CVE-2015-0192
First published: Thu Jul 02 2015(Updated: )
Unspecified vulnerability in IBM Java 8 before SR1, 7 R1 before SR2 FP11, 7 before SR9, 6 R1 before SR8 FP4, 6 before SR16 FP4, and 5.0 before SR16 FP10 allows remote attackers to gain privileges via unknown vectors related to the Java Virtual Machine.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM JDK | >=5.0.0.0<5.0.16.10 | |
| IBM JDK | >=6.0.0.0<=6.0.16.4 | |
| IBM JDK | >=6.1.0.0<6.1.8.4 | |
| IBM JDK | >=7.0.0.0<=7.0.9 | |
| IBM JDK | >=7.1.0.0<7.1.2.11 | |
| IBM JDK | >=8.0<8.0.1.0 | |
| Red Hat Enterprise Linux Desktop | =5.0 | |
| Red Hat Enterprise Linux Desktop | =6.0 | |
| Red Hat Enterprise Linux Desktop | =7.0 | |
| Red Hat Enterprise Linux Server | =5.0 | |
| Red Hat Enterprise Linux Server | =6.0 | |
| Red Hat Enterprise Linux Server | =7.0 | |
| Red Hat Enterprise Linux Server | =6.6 | |
| Red Hat Enterprise Linux Server | =6.6 | |
| Red Hat Enterprise Linux Server | =7.1 | |
| Red Hat Enterprise Linux Server | =7.2 | |
| Red Hat Enterprise Linux Server | =7.3 | |
| Red Hat Enterprise Linux Server | =7.4 | |
| Red Hat Enterprise Linux Server | =7.5 | |
| Red Hat Enterprise Linux Workstation | =5.0 | |
| Red Hat Enterprise Linux Workstation | =6.0 | |
| Red Hat Enterprise Linux Workstation | =7.0 | |
| SUSE Linux Enterprise Server | =10-sp4 | |
| SUSE Linux Enterprise Server | =11-sp1 | |
| SUSE Linux Enterprise Server | =11-sp2 | |
| SUSE Linux Enterprise Server | =12 | |
| SUSE Linux Enterprise Software Development Kit | =12 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html
- http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html
- http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html
- http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html
- http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html
- http://rhn.redhat.com/errata/RHSA-2015-1006.html
- http://rhn.redhat.com/errata/RHSA-2015-1007.html
- http://rhn.redhat.com/errata/RHSA-2015-1020.html
- http://rhn.redhat.com/errata/RHSA-2015-1021.html
- http://rhn.redhat.com/errata/RHSA-2015-1091.html
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV70682
- http://www-01.ibm.com/support/docview.wss?uid=swg1IV70683
- http://www-01.ibm.com/support/docview.wss?uid=swg21883640
Frequently Asked Questions
What is the severity of CVE-2015-0192?
CVE-2015-0192 is classified as a high-severity vulnerability that allows remote attackers to gain privileges.
How do I fix CVE-2015-0192?
To fix CVE-2015-0192, it is recommended to upgrade to the latest versions of IBM Java and apply all relevant security patches.
Which versions of IBM Java are affected by CVE-2015-0192?
CVE-2015-0192 affects IBM Java versions prior to SR1 for 8, SR2 FP11 for 7, and various versions for 6 and 5.0.
Who is affected by CVE-2015-0192?
Organizations using affected versions of IBM Java, particularly on Red Hat and SUSE Linux systems, are at risk.
What is the impact of CVE-2015-0192?
The impact of CVE-2015-0192 can lead to unauthorized privilege escalation for remote attackers.
- agent/type
- agent/references
- agent/severity
- agent/author
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/ibm
- canonical/ibm jdk
- version/ibm jdk/5.0.0.0
- version/ibm jdk/6.0.0.0
- version/ibm jdk/6.0.16.4
- version/ibm jdk/6.1.0.0
- version/ibm jdk/7.0.0.0
- version/ibm jdk/7.0.9
- version/ibm jdk/7.1.0.0
- version/ibm jdk/8.0
- vendor/redhat
- canonical/red hat enterprise linux desktop
- version/red hat enterprise linux desktop/5.0
- version/red hat enterprise linux desktop/6.0
- version/red hat enterprise linux desktop/7.0
- canonical/red hat enterprise linux server
- version/red hat enterprise linux server/5.0
- version/red hat enterprise linux server/6.0
- version/red hat enterprise linux server/7.0
- version/red hat enterprise linux server/6.6
- version/red hat enterprise linux server/7.1
- version/red hat enterprise linux server/7.2
- version/red hat enterprise linux server/7.3
- version/red hat enterprise linux server/7.4
- version/red hat enterprise linux server/7.5
- canonical/red hat enterprise linux workstation
- version/red hat enterprise linux workstation/5.0
- version/red hat enterprise linux workstation/6.0
- version/red hat enterprise linux workstation/7.0
- vendor/suse
- canonical/suse linux enterprise server
- version/suse linux enterprise server/10-sp4
- version/suse linux enterprise server/11-sp1
- version/suse linux enterprise server/11-sp2
- version/suse linux enterprise server/12
- canonical/suse linux enterprise software development kit
- version/suse linux enterprise software development kit/12