CVE-2015-0192 — HIGH (7.5) — White Hats Nepal

Q: How severe is CVE-2015-0192?

CVE-2015-0192 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2015-0192?

Check the references section above for vendor advisories and patch information. Affected products include: Ibm Java, Redhat Enterprise Linux Desktop, Redhat Enterprise Linux Server, Redhat Enterprise Linux Server Aus, Redhat Enterprise Linux Server Eus.

Vulnerability Description

Unspecified vulnerability in IBM Java 8 before SR1, 7 R1 before SR2 FP11, 7 before SR9, 6 R1 before SR8 FP4, 6 before SR16 FP4, and 5.0 before SR16 FP10 allows remote attackers to gain privileges via unknown vectors related to the Java Virtual Machine.

CVSS Score

7.5

HIGH

AV:N/AC:L/Au:N/C:P/I:P/A:P

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

Affected Products

Vendor	Product	Versions
Ibm	Java	>= 5.0.0.0, < 5.0.16.10
Redhat	Enterprise Linux Desktop	5.0
Redhat	Enterprise Linux Server	5.0
Redhat	Enterprise Linux Server Aus	6.6
Redhat	Enterprise Linux Server Eus	6.6
Redhat	Enterprise Linux Workstation	5.0
Suse	Linux Enterprise Server	10
Suse	Linux Enterprise Software Development Kit	12

References

http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.htmlMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.htmlMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.htmlMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.htmlMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.htmlMailing ListThird Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1006.htmlThird Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1007.htmlThird Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1020.htmlThird Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1021.htmlThird Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1091.htmlThird Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg1IV70682Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg1IV70683Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21883640Vendor Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.htmlMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.htmlMailing ListThird Party Advisory

FAQ

What is CVE-2015-0192?

CVE-2015-0192 is a vulnerability with a CVSS score of 7.5 (HIGH). Unspecified vulnerability in IBM Java 8 before SR1, 7 R1 before SR2 FP11, 7 before SR9, 6 R1 before SR8 FP4, 6 before SR16 FP4, and 5.0 before SR16 FP10 allows remote attackers to gain privileges via ...

How severe is CVE-2015-0192?

CVE-2015-0192 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2015-0192?

Check the references section above for vendor advisories and patch information. Affected products include: Ibm Java, Redhat Enterprise Linux Desktop, Redhat Enterprise Linux Server, Redhat Enterprise Linux Server Aus, Redhat Enterprise Linux Server Eus.