Unrated severityNVD Advisory· Published Oct 21, 2015· Updated May 6, 2026
CVE-2015-4842
CVE-2015-4842
Description
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via vectors related to JAXP.
Affected products
38cpe:2.3:a:oracle:jdk:1.6.0:update101:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:oracle:jdk:1.6.0:update101:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.7.0:update85:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.8.0:update51:*:*:*:*:*:*
- cpe:2.3:a:oracle:jdk:1.8.0:update60:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update_101:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:oracle:jre:1.6.0:update_101:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.7.0:update_85:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.8.0:update_51:*:*:*:*:*:*
- cpe:2.3:a:oracle:jre:1.8.0:update_60:*:*:*:*:*:*
- osv-coords30 versionspkg:rpm/opensuse/java-1_7_0-openjdk&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/java-1_8_0-openjdk&distro=openSUSE%20Tumbleweedpkg:rpm/suse/java-1_6_0-ibm&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2012pkg:rpm/suse/java-1_6_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP2-LTSSpkg:rpm/suse/java-1_6_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3pkg:rpm/suse/java-1_6_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-TERADATApkg:rpm/suse/java-1_6_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP3pkg:rpm/suse/java-1_6_0-ibm&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP3pkg:rpm/suse/java-1_7_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP2-LTSSpkg:rpm/suse/java-1_7_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3pkg:rpm/suse/java-1_7_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-TERADATApkg:rpm/suse/java-1_7_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP3pkg:rpm/suse/java-1_7_0-ibm&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP3pkg:rpm/suse/java-1_7_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Desktop%2011%20SP3pkg:rpm/suse/java-1_7_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Desktop%2011%20SP4pkg:rpm/suse/java-1_7_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Desktop%2012pkg:rpm/suse/java-1_7_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%2012pkg:rpm/suse/java-1_7_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012pkg:rpm/suse/java-1_7_1-ibm&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/java-1_7_1-ibm&distro=SUSE%20Linux%20Enterprise%20Server%2012pkg:rpm/suse/java-1_7_1-ibm&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1pkg:rpm/suse/java-1_7_1-ibm&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/java-1_7_1-ibm&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012pkg:rpm/suse/java-1_7_1-ibm&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1pkg:rpm/suse/java-1_7_1-ibm&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4pkg:rpm/suse/java-1_7_1-ibm&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012pkg:rpm/suse/java-1_7_1-ibm&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP1pkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1pkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1pkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP1
< 1.7.0.121-1.1+ 29 more
- (no CPE)range: < 1.7.0.121-1.1
- (no CPE)range: < 1.8.0.111-1.1
- (no CPE)range: < 1.6.0_sr16.15-27.1
- (no CPE)range: < 1.6.0_sr16.15-46.1
- (no CPE)range: < 1.6.0_sr16.15-46.1
- (no CPE)range: < 1.6.0_sr16.15-46.1
- (no CPE)range: < 1.6.0_sr16.15-46.1
- (no CPE)range: < 1.6.0_sr16.15-46.1
- (no CPE)range: < 1.7.0_sr9.20-42.1
- (no CPE)range: < 1.7.0_sr9.20-42.1
- (no CPE)range: < 1.7.0_sr9.20-42.1
- (no CPE)range: < 1.7.0_sr9.20-42.1
- (no CPE)range: < 1.7.0_sr9.20-42.1
- (no CPE)range: < 1.7.0.91-0.14.2
- (no CPE)range: < 1.7.0.91-0.14.2
- (no CPE)range: < 1.7.0.91-21.2
- (no CPE)range: < 1.7.0.91-21.2
- (no CPE)range: < 1.7.0.91-21.2
- (no CPE)range: < 1.7.1_sr3.20-6.1
- (no CPE)range: < 1.7.1_sr3.20-18.1
- (no CPE)range: < 1.7.1_sr3.20-18.1
- (no CPE)range: < 1.7.1_sr3.20-6.1
- (no CPE)range: < 1.7.1_sr3.20-18.1
- (no CPE)range: < 1.7.1_sr3.20-18.1
- (no CPE)range: < 1.7.1_sr3.20-6.1
- (no CPE)range: < 1.7.1_sr3.20-18.1
- (no CPE)range: < 1.7.1_sr3.20-18.1
- (no CPE)range: < 1.8.0_sr2.0-4.1
- (no CPE)range: < 1.8.0_sr2.0-4.1
- (no CPE)range: < 1.8.0_sr2.0-4.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
34- www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.htmlnvdPatchVendor Advisory
- lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2015-11/msg00001.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2015-11/msg00008.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2015-11/msg00010.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2015-11/msg00019.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2015-12/msg00014.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.htmlnvd
- rhn.redhat.com/errata/RHSA-2015-1919.htmlnvd
- rhn.redhat.com/errata/RHSA-2015-1920.htmlnvd
- rhn.redhat.com/errata/RHSA-2015-1921.htmlnvd
- rhn.redhat.com/errata/RHSA-2015-1926.htmlnvd
- rhn.redhat.com/errata/RHSA-2015-1927.htmlnvd
- rhn.redhat.com/errata/RHSA-2015-1928.htmlnvd
- rhn.redhat.com/errata/RHSA-2015-2506.htmlnvd
- rhn.redhat.com/errata/RHSA-2015-2507.htmlnvd
- rhn.redhat.com/errata/RHSA-2015-2508.htmlnvd
- rhn.redhat.com/errata/RHSA-2015-2509.htmlnvd
- www.debian.org/security/2015/dsa-3381nvd
- www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.htmlnvd
- www.securityfocus.com/bid/77154nvd
- www.securitytracker.com/id/1033884nvd
- www.ubuntu.com/usn/USN-2784-1nvd
- www.ubuntu.com/usn/USN-2827-1nvd
- access.redhat.com/errata/RHSA-2016:1430nvd
- security.gentoo.org/glsa/201603-11nvd
- security.gentoo.org/glsa/201603-14nvd
News mentions
0No linked articles in our index yet.