Unrated severityNVD Advisory· Published Jan 23, 2020· Updated Aug 6, 2024

CVE-2015-1931

Description

IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR1 FP10, 7 R1 before SR3 FP10, 7 before SR9 FP10, 6 R1 before SR8 FP7, 6 before SR16 FP7, and 5.0 before SR16 FP13 stores plaintext information in memory dumps, which allows local users to obtain sensitive information by reading a file.

Affected products

IBM SDK/Java Technology Editiondescription
osv-coords19 versions
pkg:rpm/suse/java-1_6_0-ibm&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2012 pkg:rpm/suse/java-1_6_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP1-LTSS pkg:rpm/suse/java-1_6_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP1-TERADATA pkg:rpm/suse/java-1_6_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP2-LTSS pkg:rpm/suse/java-1_6_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3 pkg:rpm/suse/java-1_6_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-TERADATA pkg:rpm/suse/java-1_6_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP3 pkg:rpm/suse/java-1_6_0-ibm&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP3 pkg:rpm/suse/java-1_7_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP2-LTSS pkg:rpm/suse/java-1_7_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3 pkg:rpm/suse/java-1_7_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-TERADATA pkg:rpm/suse/java-1_7_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP3 pkg:rpm/suse/java-1_7_0-ibm&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP3 pkg:rpm/suse/java-1_7_1-ibm&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4 pkg:rpm/suse/java-1_7_1-ibm&distro=SUSE%20Linux%20Enterprise%20Server%2012 pkg:rpm/suse/java-1_7_1-ibm&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4 pkg:rpm/suse/java-1_7_1-ibm&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012 pkg:rpm/suse/java-1_7_1-ibm&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4 pkg:rpm/suse/java-1_7_1-ibm&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012
< 1.6.0_sr16.7-22.2+ 18 more
- (no CPE)range: < 1.6.0_sr16.7-22.2
- (no CPE)range: < 1.6.0_sr16.7-10.1
- (no CPE)range: < 1.6.0_sr16.7-10.1
- (no CPE)range: < 1.6.0_sr16.7-10.1
- (no CPE)range: < 1.6.0_sr16.7-10.1
- (no CPE)range: < 1.6.0_sr16.7-10.1
- (no CPE)range: < 1.6.0_sr16.7-10.1
- (no CPE)range: < 1.6.0_sr16.7-10.1
- (no CPE)range: < 1.7.0_sr9.10-9.1
- (no CPE)range: < 1.7.0_sr9.10-9.1
- (no CPE)range: < 1.7.0_sr9.10-9.1
- (no CPE)range: < 1.7.0_sr9.10-9.1
- (no CPE)range: < 1.7.0_sr9.10-9.1
- (no CPE)range: < 1.7.1_sr3.10-3.1
- (no CPE)range: < 1.7.1_sr3.10-14.1
- (no CPE)range: < 1.7.1_sr3.10-3.1
- (no CPE)range: < 1.7.1_sr3.10-14.1
- (no CPE)range: < 1.7.1_sr3.10-3.1
- (no CPE)range: < 1.7.1_sr3.10-14.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

lists.opensuse.org/opensuse-security-announce/2015-07/msg00051.htmlmitrex_refsource_MISC
lists.opensuse.org/opensuse-security-announce/2015-09/msg00014.htmlmitrex_refsource_MISC
rhn.redhat.com/errata/RHSA-2015-1485.htmlmitrex_refsource_MISC
rhn.redhat.com/errata/RHSA-2015-1486.htmlmitrex_refsource_MISC
rhn.redhat.com/errata/RHSA-2015-1488.htmlmitrex_refsource_MISC
rhn.redhat.com/errata/RHSA-2015-1544.htmlmitrex_refsource_MISC
rhn.redhat.com/errata/RHSA-2015-1604.htmlmitrex_refsource_MISC
www-01.ibm.com/support/docview.wssmitrex_refsource_MISC
www-01.ibm.com/support/docview.wssmitrex_refsource_MISC
www.securityfocus.com/bid/75985mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000