CVE-2015-1914 — MEDIUM (5.0)

Q: How severe is CVE-2015-1914?

CVE-2015-1914 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2015-1914?

Check the references section above for vendor advisories and patch information. Affected products include: Ibm Java.

Vulnerability Description

IBM Java 7 R1 before SR3, 7 before SR9, 6 R1 before SR8 FP4, 6 before SR16 FP4, and 5.0 before SR16 FP10 allows remote attackers to bypass "permission checks" and obtain sensitive information via vectors related to the Java Virtual Machine.

CVSS Score

5.0

MEDIUM

AV:N/AC:L/Au:N/C:P/I:N/A:N

Confidentiality

PARTIAL

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Ibm	Java	>= 5.0.0.0, < 5.0.16.10

Related Weaknesses (CWE)

CWE-200

References

http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.htmlMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.htmlMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.htmlMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.htmlMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.htmlMailing ListThird Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1006.htmlThird Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1007.htmlThird Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1020.htmlThird Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1021.htmlThird Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1091.htmlThird Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg1IV72245Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg1IV72246Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21883640Vendor Advisory
http://www.securityfocus.com/bid/74645Third Party AdvisoryVDB Entry
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.htmlMailing ListThird Party Advisory

FAQ

What is CVE-2015-1914?

CVE-2015-1914 is a vulnerability with a CVSS score of 5.0 (MEDIUM). IBM Java 7 R1 before SR3, 7 before SR9, 6 R1 before SR8 FP4, 6 before SR16 FP4, and 5.0 before SR16 FP10 allows remote attackers to bypass "permission checks" and obtain sensitive information via vect...

How severe is CVE-2015-1914?

CVE-2015-1914 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2015-1914?

Check the references section above for vendor advisories and patch information. Affected products include: Ibm Java.