Fluid Attacks Database

Description

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4803 and CVE-2015-4911.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
rpm rhel5	java-1.6.0-openjdk	<1:1.6.0.37-1.13.9.4.el5_11	1:1.6.0.37-1.13.9.4.el5_11
rpm rhel7	java-1.7.0-openjdk	<1:1.7.0.91-2.6.2.1.el7_1	1:1.7.0.91-2.6.2.1.el7_1
rpm rhel5	java-1.7.0-openjdk	<1:1.7.0.91-2.6.2.1.el5_11	1:1.7.0.91-2.6.2.1.el5_11
rpm rhel6	java-1.7.0-openjdk	<1:1.7.0.91-2.6.2.2.el6_7	1:1.7.0.91-2.6.2.2.el6_7
rpm rhel7	java-1.8.0-openjdk	<1:1.8.0.65-2.b17.el7_1	1:1.8.0.65-2.b17.el7_1
rpm rhel6	java-1.8.0-openjdk	<1:1.8.0.65-0.b17.el6_7	1:1.8.0.65-0.b17.el6_7
rpm rhel6	java-1.5.0-ibm	-	-
rpm rhel5	java-1.5.0-ibm	-	-
rpm rhel6	java-1.6.0-openjdk	<1:1.6.0.37-1.13.9.4.el6_7	1:1.6.0.37-1.13.9.4.el6_7
rpm rhel7	java-1.6.0-openjdk	<1:1.6.0.37-1.13.9.4.el7_1	1:1.6.0.37-1.13.9.4.el7_1

Aliases

1. CVE-2015-48932. NVD-2015-48933. OSV-2015-4893

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.