rpm package
suse/java-1_7_0-ibm&distro=SUSE Linux Enterprise Server 11 SP3
pkg:rpm/suse/java-1_7_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3
Vulnerabilities (50)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2015-4734 | — | < 1.7.0_sr9.20-42.1 | 1.7.0_sr9.20-42.1 | Oct 21, 2015 | Unspecified vulnerability in Oracle Java SE 6u101, 7u85 and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via vectors related to JGSS. | ||
| CVE-2015-4760 | — | < 1.7.0_sr9.10-9.1 | 1.7.0_sr9.10-9.1 | Jul 16, 2015 | Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. | ||
| CVE-2015-4749 | — | < 1.7.0_sr9.10-9.1 | 1.7.0_sr9.10-9.1 | Jul 16, 2015 | Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect availability via vectors related to JNDI. | ||
| CVE-2015-4748 | — | < 1.7.0_sr9.10-9.1 | 1.7.0_sr9.10-9.1 | Jul 16, 2015 | Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and Embedded 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security. | ||
| CVE-2015-4733 | — | < 1.7.0_sr9.10-9.1 | 1.7.0_sr9.10-9.1 | Jul 16, 2015 | Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI. | ||
| CVE-2015-4732 | — | < 1.7.0_sr9.10-9.1 | 1.7.0_sr9.10-9.1 | Jul 16, 2015 | Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2015-2590. | ||
| CVE-2015-4731 | — | < 1.7.0_sr9.10-9.1 | 1.7.0_sr9.10-9.1 | Jul 16, 2015 | Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; Java SE Embedded 7u75; and Java SE Embedded 8u33 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX. | ||
| CVE-2015-4729 | — | < 1.7.0_sr9.10-9.1 | 1.7.0_sr9.10-9.1 | Jul 16, 2015 | Unspecified vulnerability in Oracle Java SE 7u80 and 8u45 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Deployment. | ||
| CVE-2015-2664 | — | < 1.7.0_sr9.10-9.1 | 1.7.0_sr9.10-9.1 | Jul 16, 2015 | Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. | ||
| CVE-2015-2638 | — | < 1.7.0_sr9.10-9.1 | 1.7.0_sr9.10-9.1 | Jul 16, 2015 | Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JavaFX 2.2.80; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. | ||
| CVE-2015-2637 | — | < 1.7.0_sr9.10-9.1 | 1.7.0_sr9.10-9.1 | Jul 16, 2015 | Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JavaFX 2.2.80; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via unknown vectors related to 2D. | ||
| CVE-2015-2632 | — | < 1.7.0_sr9.10-9.1 | 1.7.0_sr9.10-9.1 | Jul 16, 2015 | Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality via unknown vectors related to 2D. | ||
| CVE-2015-2625 | — | < 1.7.0_sr9.10-9.1 | 1.7.0_sr9.10-9.1 | Jul 16, 2015 | Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JSSE. | ||
| CVE-2015-2621 | — | < 1.7.0_sr9.10-9.1 | 1.7.0_sr9.10-9.1 | Jul 16, 2015 | Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33, allows remote attackers to affect confidentiality via vectors related to JMX. | ||
| CVE-2015-2619 | — | < 1.7.0_sr9.10-9.1 | 1.7.0_sr9.10-9.1 | Jul 16, 2015 | Unspecified vulnerability in Oracle Java SE 7u80 and 8u45, JavaFX 2.2.80, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via unknown vectors related to 2D. | ||
| CVE-2015-2613 | — | < 1.7.0_sr9.10-9.1 | 1.7.0_sr9.10-9.1 | Jul 16, 2015 | Unspecified vulnerability in Oracle Java SE 7u80 and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JCE. | ||
| CVE-2015-2601 | — | < 1.7.0_sr9.10-9.1 | 1.7.0_sr9.10-9.1 | Jul 16, 2015 | Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, JRockit R28.3.6, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JCE. | ||
| CVE-2015-2590 | Cri | 9.8 | KEV | < 1.7.0_sr9.10-9.1 | 1.7.0_sr9.10-9.1 | Jul 16, 2015 | Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2015-4732. |
| CVE-2015-0192 | — | < 1.7.0_sr9.10-9.1 | 1.7.0_sr9.10-9.1 | Jul 2, 2015 | Unspecified vulnerability in IBM Java 8 before SR1, 7 R1 before SR2 FP11, 7 before SR9, 6 R1 before SR8 FP4, 6 before SR16 FP4, and 5.0 before SR16 FP10 allows remote attackers to gain privileges via unknown vectors related to the Java Virtual Machine. | ||
| CVE-2015-4000 | Low | 3.7 | < 1.7.0_sr9.10-9.1 | 1.7.0_sr9.10-9.1 | May 21, 2015 | The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by D |
- CVE-2015-4734Oct 21, 2015affected < 1.7.0_sr9.20-42.1fixed 1.7.0_sr9.20-42.1
Unspecified vulnerability in Oracle Java SE 6u101, 7u85 and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality via vectors related to JGSS.
