CVE-2015-4860

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI, a different vulnerability than CVE-2015-4883.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
10 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 92%
Affected Products (NVD)
VendorProductVersion
oraclejdk
1.6.0
oraclejdk
1.7.0
oraclejdk
1.8.0
oraclejdk
1.8.0
oraclejre
1.6.0
oraclejre
1.7.0
oraclejre
1.8.0
oraclejre
1.8.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
openjdk-8
sid
8u432-b06-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
openjdk-6
precise
Fixed 6b37-1.13.9-1ubuntu0.12.04.1
released
trusty
Fixed 6b37-1.13.9-1ubuntu0.14.04.1
released
vivid
Fixed 6b37-1.13.9-1ubuntu0.15.04.1
released
wily
Fixed 6b37-1.13.9-1ubuntu0.15.10.1
released
openjdk-7
precise
Fixed 7u85-2.6.1-5ubuntu0.12.04.1
released
trusty
Fixed 7u85-2.6.1-5ubuntu0.14.04.1
released
vivid
Fixed 7u85-2.6.1-5ubuntu0.15.04.1
released
wily
Fixed 7u85-2.6.1-5ubuntu0.15.10.1
released
openjdk-8
precise
dne
trusty
dne
vivid
ignored
wily
Fixed 8u66-b17-1
released
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
java-1_7_0-openjdk
suse enterprise sap 12
1.7.0.91-21.2
fixed
suse enterprise sap 12 SP5
1.7.0.231-43.27.2
fixed
suse enterprise server 12
1.7.0.91-21.2
fixed
suse enterprise server 12 SP5
1.7.0.231-43.27.2
fixed
java-1_7_0-openjdk-demo
suse enterprise sap 12
1.7.0.91-21.2
fixed
suse enterprise sap 12 SP5
1.7.0.231-43.27.2
fixed
suse enterprise server 12
1.7.0.91-21.2
fixed
suse enterprise server 12 SP5
1.7.0.231-43.27.2
fixed
java-1_7_0-openjdk-devel
suse enterprise sap 12
1.7.0.91-21.2
fixed
suse enterprise sap 12 SP5
1.7.0.231-43.27.2
fixed
suse enterprise server 12
1.7.0.91-21.2
fixed
suse enterprise server 12 SP5
1.7.0.231-43.27.2
fixed
java-1_7_0-openjdk-headless
suse enterprise sap 12
1.7.0.91-21.2
fixed
suse enterprise sap 12 SP5
1.7.0.231-43.27.2
fixed
suse enterprise server 12
1.7.0.91-21.2
fixed
suse enterprise server 12 SP5
1.7.0.231-43.27.2
fixed
java-1_8_0-openjdk
suse enterprise sap 12 SP5
1.8.0.222-27.35.2
fixed
suse enterprise sap 15
1.8.0.161-1.52
fixed
suse enterprise sap 15 SP1
1.8.0.201-3.16.1
fixed
suse enterprise sap 15 SP2
1.8.0.242-3.30.2
fixed
suse enterprise sap 15 SP3
1.8.0.282-3.48.1
fixed
suse enterprise sap 15 SP4
1.8.0.322-3.64.2
fixed
suse enterprise sap 15 SP5
1.8.0.362-150000.3.76.1
fixed
suse enterprise sap 15 SP6
1.8.0.412-150000.3.91.1
fixed
suse enterprise sap 15 SP7
1.8.0.442-150000.3.103.2
fixed
suse enterprise server 12 SP5
1.8.0.222-27.35.2
fixed
suse enterprise server 15
1.8.0.161-1.52
fixed
suse enterprise server 15 SP1
