csaf_suse - suse-su-2015:1073-1

suse-su-2015:1073-1

Vulnerability from csaf_suse

Published

2015-06-12 14:22

Modified

2015-06-12 14:22

Summary

Security update for java-1_7_0-ibm

Notes

Title of the patch

Security update for java-1_7_0-ibm

Description of the patch

This update fixes the following security issues: - Version bump to 7.1-3.0 release bnc#930365 CVE-2015-0192 CVE-2015-2808 CVE-2015-1914 CVE-2015-0138 - Fix removeing links before update-alternatives run. bnc#931702 - Fix bnc#912434, javaws/plugin stuff should slave plugin update-alternatives - Fix bnc#912447, use system cacerts - Update to 7.1.2.10 for sec issues bnc#916266 and bnc#916265 CVE-2014-8892 CVE-2014-8891

Patchnames

SUSE-SLE-SDK-12-2015-270,SUSE-SLE-SERVER-12-2015-270

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "\nSecurity update for java-1_7_0-ibm ",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update fixes the following security issues:\n\n- Version bump to 7.1-3.0 release bnc#930365 CVE-2015-0192 CVE-2015-2808 CVE-2015-1914 CVE-2015-0138\n\n- Fix removeing links before update-alternatives run. bnc#931702\n\n- Fix bnc#912434, javaws/plugin stuff should slave plugin update-alternatives\n- Fix bnc#912447, use system cacerts\n\n- Update to 7.1.2.10 for sec issues bnc#916266 and bnc#916265 CVE-2014-8892 CVE-2014-8891\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-SLE-SDK-12-2015-270,SUSE-SLE-SERVER-12-2015-270",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2015_1073-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2015:1073-1",
        "url": "https://www.suse.com/support/update/announcement/2015/suse-su-20151073-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2015:1073-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2015-June/001442.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 912434",
        "url": "https://bugzilla.suse.com/912434"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 912447",
        "url": "https://bugzilla.suse.com/912447"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 930365",
        "url": "https://bugzilla.suse.com/930365"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 931693",
        "url": "https://bugzilla.suse.com/931693"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 931702",
        "url": "https://bugzilla.suse.com/931702"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-0138 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-0138/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-0192 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-0192/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-1914 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-1914/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-2808 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-2808/"
      }
    ],
    "title": "\nSecurity update for java-1_7_0-ibm ",
    "tracking": {
      "current_release_date": "2015-06-12T14:22:03Z",
      "generator": {
        "date": "2015-06-12T14:22:03Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2015:1073-1",
      "initial_release_date": "2015-06-12T14:22:03Z",
      "revision_history": [
        {
          "date": "2015-06-12T14:22:03Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "java-1_7_1-ibm-devel-1.7.1_sr3.0-11.1.ppc64le",
                "product": {
                  "name": "java-1_7_1-ibm-devel-1.7.1_sr3.0-11.1.ppc64le",
                  "product_id": "java-1_7_1-ibm-devel-1.7.1_sr3.0-11.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "java-1_7_1-ibm-1.7.1_sr3.0-11.1.ppc64le",
                "product": {
                  "name": "java-1_7_1-ibm-1.7.1_sr3.0-11.1.ppc64le",
                  "product_id": "java-1_7_1-ibm-1.7.1_sr3.0-11.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.ppc64le",
                "product": {
                  "name": "java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.ppc64le",
                  "product_id": "java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "java-1_7_1-ibm-devel-1.7.1_sr3.0-11.1.s390x",
                "product": {
                  "name": "java-1_7_1-ibm-devel-1.7.1_sr3.0-11.1.s390x",
                  "product_id": "java-1_7_1-ibm-devel-1.7.1_sr3.0-11.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "java-1_7_1-ibm-1.7.1_sr3.0-11.1.s390x",
                "product": {
                  "name": "java-1_7_1-ibm-1.7.1_sr3.0-11.1.s390x",
                  "product_id": "java-1_7_1-ibm-1.7.1_sr3.0-11.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.s390x",
                "product": {
                  "name": "java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.s390x",
                  "product_id": "java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "java-1_7_1-ibm-devel-1.7.1_sr3.0-11.1.x86_64",
                "product": {
                  "name": "java-1_7_1-ibm-devel-1.7.1_sr3.0-11.1.x86_64",
                  "product_id": "java-1_7_1-ibm-devel-1.7.1_sr3.0-11.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "java-1_7_1-ibm-1.7.1_sr3.0-11.1.x86_64",
                "product": {
                  "name": "java-1_7_1-ibm-1.7.1_sr3.0-11.1.x86_64",
                  "product_id": "java-1_7_1-ibm-1.7.1_sr3.0-11.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "java-1_7_1-ibm-alsa-1.7.1_sr3.0-11.1.x86_64",
                "product": {
                  "name": "java-1_7_1-ibm-alsa-1.7.1_sr3.0-11.1.x86_64",
                  "product_id": "java-1_7_1-ibm-alsa-1.7.1_sr3.0-11.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.x86_64",
                "product": {
                  "name": "java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.x86_64",
                  "product_id": "java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "java-1_7_1-ibm-plugin-1.7.1_sr3.0-11.1.x86_64",
                "product": {
                  "name": "java-1_7_1-ibm-plugin-1.7.1_sr3.0-11.1.x86_64",
                  "product_id": "java-1_7_1-ibm-plugin-1.7.1_sr3.0-11.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Software Development Kit 12",
                "product": {
                  "name": "SUSE Linux Enterprise Software Development Kit 12",
                  "product_id": "SUSE Linux Enterprise Software Development Kit 12",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-sdk:12"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 12",
                "product": {
                  "name": "SUSE Linux Enterprise Server 12",
                  "product_id": "SUSE Linux Enterprise Server 12",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles:12"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server for SAP Applications 12",
                "product": {
                  "name": "SUSE Linux Enterprise Server for SAP Applications 12",
                  "product_id": "SUSE Linux Enterprise Server for SAP Applications 12",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles_sap:12"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-1_7_1-ibm-devel-1.7.1_sr3.0-11.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12",
          "product_id": "SUSE Linux Enterprise Software Development Kit 12:java-1_7_1-ibm-devel-1.7.1_sr3.0-11.1.ppc64le"
        },
        "product_reference": "java-1_7_1-ibm-devel-1.7.1_sr3.0-11.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-1_7_1-ibm-devel-1.7.1_sr3.0-11.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12",
          "product_id": "SUSE Linux Enterprise Software Development Kit 12:java-1_7_1-ibm-devel-1.7.1_sr3.0-11.1.s390x"
        },
        "product_reference": "java-1_7_1-ibm-devel-1.7.1_sr3.0-11.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-1_7_1-ibm-devel-1.7.1_sr3.0-11.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12",
          "product_id": "SUSE Linux Enterprise Software Development Kit 12:java-1_7_1-ibm-devel-1.7.1_sr3.0-11.1.x86_64"
        },
        "product_reference": "java-1_7_1-ibm-devel-1.7.1_sr3.0-11.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-1_7_1-ibm-1.7.1_sr3.0-11.1.ppc64le as component of SUSE Linux Enterprise Server 12",
          "product_id": "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-1.7.1_sr3.0-11.1.ppc64le"
        },
        "product_reference": "java-1_7_1-ibm-1.7.1_sr3.0-11.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-1_7_1-ibm-1.7.1_sr3.0-11.1.s390x as component of SUSE Linux Enterprise Server 12",
          "product_id": "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-1.7.1_sr3.0-11.1.s390x"
        },
        "product_reference": "java-1_7_1-ibm-1.7.1_sr3.0-11.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-1_7_1-ibm-1.7.1_sr3.0-11.1.x86_64 as component of SUSE Linux Enterprise Server 12",
          "product_id": "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-1.7.1_sr3.0-11.1.x86_64"
        },
        "product_reference": "java-1_7_1-ibm-1.7.1_sr3.0-11.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-1_7_1-ibm-alsa-1.7.1_sr3.0-11.1.x86_64 as component of SUSE Linux Enterprise Server 12",
          "product_id": "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-alsa-1.7.1_sr3.0-11.1.x86_64"
        },
        "product_reference": "java-1_7_1-ibm-alsa-1.7.1_sr3.0-11.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.ppc64le as component of SUSE Linux Enterprise Server 12",
          "product_id": "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.ppc64le"
        },
        "product_reference": "java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.s390x as component of SUSE Linux Enterprise Server 12",
          "product_id": "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.s390x"
        },
        "product_reference": "java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.x86_64 as component of SUSE Linux Enterprise Server 12",
          "product_id": "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.x86_64"
        },
        "product_reference": "java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-1_7_1-ibm-plugin-1.7.1_sr3.0-11.1.x86_64 as component of SUSE Linux Enterprise Server 12",
          "product_id": "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-plugin-1.7.1_sr3.0-11.1.x86_64"
        },
        "product_reference": "java-1_7_1-ibm-plugin-1.7.1_sr3.0-11.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-1_7_1-ibm-1.7.1_sr3.0-11.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-1.7.1_sr3.0-11.1.ppc64le"
        },
        "product_reference": "java-1_7_1-ibm-1.7.1_sr3.0-11.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-1_7_1-ibm-1.7.1_sr3.0-11.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-1.7.1_sr3.0-11.1.s390x"
        },
        "product_reference": "java-1_7_1-ibm-1.7.1_sr3.0-11.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-1_7_1-ibm-1.7.1_sr3.0-11.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-1.7.1_sr3.0-11.1.x86_64"
        },
        "product_reference": "java-1_7_1-ibm-1.7.1_sr3.0-11.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-1_7_1-ibm-alsa-1.7.1_sr3.0-11.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-alsa-1.7.1_sr3.0-11.1.x86_64"
        },
        "product_reference": "java-1_7_1-ibm-alsa-1.7.1_sr3.0-11.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.ppc64le"
        },
        "product_reference": "java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.s390x"
        },
        "product_reference": "java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.x86_64"
        },
        "product_reference": "java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-1_7_1-ibm-plugin-1.7.1_sr3.0-11.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-plugin-1.7.1_sr3.0-11.1.x86_64"
        },
        "product_reference": "java-1_7_1-ibm-plugin-1.7.1_sr3.0-11.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2015-0138",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-0138"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "GSKit in IBM Tivoli Directory Server (ITDS) 6.0 before 6.0.0.73-ISS-ITDS-IF0073, 6.1 before 6.1.0.66-ISS-ITDS-IF0066, 6.2 before 6.2.0.42-ISS-ITDS-IF0042, and 6.3 before 6.3.0.35-ISS-ITDS-IF0035 and IBM Security Directory Server (ISDS) 6.3.1 before 6.3.1.9-ISS-ISDS-IF0009 does not properly restrict TLS state transitions, which makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted TLS traffic, related to the \"FREAK\" issue, a different vulnerability than CVE-2015-0204.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-1.7.1_sr3.0-11.1.ppc64le",
          "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-1.7.1_sr3.0-11.1.s390x",
          "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-1.7.1_sr3.0-11.1.x86_64",
          "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-alsa-1.7.1_sr3.0-11.1.x86_64",
          "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.ppc64le",
          "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.s390x",
          "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.x86_64",
          "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-plugin-1.7.1_sr3.0-11.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-1.7.1_sr3.0-11.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-1.7.1_sr3.0-11.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-1.7.1_sr3.0-11.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-alsa-1.7.1_sr3.0-11.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-plugin-1.7.1_sr3.0-11.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12:java-1_7_1-ibm-devel-1.7.1_sr3.0-11.1.ppc64le",
          "SUSE Linux Enterprise Software Development Kit 12:java-1_7_1-ibm-devel-1.7.1_sr3.0-11.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 12:java-1_7_1-ibm-devel-1.7.1_sr3.0-11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-0138",
          "url": "https://www.suse.com/security/cve/CVE-2015-0138"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 952088 for CVE-2015-0138",
          "url": "https://bugzilla.suse.com/952088"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-1.7.1_sr3.0-11.1.ppc64le",
            "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-1.7.1_sr3.0-11.1.s390x",
            "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-1.7.1_sr3.0-11.1.x86_64",
            "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-alsa-1.7.1_sr3.0-11.1.x86_64",
            "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.ppc64le",
            "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.s390x",
            "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.x86_64",
            "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-plugin-1.7.1_sr3.0-11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-1.7.1_sr3.0-11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-1.7.1_sr3.0-11.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-1.7.1_sr3.0-11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-alsa-1.7.1_sr3.0-11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-plugin-1.7.1_sr3.0-11.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12:java-1_7_1-ibm-devel-1.7.1_sr3.0-11.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12:java-1_7_1-ibm-devel-1.7.1_sr3.0-11.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12:java-1_7_1-ibm-devel-1.7.1_sr3.0-11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2015-06-12T14:22:03Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-0138"
    },
    {
