CVE-2015-4796

{"id": "CVE-2015-4796", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "authentication": "SINGLE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2015-10-21T21:59:13.877", "references": [{"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", "source": "secalert_us@oracle.com"}, {"url": "http://www.securityfocus.com/bid/77193", "source": "secalert_us@oracle.com"}, {"url": "http://www.securitytracker.com/id/1033883", "source": "secalert_us@oracle.com"}, {"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/77193", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id/1033883", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the Java VM component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2, when running on Windows, allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2015-4888."}, {"lang": "es", "value": "Vulnerabilidad no especificada en el componente Java VM en Oracle Database Server 11.2.0.4, 12.1.0.1 y 12.1.0.2, cuando se ejecuta en Windows, permite a usuarios remotos autenticados afectar a la confidencialidad, integridad y disponibilidad a trav\u00e9s de vectores desconocidos, una vulnerabilidad diferente a CVE-2015-4888."}], "lastModified": "2024-11-21T02:31:46.037", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:database_server:11.2.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C1E11A25-C7CE-49DF-99CA-352FD21B8230"}, {"criteria": "cpe:2.3:a:oracle:database_server:12.1.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5A7D10EB-D98F-4B80-AB9F-D8A9FC813E1C"}, {"criteria": "cpe:2.3:a:oracle:database_server:12.1.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4F3D40B7-925C-413D-AFF3-60BF330D5BC2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256"}], "operator": "OR"}], "operator": "AND"}], "evaluatorComment": "Per Advisory: <a href=\"http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html\">This issue impacts the Windows platform only.</a>", "sourceIdentifier": "secalert_us@oracle.com"}