The J9 JVM in IBM SDK, Java Technology Edition 6 before SR16 FP20, 6 R1 before SR8 FP20, 7 before SR9 FP30, and 7 R1 before SR3 FP30 allows remote attackers to obtain sensitive information or inject data by invoking non-public interface methods.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
History
21 Nov 2024, 02:32
Type | Values Removed | Values Added |
---|---|---|
References | () http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00026.html - Mailing List, Third Party Advisory | |
References | () http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00028.html - Mailing List, Third Party Advisory | |
References | () http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00031.html - Mailing List, Third Party Advisory | |
References | () http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00032.html - Mailing List, Third Party Advisory | |
References | () http://www-01.ibm.com/support/docview.wss?uid=swg1IV72872 - Vendor Advisory | |
References | () http://www-01.ibm.com/support/docview.wss?uid=swg21974194 - Vendor Advisory | |
References | () http://www.securityfocus.com/bid/82451 - Third Party Advisory, VDB Entry | |
References | () https://access.redhat.com/errata/RHSA-2016:1430 - Third Party Advisory |
Information
Published : 2016-06-06 17:59
Updated : 2024-11-21 02:32
NVD link : CVE-2015-5041
Mitre link : CVE-2015-5041
CVE.ORG link : CVE-2015-5041
JSON object : View
Products Affected
ibm
- websphere_application_server
- java_sdk
suse
- linux_enterprise_software_development_kit
- linux_enterprise_server
- suse_linux_enterprise_server
redhat
- satellite
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor