Amazon Linux AMI: Security patch for java-1.8.0-openjdk (ALAS-2015-571) (multiple CVEs)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 10 | (AV:N/AC:L/Au:N/C:C/I:C/A:C) | July 16, 2015 | July 23, 2015 | March 21, 2018 |
Description
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
Scan For This Vulnerability
Use our top-rated tool to discover, prioritize, and remediate your vulnerabilities
References
- AMAZON-ALAS-2015-571
- APPLE-APPLE-SA-2015-06-30-1
- APPLE-APPLE-SA-2015-06-30-2
- BID-72155
- BID-74733
- CVE-2015-0383
- CVE-2015-2590
- CVE-2015-2601
- CVE-2015-2621
- CVE-2015-2625
- CVE-2015-2628
- CVE-2015-2632
- CVE-2015-2659
- CVE-2015-2808
- CVE-2015-3149
- CVE-2015-4000
- CVE-2015-4731
- CVE-2015-4732
- CVE-2015-4733
- CVE-2015-4748
- CVE-2015-4749
- CVE-2015-4760
- DEBIAN-DSA-3144
- DEBIAN-DSA-3147
- DEBIAN-DSA-3324
- DISA_SEVERITY-Category I
- DISA_VMSKEY-V0061079
- DISA_VMSKEY-V0061089
- IAVM-2015-A-0153
- IAVM-2015-A-0158
- REDHAT-RHSA-2015:0068
- REDHAT-RHSA-2015:0079
- REDHAT-RHSA-2015:0080
- REDHAT-RHSA-2015:0085
- REDHAT-RHSA-2015:0086
- XF-100148
Solution Reference
Java Security UpdateSolution
amazon-linux-upgrade-java-1-8-0-openjdkRelated Vulnerabilities
- RHSA-2015:1072: openssl security update
- OS X update for Admin Framework (CVE-2015-4000)
- MFSA2015-70 SeaMonkey: NSS accepts export-length DHE keys with regular DHE cipher suites (CVE-2015-4000)
- RHSA-2015:1007: java-1.7.0-ibm security update
- Gentoo Linux: CVE-2015-4760: Oracle JRE/JDK: Multiple vulnerabilities
- IBM AIX: java_july2015_advisory (CVE-2015-4731): Vulnerability in IBM Java SDK affects AIX
- IBM AIX: java_april2015_advisory, rc4_advisory (CVE-2015-2808): Vulnerability in IBM Java SDK affects AIX
- Java CPU July 2015 Java SE 2D vulnerability (CVE-2015-2632)
- IBM AIX: java_july2015_advisory (CVE-2015-4760): Vulnerability in IBM Java SDK affects AIX
- Juniper Junos OS: 2015-05 Out of Cycle Security Bulletin: "Logjam" passive attack on sub-1024 DH groups, and active downgrade attack of TLS to DHE_EXPORT (JSA10681) (CVE-2015-4000)
- SUSE: CVE-2015-4000: SUSE Linux Security Advisory
- Gentoo Linux: CVE-2015-2621: Oracle JRE/JDK: Multiple vulnerabilities
- TLS Server Supports DHE_EXPORT Cipher Algorithms (CVE-2015-4000)
- RHSA-2015:0067: java-1.7.0-openjdk security update
- Java CPU July 2015 Java SE, JRockit, Java SE Embedded JNDI vulnerability (CVE-2015-4749)
- RHSA-2015:1485: java-1.7.1-ibm security update
- IBM AIX: java_july2015_advisory (CVE-2015-4732): Vulnerability in IBM Java SDK affects AIX
- RHSA-2015:1228: java-1.8.0-openjdk security update
- IBM HTTP Server: CVE-2015-2808: Vulnerability in RC4 stream cipher affects IBM HTTP Server and Caching Proxy
- DSA-3324-1 icedove -- security update
- ELSA-2015-1197 Moderate: Oracle Linux openssl security update
- IBM AIX: java_july2015_advisory (CVE-2015-2632): Vulnerability in IBM Java SDK affects AIX
- Gentoo Linux: CVE-2015-4732: Oracle JRE/JDK: Multiple vulnerabilities
- ELSA-2015-1229 Critical: Oracle Linux java-1.7.0-openjdk security update
- Java CPU July 2015 Java SE, JRockit, Java SE Embedded Security vulnerability (CVE-2015-4748)
- MFSA2015-70 Thunderbird: NSS accepts export-length DHE keys with regular DHE cipher suites (CVE-2015-4000)
- Amazon Linux AMI: Security patch for java-1.6.0-openjdk (ALAS-2015-480) (multiple CVEs)
- HP-UX: CVE-2015-0383: Potential security vulnerabilities have been identified in the Java Runtime Environment (JRE) and the Java Developer Kit (JDK) running on HP-UX. These vulnerabilities could allow remote unauthorized access, disclosure of information, and other vulnerabilities.
