Search for vulnerabilities
Vulnerability details: VCID-phzg-xuxt-aaad
Vulnerability ID VCID-phzg-xuxt-aaad
Aliases CVE-2015-0408
Summary Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI.
Status Published
Exploitability 0.5
Weighted Severity 9.0
Risk 4.5
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
generic_textual Medium http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-0408.html
rhas Critical https://access.redhat.com/errata/RHSA-2015:0067
rhas Important https://access.redhat.com/errata/RHSA-2015:0068
rhas Important https://access.redhat.com/errata/RHSA-2015:0069
rhas Critical https://access.redhat.com/errata/RHSA-2015:0079
rhas Critical https://access.redhat.com/errata/RHSA-2015:0080
rhas Important https://access.redhat.com/errata/RHSA-2015:0085
rhas Important https://access.redhat.com/errata/RHSA-2015:0086
rhas Critical https://access.redhat.com/errata/RHSA-2015:0133
rhas Critical https://access.redhat.com/errata/RHSA-2015:0134
rhas Critical https://access.redhat.com/errata/RHSA-2015:0135
rhas Important https://access.redhat.com/errata/RHSA-2015:0136
rhas Low https://access.redhat.com/errata/RHSA-2015:0263
rhas Low https://access.redhat.com/errata/RHSA-2015:0264
epss 0.02296 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.02296 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.02296 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.02296 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.02296 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.02296 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.02296 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.02296 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.02296 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.02296 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.02296 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.02296 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.02506 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.02506 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.02506 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.02506 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.08182 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.08182 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.08182 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.08182 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.08182 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.08182 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.08182 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.08182 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.08182 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.08182 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.08182 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.08182 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.08182 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.08182 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.08182 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.08182 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.08182 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.08182 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.08182 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.08182 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.08182 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.08182 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.08182 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.08182 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.08182 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.08182 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.08182 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.08182 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.08182 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.08182 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.08182 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.08182 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.08182 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.08182 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.08182 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.08182 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.08182 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.08182 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.08182 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.08182 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.09938 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.09938 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.09938 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.09938 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.09938 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.09938 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.09938 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.09938 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.09938 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
epss 0.1246 https://api.first.org/data/v1/epss?cve=CVE-2015-0408
rhbs urgent https://bugzilla.redhat.com/show_bug.cgi?id=1183023
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6587
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6593
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6601
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0383
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0395
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0407
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0408
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0410
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0412
cvssv2 10.0 https://nvd.nist.gov/vuln/detail/CVE-2015-0408
generic_textual Medium https://ubuntu.com/security/notices/USN-2486-1
generic_textual Medium https://ubuntu.com/security/notices/USN-2487-1
cvssv3.1 5.3 http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
generic_textual HIGH http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
Reference id Reference type URL
http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04583581
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00001.html
http://lists.opensuse.org/opensuse-security-announce/2015-02/msg00024.html
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00018.html
http://marc.info/?l=bugtraq&m=142496355704097&w=2
http://marc.info/?l=bugtraq&m=142607790919348&w=2
http://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-0408.html
http://rhn.redhat.com/errata/RHSA-2015-0068.html
http://rhn.redhat.com/errata/RHSA-2015-0079.html
http://rhn.redhat.com/errata/RHSA-2015-0080.html
http://rhn.redhat.com/errata/RHSA-2015-0085.html
http://rhn.redhat.com/errata/RHSA-2015-0086.html
http://rhn.redhat.com/errata/RHSA-2015-0136.html
http://rhn.redhat.com/errata/RHSA-2015-0264.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0408.json
https://api.first.org/data/v1/epss?cve=CVE-2015-0408
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6585
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6587
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6591
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6593
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6601
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0383
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0395
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0407
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0408
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0410
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0412
https://exchange.xforce.ibmcloud.com/vulnerabilities/100142
https://security.gentoo.org/glsa/201507-14
https://security.gentoo.org/glsa/201603-14
https://ubuntu.com/security/notices/USN-2486-1
https://ubuntu.com/security/notices/USN-2487-1
https://www-304.ibm.com/support/docview.wss?uid=swg21695474
http://www.debian.org/security/2015/dsa-3144
http://www.debian.org/security/2015/dsa-3147
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
http://www.securityfocus.com/bid/72140
http://www.securitytracker.com/id/1031580
http://www.ubuntu.com/usn/USN-2486-1
http://www.ubuntu.com/usn/USN-2487-1
http://www.vmware.com/security/advisories/VMSA-2015-0003.html
1183023 https://bugzilla.redhat.com/show_bug.cgi?id=1183023
cpe:2.3:a:oracle:jdk:1.5.0:update75:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.5.0:update75:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.6.0:update85:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.6.0:update85:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update72:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update72:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.8.0:update25:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update25:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.5.0:update75:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.5.0:update75:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update85:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.6.0:update85:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update72:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update72:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.8.0:update25:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update25:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:novell:suse_linux_enterprise_desktop:11.0:sp3:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_desktop:11.0:sp3:*:*:*:*:*:*
cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
CVE-2015-0408 https://nvd.nist.gov/vuln/detail/CVE-2015-0408
RHSA-2015:0067 https://access.redhat.com/errata/RHSA-2015:0067
RHSA-2015:0068 https://access.redhat.com/errata/RHSA-2015:0068
RHSA-2015:0069 https://access.redhat.com/errata/RHSA-2015:0069
RHSA-2015:0079 https://access.redhat.com/errata/RHSA-2015:0079
RHSA-2015:0080 https://access.redhat.com/errata/RHSA-2015:0080
RHSA-2015:0085 https://access.redhat.com/errata/RHSA-2015:0085
RHSA-2015:0086 https://access.redhat.com/errata/RHSA-2015:0086
RHSA-2015:0133 https://access.redhat.com/errata/RHSA-2015:0133
RHSA-2015:0134 https://access.redhat.com/errata/RHSA-2015:0134
RHSA-2015:0135 https://access.redhat.com/errata/RHSA-2015:0135
RHSA-2015:0136 https://access.redhat.com/errata/RHSA-2015:0136
RHSA-2015:0263 https://access.redhat.com/errata/RHSA-2015:0263
RHSA-2015:0264 https://access.redhat.com/errata/RHSA-2015:0264
USN-2486-1 https://usn.ubuntu.com/2486-1/
USN-2487-1 https://usn.ubuntu.com/2487-1/
No exploits are available.
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C Found at https://nvd.nist.gov/vuln/detail/CVE-2015-0408
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.89968
EPSS Score 0.02296
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.