      "cve": "CVE-2015-0192",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-0192"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Unspecified vulnerability in IBM Java 8 before SR1, 7 R1 before SR2 FP11, 7 before SR9, 6 R1 before SR8 FP4, 6 before SR16 FP4, and 5.0 before SR16 FP10 allows remote attackers to gain privileges via unknown vectors related to the Java Virtual Machine.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-1.7.1_sr3.0-11.1.ppc64le",
          "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-1.7.1_sr3.0-11.1.s390x",
          "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-1.7.1_sr3.0-11.1.x86_64",
          "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-alsa-1.7.1_sr3.0-11.1.x86_64",
          "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.ppc64le",
          "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.s390x",
          "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.x86_64",
          "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-plugin-1.7.1_sr3.0-11.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-1.7.1_sr3.0-11.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-1.7.1_sr3.0-11.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-1.7.1_sr3.0-11.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-alsa-1.7.1_sr3.0-11.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-plugin-1.7.1_sr3.0-11.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12:java-1_7_1-ibm-devel-1.7.1_sr3.0-11.1.ppc64le",
          "SUSE Linux Enterprise Software Development Kit 12:java-1_7_1-ibm-devel-1.7.1_sr3.0-11.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 12:java-1_7_1-ibm-devel-1.7.1_sr3.0-11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-0192",
          "url": "https://www.suse.com/security/cve/CVE-2015-0192"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 952088 for CVE-2015-0192",
          "url": "https://bugzilla.suse.com/952088"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-1.7.1_sr3.0-11.1.ppc64le",
            "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-1.7.1_sr3.0-11.1.s390x",
            "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-1.7.1_sr3.0-11.1.x86_64",
            "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-alsa-1.7.1_sr3.0-11.1.x86_64",
            "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.ppc64le",
            "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.s390x",
            "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.x86_64",
            "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-plugin-1.7.1_sr3.0-11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-1.7.1_sr3.0-11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-1.7.1_sr3.0-11.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-1.7.1_sr3.0-11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-alsa-1.7.1_sr3.0-11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-plugin-1.7.1_sr3.0-11.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12:java-1_7_1-ibm-devel-1.7.1_sr3.0-11.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12:java-1_7_1-ibm-devel-1.7.1_sr3.0-11.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12:java-1_7_1-ibm-devel-1.7.1_sr3.0-11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2015-06-12T14:22:03Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2015-0192"
    },
    {
      "cve": "CVE-2015-1914",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-1914"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "IBM Java 7 R1 before SR3, 7 before SR9, 6 R1 before SR8 FP4, 6 before SR16 FP4, and 5.0 before SR16 FP10 allows remote attackers to bypass \"permission checks\" and obtain sensitive information via vectors related to the Java Virtual Machine.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-1.7.1_sr3.0-11.1.ppc64le",
          "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-1.7.1_sr3.0-11.1.s390x",
          "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-1.7.1_sr3.0-11.1.x86_64",
          "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-alsa-1.7.1_sr3.0-11.1.x86_64",
          "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.ppc64le",
          "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.s390x",
          "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.x86_64",
          "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-plugin-1.7.1_sr3.0-11.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-1.7.1_sr3.0-11.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-1.7.1_sr3.0-11.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-1.7.1_sr3.0-11.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-alsa-1.7.1_sr3.0-11.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-plugin-1.7.1_sr3.0-11.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12:java-1_7_1-ibm-devel-1.7.1_sr3.0-11.1.ppc64le",
          "SUSE Linux Enterprise Software Development Kit 12:java-1_7_1-ibm-devel-1.7.1_sr3.0-11.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 12:java-1_7_1-ibm-devel-1.7.1_sr3.0-11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-1914",
          "url": "https://www.suse.com/security/cve/CVE-2015-1914"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 952088 for CVE-2015-1914",
