CVE-2015-1931

Sažetak

IBM Java Security Components in IBM SDK, Java Technology Edition 8 before SR1 FP10, 7 R1 before SR3 FP10, 7 before SR9 FP10, 6 R1 before SR8 FP7, 6 before SR16 FP7, and 5.0 before SR16 FP13 stores plaintext information in memory dumps, which allows local users to obtain sensitive information by reading a file.

Reference

http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00051.html
http://www-01.ibm.com/support/docview.wss?uid=swg21962302
http://www-01.ibm.com/support/docview.wss?uid=swg1IV75182
http://rhn.redhat.com/errata/RHSA-2015-1604.html
http://rhn.redhat.com/errata/RHSA-2015-1486.html
http://rhn.redhat.com/errata/RHSA-2015-1488.html
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00014.html
http://rhn.redhat.com/errata/RHSA-2015-1485.html
http://rhn.redhat.com/errata/RHSA-2015-1544.html
http://www.securityfocus.com/bid/75985

CVSS

Base:	5.5
Impact:	3.6
Exploitability:	1.8

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	-

Impact

Povjerljivost	Cjelovitost	Dostupnost
HIGH	NONE	NONE

CVSS vektor

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Zadnje važnije ažuriranje

30-09-2022 - 03:04

Objavljeno

29-09-2022 - 03:15