Information disclosure in Ibm Java

CVE-2015-1914

IBM Java 7 R1 before SR3, 7 before SR9, 6 R1 before SR8 FP4, 6 before SR16 FP4, and 5.0 before SR16 FP10 allows remote attackers to bypass "permission checks" and obtain sensitive information via vectors related to the Java Virtual Machine.

Vulnerability class: Information Disclosure

EPSS: 0.002 (44.1th percentile) — read the EPSS interpretation.

Affected products

Ibm Java
N/a — versions n/a

Weakness classification (CWE)

CWE-200 — Information Disclosure

References

RHSA-2015:1007 (x_refsource_REDHAT, vendor-advisory, Third Party Advisory)
IV72245 (vendor-advisory, x_refsource_AIXAPAR, Vendor Advisory)
RHSA-2015:1006 (x_refsource_REDHAT, vendor-advisory, Third Party Advisory)
RHSA-2015:1091 (x_refsource_REDHAT, vendor-advisory, Third Party Advisory)
psirt@us.ibm.com (x_refsource_CONFIRM, Vendor Advisory)
SUSE-SU-2015:1138 (vendor-advisory, Mailing List, Third Party Advisory, x_refsource_SUSE)
RHSA-2015:1020 (x_refsource_REDHAT, vendor-advisory, Third Party Advisory)
SUSE-SU-2015:1086 (vendor-advisory, Mailing List, Third Party Advisory, x_refsource_SUSE)
74645 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_BID)
SUSE-SU-2015:1085 (vendor-advisory, Mailing List, Third Party Advisory, x_refsource_SUSE)