- CVE-2015-4760Jul 16, 2015affected < 1.7.0_sr9.10-9.1fixed 1.7.0_sr9.10-9.1
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
- CVE-2015-4749Jul 16, 2015affected < 1.7.0_sr9.10-9.1fixed 1.7.0_sr9.10-9.1
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect availability via vectors related to JNDI.
- CVE-2015-4748Jul 16, 2015affected < 1.7.0_sr9.10-9.1fixed 1.7.0_sr9.10-9.1
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and Embedded 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Security.
- CVE-2015-4733Jul 16, 2015affected < 1.7.0_sr9.10-9.1fixed 1.7.0_sr9.10-9.1
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI.
- CVE-2015-4732Jul 16, 2015affected < 1.7.0_sr9.10-9.1fixed 1.7.0_sr9.10-9.1
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2015-2590.
- CVE-2015-4731Jul 16, 2015affected < 1.7.0_sr9.10-9.1fixed 1.7.0_sr9.10-9.1
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; Java SE Embedded 7u75; and Java SE Embedded 8u33 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX.
- CVE-2015-4729Jul 16, 2015affected < 1.7.0_sr9.10-9.1fixed 1.7.0_sr9.10-9.1
Unspecified vulnerability in Oracle Java SE 7u80 and 8u45 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Deployment.
- CVE-2015-2664Jul 16, 2015affected < 1.7.0_sr9.10-9.1fixed 1.7.0_sr9.10-9.1
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
- CVE-2015-2638Jul 16, 2015affected < 1.7.0_sr9.10-9.1fixed 1.7.0_sr9.10-9.1
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JavaFX 2.2.80; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
- CVE-2015-2637Jul 16, 2015affected < 1.7.0_sr9.10-9.1fixed 1.7.0_sr9.10-9.1
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JavaFX 2.2.80; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via unknown vectors related to 2D.
- CVE-2015-2632Jul 16, 2015affected < 1.7.0_sr9.10-9.1fixed 1.7.0_sr9.10-9.1
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality via unknown vectors related to 2D.
- CVE-2015-2625Jul 16, 2015affected < 1.7.0_sr9.10-9.1fixed 1.7.0_sr9.10-9.1
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45; JRockit R28.3.6; and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JSSE.
- CVE-2015-2621Jul 16, 2015affected < 1.7.0_sr9.10-9.1fixed 1.7.0_sr9.10-9.1
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33, allows remote attackers to affect confidentiality via vectors related to JMX.
- CVE-2015-2619Jul 16, 2015affected < 1.7.0_sr9.10-9.1fixed 1.7.0_sr9.10-9.1
Unspecified vulnerability in Oracle Java SE 7u80 and 8u45, JavaFX 2.2.80, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via unknown vectors related to 2D.
- CVE-2015-2613Jul 16, 2015affected < 1.7.0_sr9.10-9.1fixed 1.7.0_sr9.10-9.1
Unspecified vulnerability in Oracle Java SE 7u80 and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JCE.
- CVE-2015-2601Jul 16, 2015affected < 1.7.0_sr9.10-9.1fixed 1.7.0_sr9.10-9.1
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, JRockit R28.3.6, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality via vectors related to JCE.
- affected < 1.7.0_sr9.10-9.1fixed 1.7.0_sr9.10-9.1
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2015-4732.
- CVE-2015-0192Jul 2, 2015affected < 1.7.0_sr9.10-9.1fixed 1.7.0_sr9.10-9.1
Unspecified vulnerability in IBM Java 8 before SR1, 7 R1 before SR2 FP11, 7 before SR9, 6 R1 before SR8 FP4, 6 before SR16 FP4, and 5.0 before SR16 FP10 allows remote attackers to gain privileges via unknown vectors related to the Java Virtual Machine.
- affected < 1.7.0_sr9.10-9.1fixed 1.7.0_sr9.10-9.1
The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by D
Page 2 of 3