          "url": "https://bugzilla.suse.com/952088"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-1.7.1_sr3.0-11.1.ppc64le",
            "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-1.7.1_sr3.0-11.1.s390x",
            "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-1.7.1_sr3.0-11.1.x86_64",
            "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-alsa-1.7.1_sr3.0-11.1.x86_64",
            "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.ppc64le",
            "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.s390x",
            "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.x86_64",
            "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-plugin-1.7.1_sr3.0-11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-1.7.1_sr3.0-11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-1.7.1_sr3.0-11.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-1.7.1_sr3.0-11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-alsa-1.7.1_sr3.0-11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-plugin-1.7.1_sr3.0-11.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12:java-1_7_1-ibm-devel-1.7.1_sr3.0-11.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12:java-1_7_1-ibm-devel-1.7.1_sr3.0-11.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12:java-1_7_1-ibm-devel-1.7.1_sr3.0-11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2015-06-12T14:22:03Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2015-1914"
    },
    {
      "cve": "CVE-2015-2808",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-2808"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the \"Bar Mitzvah\" issue.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-1.7.1_sr3.0-11.1.ppc64le",
          "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-1.7.1_sr3.0-11.1.s390x",
          "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-1.7.1_sr3.0-11.1.x86_64",
          "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-alsa-1.7.1_sr3.0-11.1.x86_64",
          "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.ppc64le",
          "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.s390x",
          "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.x86_64",
          "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-plugin-1.7.1_sr3.0-11.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-1.7.1_sr3.0-11.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-1.7.1_sr3.0-11.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-1.7.1_sr3.0-11.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-alsa-1.7.1_sr3.0-11.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-plugin-1.7.1_sr3.0-11.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12:java-1_7_1-ibm-devel-1.7.1_sr3.0-11.1.ppc64le",
          "SUSE Linux Enterprise Software Development Kit 12:java-1_7_1-ibm-devel-1.7.1_sr3.0-11.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 12:java-1_7_1-ibm-devel-1.7.1_sr3.0-11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-2808",
          "url": "https://www.suse.com/security/cve/CVE-2015-2808"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 925378 for CVE-2015-2808",
          "url": "https://bugzilla.suse.com/925378"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 938248 for CVE-2015-2808",
          "url": "https://bugzilla.suse.com/938248"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 938895 for CVE-2015-2808",
          "url": "https://bugzilla.suse.com/938895"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 952088 for CVE-2015-2808",
          "url": "https://bugzilla.suse.com/952088"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-1.7.1_sr3.0-11.1.ppc64le",
            "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-1.7.1_sr3.0-11.1.s390x",
            "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-1.7.1_sr3.0-11.1.x86_64",
            "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-alsa-1.7.1_sr3.0-11.1.x86_64",
            "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.ppc64le",
            "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.s390x",
            "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.x86_64",
            "SUSE Linux Enterprise Server 12:java-1_7_1-ibm-plugin-1.7.1_sr3.0-11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-1.7.1_sr3.0-11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-1.7.1_sr3.0-11.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-1.7.1_sr3.0-11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-alsa-1.7.1_sr3.0-11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-jdbc-1.7.1_sr3.0-11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:java-1_7_1-ibm-plugin-1.7.1_sr3.0-11.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12:java-1_7_1-ibm-devel-1.7.1_sr3.0-11.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12:java-1_7_1-ibm-devel-1.7.1_sr3.0-11.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12:java-1_7_1-ibm-devel-1.7.1_sr3.0-11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2015-06-12T14:22:03Z",
          "details": "important"
        }
      ],
      "title": "CVE-2015-2808"
    }
  ]
}