- HP System Management Homepage - HPSBMU03546 (CVE-2015-4000): Windows and Linux, Multiple Remote Vulnerabilities
- ELSA-2015-0067 Critical: Oracle Linux java-1.7.0-openjdk security update
- Gentoo Linux: CVE-2015-0383: IcedTea: Multiple vulnerabilities
- USN-2696-1: OpenJDK 7 vulnerabilities
- USN-2486-1: OpenJDK 6 vulnerabilities
- IBM AIX: java_july2015_advisory (CVE-2015-4749): Vulnerability in IBM Java SDK affects AIX
- Cent OS: CVE-2015-0383: CESA-2015:0085 (java-1.6.0-openjdk)
- Vulnerabilities deemed not relevant on Red Hat Enterprise Linux 5
- Java CPU July 2015 Java SE, JRockit, Java SE Embedded JSSE vulnerability (CVE-2015-2808)
- Cent OS: CVE-2015-4000: CESA-2015:1526 (java-1.6.0-openjdk)
- Palo Alto Networks (Multiple Advisories) (CVE-2015-4000): OpenSSL Vulnerabilities
- Java CPU July 2015 Java SE, Java SE Embedded JMX vulnerability (CVE-2015-2621)
- SUSE: CVE-2015-0383: SUSE Linux Security Advisory
- ELSA-2015-1526 Important: Oracle Linux java-1.6.0-openjdk security update
- RHSA-2015:1230: java-1.7.0-openjdk security update
- RHSA-2015:0080: java-1.8.0-oracle security update
- ELSA-2015-0069 Important: Oracle Linux java-1.8.0-openjdk security update
- DSA-3147-1 openjdk-6 -- security update
- Vulnerabilities deemed not relevant on Red Hat Enterprise Linux 7
- Gentoo Linux: CVE-2015-4748: Oracle JRE/JDK: Multiple vulnerabilities
- IBM WebSphere Application Server: CVE-2015-2808: IBM Multiple vulnerabilities in IBM® Java SDK affect WebSphere Application Server April 2015 CPU
- Cisco SAN-OS: Multiple Vulnerabilities in OpenSSL (June 2015) Affecting Cisco Products (Multiple CVEs)
- Oracle Solaris 11: CVE-2015-2632: Vulnerability in Localization (L10N)
- IBM AIX: java_july2015_advisory (CVE-2015-2590): Vulnerability in IBM Java SDK affects AIX
- RHSA-2015:1185: nss security update
- USN-2656-2: Firefox vulnerabilities
- HP-UX: CVE-2015-2808: Apache Server Suite running Apache Tomcat or PHP, Remote Denial of Service (DoS) and Other Vulnerabilities
- USN-2706-1: OpenJDK 6 vulnerabilities
- Java CPU July 2015 Java SE, JRockit, Java SE Embedded JSSE vulnerability (CVE-2015-2625)
- RHSA-2015:0086: java-1.6.0-sun security update
- Amazon Linux AMI: Security patch for java-1.8.0-openjdk (ALAS-2015-472) (multiple CVEs)
- FreeBSD: openssl -- multiple vulnerabilities (FreeBSD-SA-15:10.openssl) (Multiple CVEs)
- HP iLO: CVE-2015-4000: Remote Disclosure of Information, Unauthorized Modification aka Logjam
- ELSA-2015-1230 Important: Oracle Linux java-1.7.0-openjdk security update
- Java CPU July 2015 Java SE, JRockit, Java SE Embedded JCE vulnerability (CVE-2015-2601)
- DSA-3323-1 icu -- security update
- ELSA-2015-0085 Important: Oracle Linux java-1.6.0-openjdk security update
- RHSA-2015:0079: java-1.7.0-oracle security update
- Java CPU July 2015 Java SE, Java SE Embedded Security vulnerability (CVE-2015-2659)
- Gentoo Linux: CVE-2015-4731: Oracle JRE/JDK: Multiple vulnerabilities
- USN-2740-1: ICU vulnerabilities
- RHSA-2015:1604: Red Hat Satellite IBM Java Runtime security update
- IBM WebSphere Application Server: CVE-2015-4000: IBM Vulnerability with Diffie-Hellman ciphers may affect IBM WebSphere Application Server (CVE-2015-4000)
- DSA-3144-1 openjdk-7 -- security update
- RHSA-2015:0068: java-1.7.0-openjdk security update
- RHSA-2015:1243: java-1.6.0-sun security update
- MFSA2015-70 Firefox: NSS accepts export-length DHE keys with regular DHE cipher suites (CVE-2015-4000)
- DSA-3316-1 openjdk-7 -- security update
- Gentoo Linux: CVE-2015-4749: IcedTea: Multiple vulnerabilities
- Gentoo Linux: CVE-2015-2590: Oracle JRE/JDK: Multiple vulnerabilities
- HP-UX: CVE-2015-4000: OpenSSL Vulnerability (DHE man-in-the-middle protection (Logjam))
- Java CPU July 2015 Java SE, JRockit, Java SE Embedded JSSE vulnerability (CVE-2015-4000)
- ELSA-2015-0068 Important: Oracle Linux java-1.7.0-openjdk security update
- RHSA-2015:1006: java-1.6.0-ibm security update
- IBM AIX: java_july2015_advisory, openssl_advisory14, openssl_advisory17, sendmail_advisory2 (CVE-2015-4000): Vulnerability in IBM Java SDK affects AIX
- RHSA-2015:1020: java-1.7.1-ibm security update
- RHSA-2015:1197: openssl security update
- Gentoo Linux: CVE-2015-2659: Oracle JRE/JDK: Multiple vulnerabilities
- Oracle Solaris 11: CVE-2015-4760: Vulnerability in Localization (L10N)
- Java CPU July 2015 Java SE, Java SE Embedded Libraries vulnerability (CVE-2015-2590)
- RHSA-2015:0085: java-1.6.0-openjdk security update
- IBM AIX: java_july2015_advisory (CVE-2015-2621): Vulnerability in IBM Java SDK affects AIX
- RHSA-2015:1488: java-1.7.0-ibm security update
- Gentoo Linux: CVE-2015-2632: ICU: Multiple vulnerabilities
- Java CPU July 2015 Java SE, Java SE Embedded JMX vulnerability (CVE-2015-4731)
- DSA-3339-1 openjdk-6 -- security update
- DSA-3287-1 openssl -- security update
- USN-2673-1: Thunderbird vulnerabilities
- Java CPU July 2015 Java SE, Java SE Embedded RMI vulnerability (CVE-2015-4733)
- FreeBSD: mozilla -- multiple vulnerabilities (Multiple CVEs)
- Oracle Solaris 11: CVE-2015-2808: Vulnerability in OpenSSL
- ELSA-2015-1228 Important: Oracle Linux java-1.8.0-openjdk security update