rpm package
suse/java-1_7_0-openjdk&distro=SUSE Linux Enterprise Desktop 12
pkg:rpm/suse/java-1_7_0-openjdk&distro=SUSE%20Linux%20Enterprise%20Desktop%2012
Vulnerabilities (80)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2015-0478 | — | < 1.7.0.79-15.1 | 1.7.0.79-15.1 | Apr 16, 2015 | Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JRockit R28.3.5, allows remote attackers to affect confidentiality via vectors related to JCE. | ||
| CVE-2015-0477 | — | < 1.7.0.79-15.1 | 1.7.0.79-15.1 | Apr 16, 2015 | Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect integrity via unknown vectors related to Beans. | ||
| CVE-2015-0469 | — | < 1.7.0.79-15.1 | 1.7.0.79-15.1 | Apr 16, 2015 | Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D. | ||
| CVE-2015-0460 | — | < 1.7.0.79-15.1 | 1.7.0.79-15.1 | Apr 16, 2015 | Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. | ||
| CVE-2015-0459 | — | < 1.7.0.79-15.1 | 1.7.0.79-15.1 | Apr 16, 2015 | Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JavaFX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2015-0491. | ||
| CVE-2015-0458 | — | < 1.7.0.79-15.1 | 1.7.0.79-15.1 | Apr 16, 2015 | Unspecified vulnerability in in Oracle Java SE 6u91, 7u76, and 8u40 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. | ||
| CVE-2015-2808 | — | < 1.7.0.85-18.2 | 1.7.0.85-18.2 | Apr 1, 2015 | The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing | ||
| CVE-2015-0412 | — | < 1.7.0.75-11.3 | 1.7.0.75-11.3 | Jan 21, 2015 | Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS. | ||
| CVE-2015-0410 | — | < 1.7.0.75-11.3 | 1.7.0.75-11.3 | Jan 21, 2015 | Unspecified vulnerability in the Java SE, Java SE Embedded, JRockit component in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows remote attackers to affect availability via unknown vectors related to Security. | ||
| CVE-2015-0408 | — | < 1.7.0.75-11.3 | 1.7.0.75-11.3 | Jan 21, 2015 | Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI. | ||
| CVE-2015-0407 | — | < 1.7.0.75-11.3 | 1.7.0.75-11.3 | Jan 21, 2015 | Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to Swing. | ||
| CVE-2015-0400 | — | < 1.7.0.75-11.3 | 1.7.0.75-11.3 | Jan 21, 2015 | Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to Libraries. | ||
| CVE-2015-0395 | — | < 1.7.0.75-11.3 | 1.7.0.75-11.3 | Jan 21, 2015 | Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. | ||
| CVE-2015-0383 | — | < 1.7.0.75-11.3 | 1.7.0.75-11.3 | Jan 21, 2015 | Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows local users to affect integrity and availability via unknown vectors related to Hotspot. | ||
| CVE-2014-6601 | — | < 1.7.0.75-11.3 | 1.7.0.75-11.3 | Jan 21, 2015 | Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. | ||
| CVE-2014-6593 | — | < 1.7.0.75-11.3 | 1.7.0.75-11.3 | Jan 21, 2015 | Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit 27.8.4 and 28.3.4 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE. | ||
| CVE-2014-6591 | — | < 1.7.0.75-11.3 | 1.7.0.75-11.3 | Jan 21, 2015 | Unspecified vulnerability in the Java SE component in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to 2D, a different vulnerability than CVE-2014-6585. | ||
| CVE-2014-6587 | — | < 1.7.0.75-11.3 | 1.7.0.75-11.3 | Jan 21, 2015 | Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Libraries. | ||
| CVE-2014-6585 | — | < 1.7.0.75-11.3 | 1.7.0.75-11.3 | Jan 21, 2015 | Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to 2D, a different vulnerability than CVE-2014-6591. | ||
| CVE-2014-3566 | Low | 3.4 | < 1.7.0.75-11.3 | 1.7.0.75-11.3 | Oct 15, 2014 | The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. |
- CVE-2015-0478Apr 16, 2015affected < 1.7.0.79-15.1fixed 1.7.0.79-15.1
Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JRockit R28.3.5, allows remote attackers to affect confidentiality via vectors related to JCE.
- CVE-2015-0477Apr 16, 2015affected < 1.7.0.79-15.1fixed 1.7.0.79-15.1
Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect integrity via unknown vectors related to Beans.
- CVE-2015-0469Apr 16, 2015affected < 1.7.0.79-15.1fixed 1.7.0.79-15.1
Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
- CVE-2015-0460Apr 16, 2015affected < 1.7.0.79-15.1fixed 1.7.0.79-15.1
Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
- CVE-2015-0459Apr 16, 2015affected < 1.7.0.79-15.1fixed 1.7.0.79-15.1
Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JavaFX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2015-0491.
- CVE-2015-0458Apr 16, 2015affected < 1.7.0.79-15.1fixed 1.7.0.79-15.1
Unspecified vulnerability in in Oracle Java SE 6u91, 7u76, and 8u40 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.
- CVE-2015-2808Apr 1, 2015affected < 1.7.0.85-18.2fixed 1.7.0.85-18.2
The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing
- CVE-2015-0412Jan 21, 2015affected < 1.7.0.75-11.3fixed 1.7.0.75-11.3
Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS.
- CVE-2015-0410Jan 21, 2015affected < 1.7.0.75-11.3fixed 1.7.0.75-11.3
Unspecified vulnerability in the Java SE, Java SE Embedded, JRockit component in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows remote attackers to affect availability via unknown vectors related to Security.
- CVE-2015-0408Jan 21, 2015affected < 1.7.0.75-11.3fixed 1.7.0.75-11.3
Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI.
- CVE-2015-0407Jan 21, 2015affected < 1.7.0.75-11.3fixed 1.7.0.75-11.3
Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to Swing.
- CVE-2015-0400Jan 21, 2015affected < 1.7.0.75-11.3fixed 1.7.0.75-11.3
Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to Libraries.
- CVE-2015-0395Jan 21, 2015affected < 1.7.0.75-11.3fixed 1.7.0.75-11.3
Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
- CVE-2015-0383Jan 21, 2015affected < 1.7.0.75-11.3fixed 1.7.0.75-11.3
Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows local users to affect integrity and availability via unknown vectors related to Hotspot.
- CVE-2014-6601Jan 21, 2015affected < 1.7.0.75-11.3fixed 1.7.0.75-11.3
Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.
- CVE-2014-6593Jan 21, 2015affected < 1.7.0.75-11.3fixed 1.7.0.75-11.3
Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit 27.8.4 and 28.3.4 allows remote attackers to affect confidentiality and integrity via vectors related to JSSE.
- CVE-2014-6591Jan 21, 2015affected < 1.7.0.75-11.3fixed 1.7.0.75-11.3
Unspecified vulnerability in the Java SE component in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to 2D, a different vulnerability than CVE-2014-6585.
- CVE-2014-6587Jan 21, 2015affected < 1.7.0.75-11.3fixed 1.7.0.75-11.3
Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Libraries.
- CVE-2014-6585Jan 21, 2015affected < 1.7.0.75-11.3fixed 1.7.0.75-11.3
Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to 2D, a different vulnerability than CVE-2014-6591.
- affected < 1.7.0.75-11.3fixed 1.7.0.75-11.3
The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.
Page 4 of 4