1.8.0.201-3.16.1
fixed
suse enterprise server 15 SP2
1.8.0.242-3.30.2
fixed
suse enterprise server 15 SP3
1.8.0.282-3.48.1
fixed
suse enterprise server 15 SP4
1.8.0.322-3.64.2
fixed
suse enterprise server 15 SP5
1.8.0.362-150000.3.76.1
fixed
suse enterprise server 15 SP6
1.8.0.412-150000.3.91.1
fixed
suse enterprise server 15 SP7
1.8.0.442-150000.3.103.2
fixed
java-1_8_0-openjdk-demo
suse enterprise sap 12 SP5
1.8.0.222-27.35.2
fixed
suse enterprise sap 15
1.8.0.161-1.52
fixed
suse enterprise sap 15 SP1
1.8.0.201-3.16.1
fixed
suse enterprise sap 15 SP2
1.8.0.242-3.30.2
fixed
suse enterprise sap 15 SP3
1.8.0.282-3.48.1
fixed
suse enterprise sap 15 SP4
1.8.0.322-3.64.2
fixed
suse enterprise sap 15 SP5
1.8.0.362-150000.3.76.1
fixed
suse enterprise sap 15 SP6
1.8.0.412-150000.3.91.1
fixed
suse enterprise sap 15 SP7
1.8.0.442-150000.3.103.2
fixed
suse enterprise server 12 SP5
1.8.0.222-27.35.2
fixed
suse enterprise server 15
1.8.0.161-1.52
fixed
suse enterprise server 15 SP1
1.8.0.201-3.16.1
fixed
suse enterprise server 15 SP2
1.8.0.242-3.30.2
fixed
suse enterprise server 15 SP3
1.8.0.282-3.48.1
fixed
suse enterprise server 15 SP4
1.8.0.322-3.64.2
fixed
suse enterprise server 15 SP5
1.8.0.362-150000.3.76.1
fixed
suse enterprise server 15 SP6
1.8.0.412-150000.3.91.1
fixed
suse enterprise server 15 SP7
1.8.0.442-150000.3.103.2
fixed
java-1_8_0-openjdk-devel
suse enterprise sap 12 SP5
1.8.0.222-27.35.2
fixed
suse enterprise sap 15
1.8.0.161-1.52
fixed
suse enterprise sap 15 SP1
1.8.0.201-3.16.1
fixed
suse enterprise sap 15 SP2
1.8.0.242-3.30.2
fixed
suse enterprise sap 15 SP3
1.8.0.282-3.48.1
fixed
suse enterprise sap 15 SP4
1.8.0.322-3.64.2
fixed
suse enterprise sap 15 SP5
1.8.0.362-150000.3.76.1
fixed
suse enterprise sap 15 SP6
1.8.0.412-150000.3.91.1
fixed
suse enterprise sap 15 SP7
1.8.0.442-150000.3.103.2
fixed
suse enterprise server 12 SP5
1.8.0.222-27.35.2
fixed
suse enterprise server 15
1.8.0.161-1.52
fixed
suse enterprise server 15 SP1
1.8.0.201-3.16.1
fixed
suse enterprise server 15 SP2
1.8.0.242-3.30.2
fixed
suse enterprise server 15 SP3
1.8.0.282-3.48.1
fixed
suse enterprise server 15 SP4
1.8.0.322-3.64.2
fixed
suse enterprise server 15 SP5
1.8.0.362-150000.3.76.1
fixed
suse enterprise server 15 SP6
1.8.0.412-150000.3.91.1
fixed
suse enterprise server 15 SP7
1.8.0.442-150000.3.103.2
fixed
java-1_8_0-openjdk-headless
suse enterprise sap 12 SP5
1.8.0.222-27.35.2
fixed
suse enterprise sap 15
1.8.0.161-1.52
fixed
suse enterprise sap 15 SP1
1.8.0.201-3.16.1
fixed
suse enterprise sap 15 SP2
1.8.0.242-3.30.2
fixed
suse enterprise sap 15 SP3
1.8.0.282-3.48.1
fixed
suse enterprise sap 15 SP4
1.8.0.322-3.64.2
fixed
suse enterprise sap 15 SP5
1.8.0.362-150000.3.76.1
fixed
suse enterprise sap 15 SP6
1.8.0.412-150000.3.91.1
fixed
suse enterprise sap 15 SP7
1.8.0.442-150000.3.103.2
fixed
suse enterprise server 12 SP5
1.8.0.222-27.35.2
fixed
suse enterprise server 15
1.8.0.161-1.52
fixed
suse enterprise server 15 SP1
1.8.0.201-3.16.1
fixed
suse enterprise server 15 SP2
1.8.0.242-3.30.2
fixed
suse enterprise server 15 SP3
1.8.0.282-3.48.1
fixed
suse enterprise server 15 SP4
1.8.0.322-3.64.2
fixed
suse enterprise server 15 SP5
1.8.0.362-150000.3.76.1
fixed
suse enterprise server 15 SP6
1.8.0.412-150000.3.91.1
fixed
suse enterprise server 15 SP7
1.8.0.442-150000.3.103.2
fixed
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
java-1.5.0-ibm
RHEL 6
1:1.5.0.16.14-1jpp.1.el6_7
fixed
java-1.5.0-ibm-demo
RHEL 6
1:1.5.0.16.14-1jpp.1.el6_7
fixed
java-1.5.0-ibm-devel
RHEL 6
1:1.5.0.16.14-1jpp.1.el6_7
fixed
java-1.5.0-ibm-javacomm
RHEL 6
1:1.5.0.16.14-1jpp.1.el6_7
fixed
java-1.5.0-ibm-jdbc
RHEL 6
1:1.5.0.16.14-1jpp.1.el6_7
fixed
java-1.5.0-ibm-plugin
RHEL 6
1:1.5.0.16.14-1jpp.1.el6_7
fixed
java-1.5.0-ibm-src
RHEL 6
1:1.5.0.16.14-1jpp.1.el6_7
fixed
java-1.6.0-ibm
RHEL 6
1:1.6.0.16.15-1jpp.1.el6_7
fixed
java-1.6.0-ibm-demo
RHEL 6
1:1.6.0.16.15-1jpp.1.el6_7
fixed
java-1.6.0-ibm-devel
RHEL 6
1:1.6.0.16.15-1jpp.1.el6_7
fixed
java-1.6.0-ibm-javacomm
RHEL 6
1:1.6.0.16.15-1jpp.1.el6_7
fixed
java-1.6.0-ibm-jdbc
RHEL 6
1:1.6.0.16.15-1jpp.1.el6_7
fixed
java-1.6.0-ibm-plugin
RHEL 6
1:1.6.0.16.15-1jpp.1.el6_7
fixed
java-1.6.0-ibm-src
RHEL 6
1:1.6.0.16.15-1jpp.1.el6_7
fixed
java-1.6.0-openjdk
RHEL 6
1:1.6.0.37-1.13.9.4.el6_7
fixed
RHEL 7
1:1.6.0.37-1.13.9.4.el7_1
fixed
java-1.6.0-openjdk-demo
RHEL 6
1:1.6.0.37-1.13.9.4.el6_7
fixed
RHEL 7
1:1.6.0.37-1.13.9.4.el7_1
fixed
java-1.6.0-openjdk-devel
RHEL 6
1:1.6.0.37-1.13.9.4.el6_7
fixed
RHEL 7
1:1.6.0.37-1.13.9.4.el7_1
fixed
java-1.6.0-openjdk-javadoc
RHEL 6
1:1.6.0.37-1.13.9.4.el6_7
fixed
RHEL 7
1:1.6.0.37-1.13.9.4.el7_1
fixed
java-1.6.0-openjdk-src
RHEL 6
1:1.6.0.37-1.13.9.4.el6_7
fixed
RHEL 7
1:1.6.0.37-1.13.9.4.el7_1
fixed
java-1.7.0-openjdk
RHEL 6
1:1.7.0.91-2.6.2.2.el6_7
fixed
RHEL 7
1:1.7.0.91-2.6.2.1.el7_1
fixed
java-1.7.0-openjdk-accessibility
RHEL 7
1:1.7.0.91-2.6.2.1.el7_1
fixed
java-1.7.0-openjdk-demo
RHEL 6
1:1.7.0.91-2.6.2.2.el6_7
fixed
RHEL 7
1:1.7.0.91-2.6.2.1.el7_1
fixed
java-1.7.0-openjdk-devel
RHEL 6
1:1.7.0.91-2.6.2.2.el6_7
fixed
RHEL 7
1:1.7.0.91-2.6.2.1.el7_1
fixed
java-1.7.0-openjdk-headless
RHEL 7
1:1.7.0.91-2.6.2.1.el7_1
fixed
java-1.7.0-openjdk-javadoc
RHEL 6
1:1.7.0.91-2.6.2.2.el6_7
fixed
RHEL 7
1:1.7.0.91-2.6.2.1.el7_1
fixed
java-1.7.0-openjdk-src
RHEL 6
1:1.7.0.91-2.6.2.2.el6_7
fixed
RHEL 7
1:1.7.0.91-2.6.2.1.el7_1
fixed
java-1.7.1-ibm
RHEL 6
1:1.7.1.3.20-1jpp.1.el6_7
fixed
RHEL 7
1:1.7.1.3.20-1jpp.1.el7
fixed
java-1.7.1-ibm-demo
RHEL 6
1:1.7.1.3.20-1jpp.1.el6_7
fixed
RHEL 7
1:1.7.1.3.20-1jpp.1.el7
fixed
java-1.7.1-ibm-devel
RHEL 6
1:1.7.1.3.20-1jpp.1.el6_7
fixed
RHEL 7
1:1.7.1.3.20-1jpp.1.el7
fixed
java-1.7.1-ibm-jdbc
RHEL 6
1:1.7.1.3.20-1jpp.1.el6_7
fixed
RHEL 7
1:1.7.1.3.20-1jpp.1.el7
fixed
java-1.7.1-ibm-plugin
RHEL 6
1:1.7.1.3.20-1jpp.1.el6_7
fixed
RHEL 7
1:1.7.1.3.20-1jpp.1.el7
fixed
java-1.7.1-ibm-src
RHEL 6
1:1.7.1.3.20-1jpp.1.el6_7
fixed
RHEL 7
1:1.7.1.3.20-1jpp.1.el7
fixed
java-1.8.0-ibm
RHEL 7
1:1.8.0.2.0-1jpp.1.el7
fixed
java-1.8.0-ibm-demo
RHEL 7
1:1.8.0.2.0-1jpp.1.el7
fixed
java-1.8.0-ibm-devel
RHEL 7
1:1.8.0.2.0-1jpp.1.el7
fixed
java-1.8.0-ibm-jdbc
RHEL 7
1:1.8.0.2.0-1jpp.1.el7
fixed
java-1.8.0-ibm-plugin
RHEL 7
1:1.8.0.2.0-1jpp.1.el7
fixed
java-1.8.0-ibm-src
RHEL 7
1:1.8.0.2.0-1jpp.1.el7
fixed
java-1.8.0-openjdk
RHEL 6
1:1.8.0.65-0.b17.el6_7
fixed
RHEL 7
1:1.8.0.65-2.b17.el7_1
fixed
java-1.8.0-openjdk-accessibility
RHEL 7
1:1.8.0.65-2.b17.el7_1
fixed
java-1.8.0-openjdk-debug
RHEL 6
1:1.8.0.65-0.b17.el6_7
fixed
java-1.8.0-openjdk-demo
RHEL 6
1:1.8.0.65-0.b17.el6_7
fixed
RHEL 7
1:1.8.0.65-2.b17.el7_1
fixed
java-1.8.0-openjdk-demo-debug
RHEL 6
1:1.8.0.65-0.b17.el6_7
fixed
java-1.8.0-openjdk-devel
RHEL 6
1:1.8.0.65-0.b17.el6_7
fixed
RHEL 7
1:1.8.0.65-2.b17.el7_1
fixed
java-1.8.0-openjdk-devel-debug
RHEL 6
1:1.8.0.65-0.b17.el6_7
fixed
java-1.8.0-openjdk-headless
RHEL 6
1:1.8.0.65-0.b17.el6_7
fixed
RHEL 7
1:1.8.0.65-2.b17.el7_1
fixed
java-1.8.0-openjdk-headless-debug
RHEL 6
1:1.8.0.65-0.b17.el6_7
fixed
java-1.8.0-openjdk-javadoc
RHEL 6
1:1.8.0.65-0.b17.el6_7
fixed
RHEL 7
1:1.8.0.65-2.b17.el7_1
fixed
java-1.8.0-openjdk-javadoc-debug
RHEL 6
1:1.8.0.65-0.b17.el6_7
fixed
java-1.8.0-openjdk-src
RHEL 6
1:1.8.0.65-0.b17.el6_7
fixed
RHEL 7
1:1.8.0.65-2.b17.el7_1
fixed
java-1.8.0-openjdk-src-debug
RHEL 6
1:1.8.0.65-0.b17.el6_7
fixed
References
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00001.html
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00008.html
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00010.html
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00019.html
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00014.html
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html
http://rhn.redhat.com/errata/RHSA-2015-1919.html
http://rhn.redhat.com/errata/RHSA-2015-1920.html
http://rhn.redhat.com/errata/RHSA-2015-1921.html
http://rhn.redhat.com/errata/RHSA-2015-1926.html
http://rhn.redhat.com/errata/RHSA-2015-1927.html
http://rhn.redhat.com/errata/RHSA-2015-1928.html
http://rhn.redhat.com/errata/RHSA-2015-2506.html
http://rhn.redhat.com/errata/RHSA-2015-2507.html
http://rhn.redhat.com/errata/RHSA-2015-2508.html
http://rhn.redhat.com/errata/RHSA-2015-2509.html
http://rhn.redhat.com/errata/RHSA-2015-2518.html
http://www.debian.org/security/2015/dsa-3381
http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
http://www.securityfocus.com/bid/77162
http://www.securitytracker.com/id/1033884
http://www.ubuntu.com/usn/USN-2784-1
http://www.ubuntu.com/usn/USN-2827-1
https://access.redhat.com/errata/RHSA-2016:1430
https://security.gentoo.org/glsa/201603-11
https://security.gentoo.org/glsa/201603-14
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00000.html
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00001.html
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00008.html
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00009.html
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00010.html
http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00019.html
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00001.html
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00003.html
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00006.html
http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00014.html
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html
http://rhn.redhat.com/errata/RHSA-2015-1919.html
http://rhn.redhat.com/errata/RHSA-2015-1920.html
http://rhn.redhat.com/errata/RHSA-2015-1921.html
http://rhn.redhat.com/errata/RHSA-2015-1926.html
http://rhn.redhat.com/errata/RHSA-2015-1927.html
http://rhn.redhat.com/errata/RHSA-2015-1928.html
http://rhn.redhat.com/errata/RHSA-2015-2506.html
http://rhn.redhat.com/errata/RHSA-2015-2507.html
http://rhn.redhat.com/errata/RHSA-2015-2508.html
http://rhn.redhat.com/errata/RHSA-2015-2509.html
http://rhn.redhat.com/errata/RHSA-2015-2518.html
http://www.debian.org/security/2015/dsa-3381
http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
http://www.securityfocus.com/bid/77162
http://www.securitytracker.com/id/1033884
http://www.ubuntu.com/usn/USN-2784-1
http://www.ubuntu.com/usn/USN-2827-1
https://access.redhat.com/errata/RHSA-2016:1430
https://security.gentoo.org/glsa/201603-11
https://security.gentoo.org/glsa/201603-14