product=rhel_extras AND version=6

AND

product=java-1.7.1-ibm-1 AND versionEndExcluding=1.7.1.3.0-1jpp.2.el6_6

vendor=Red Hat Enterprise Linux AND product=rhel_extras AND version=6

AND

product=java-1.5.0-ibm-1 AND versionEndExcluding=1.5.0.16.10-1jpp.1.el6_6

vendor=Red Hat Enterprise Linux AND product=rhel_extras AND version=6

AND

product=java-1.7.1-ibm-1 AND versionEndExcluding=1.7.1.3.0-1jpp.2.el7_1

vendor=Red Hat Enterprise Linux AND product=rhel_extras AND version=7

Reference

Keywords

CVE-2015-0478

Common vulnerabilities & exposures (CVE)

Description

Common Vulnerability Scoring System (CVSS)

Verification logic

Reference

REDHAT

CVE-2015-0478

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures