CVE-2015-3149
25.07.2017, 18:29
The Hotspot component in OpenJDK8 as packaged in Red Hat Enterprise Linux 6 and 7 allows local users to write to arbitrary files via a symlink attack.
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| redhat | enterprise_linux_desktop | 6.0 |
| redhat | enterprise_linux_desktop | 7.0 |
| redhat | enterprise_linux_hpc_node | 6.0 |
| redhat | enterprise_linux_hpc_node | 7.0 |
| redhat | enterprise_linux_hpc_node_eus | 7.1 |
| redhat | enterprise_linux_server | 6.0 |
| redhat | enterprise_linux_server | 7.0 |
| redhat | enterprise_linux_server_aus | 6.6 |
| redhat | enterprise_linux_server_eus | 6.6z:z |
| redhat | enterprise_linux_server_eus | 7.1 |
| redhat | enterprise_linux_workstation | 6.0 |
| redhat | enterprise_linux_workstation | 7.0 |
𝑥
= Vulnerable software versions
Red Hat Enterprise Linux Releases
Red Hat Product | |||||
|---|---|---|---|---|---|
| java-1.8.0-openjdk |
| ||||
| java-1.8.0-openjdk-accessibility |
| ||||
| java-1.8.0-openjdk-demo |
| ||||
| java-1.8.0-openjdk-devel |
| ||||
| java-1.8.0-openjdk-headless |
| ||||
| java-1.8.0-openjdk-javadoc |
| ||||
| java-1.8.0-openjdk-src |
|