CVE-2015-0138 (GCVE-0-2015-0138)

Vulnerability from cvelistv5

Published

2015-03-25 01:00

Modified

2024-08-06 04:03

Severity ?

CWE

Summary

GSKit in IBM Tivoli Directory Server (ITDS) 6.0 before 6.0.0.73-ISS-ITDS-IF0073, 6.1 before 6.1.0.66-ISS-ITDS-IF0066, 6.2 before 6.2.0.42-ISS-ITDS-IF0042, and 6.3 before 6.3.0.35-ISS-ITDS-IF0035 and IBM Security Directory Server (ISDS) 6.3.1 before 6.3.1.9-ISS-ISDS-IF0009 does not properly restrict TLS state transitions, which makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted TLS traffic, related to the "FREAK" issue, a different vulnerability than CVE-2015-0204.

References

►

URL

Tags

	http://rhn.redhat.com/errata/RHSA-2015-1007.html	vendor-advisory, x_refsource_REDHAT
	http://www.securityfocus.com/bid/73326	vdb-entry, x_refsource_BID
	http://rhn.redhat.com/errata/RHSA-2015-1006.html	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2015-1091.html	vendor-advisory, x_refsource_REDHAT
	http://www-01.ibm.com/support/docview.wss?uid=swg21698703	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg21883640	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html	vendor-advisory, x_refsource_SUSE
	http://rhn.redhat.com/errata/RHSA-2015-1020.html	vendor-advisory, x_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html	vendor-advisory, x_refsource_SUSE
	http://rhn.redhat.com/errata/RHSA-2015-1021.html	vendor-advisory, x_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html	vendor-advisory, x_refsource_SUSE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T04:03:09.863Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2015:1007",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1007.html"
          },
          {
            "name": "73326",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/73326"
          },
          {
            "name": "RHSA-2015:1006",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1006.html"
          },
          {
            "name": "RHSA-2015:1091",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1091.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21698703"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883640"
          },
          {
            "name": "SUSE-SU-2015:1138",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html"
          },
          {
            "name": "RHSA-2015:1020",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1020.html"
          },
          {
            "name": "SUSE-SU-2015:1086",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html"
          },
          {
            "name": "SUSE-SU-2015:1085",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html"
          },
          {
            "name": "RHSA-2015:1021",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1021.html"
          },
          {
            "name": "SUSE-SU-2015:1073",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html"
          },
          {
            "name": "SUSE-SU-2015:1161",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-03-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "GSKit in IBM Tivoli Directory Server (ITDS) 6.0 before 6.0.0.73-ISS-ITDS-IF0073, 6.1 before 6.1.0.66-ISS-ITDS-IF0066, 6.2 before 6.2.0.42-ISS-ITDS-IF0042, and 6.3 before 6.3.0.35-ISS-ITDS-IF0035 and IBM Security Directory Server (ISDS) 6.3.1 before 6.3.1.9-ISS-ISDS-IF0009 does not properly restrict TLS state transitions, which makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted TLS traffic, related to the \"FREAK\" issue, a different vulnerability than CVE-2015-0204."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-30T15:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "RHSA-2015:1007",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1007.html"
        },
        {
          "name": "73326",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/73326"
        },
        {
          "name": "RHSA-2015:1006",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1006.html"
        },
        {
          "name": "RHSA-2015:1091",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1091.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21698703"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883640"
        },
        {
          "name": "SUSE-SU-2015:1138",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html"
        },
        {
          "name": "RHSA-2015:1020",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1020.html"
        },
        {
          "name": "SUSE-SU-2015:1086",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html"
        },
        {
          "name": "SUSE-SU-2015:1085",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html"
        },
        {
          "name": "RHSA-2015:1021",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1021.html"
        },
        {
          "name": "SUSE-SU-2015:1073",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html"
        },
        {
          "name": "SUSE-SU-2015:1161",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2015-0138",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "GSKit in IBM Tivoli Directory Server (ITDS) 6.0 before 6.0.0.73-ISS-ITDS-IF0073, 6.1 before 6.1.0.66-ISS-ITDS-IF0066, 6.2 before 6.2.0.42-ISS-ITDS-IF0042, and 6.3 before 6.3.0.35-ISS-ITDS-IF0035 and IBM Security Directory Server (ISDS) 6.3.1 before 6.3.1.9-ISS-ISDS-IF0009 does not properly restrict TLS state transitions, which makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted TLS traffic, related to the \"FREAK\" issue, a different vulnerability than CVE-2015-0204."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2015:1007",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-1007.html"
            },
            {
              "name": "73326",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/73326"
            },
            {
              "name": "RHSA-2015:1006",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-1006.html"
            },
            {
              "name": "RHSA-2015:1091",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-1091.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21698703",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21698703"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21883640",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883640"
            },
            {
              "name": "SUSE-SU-2015:1138",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html"
            },
            {
              "name": "RHSA-2015:1020",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-1020.html"
            },
            {
              "name": "SUSE-SU-2015:1086",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html"
            },
            {
              "name": "SUSE-SU-2015:1085",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html"
            },
            {
              "name": "RHSA-2015:1021",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-1021.html"
            },
            {
              "name": "SUSE-SU-2015:1073",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html"
            },
            {
              "name": "SUSE-SU-2015:1161",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2015-0138",
    "datePublished": "2015-03-25T01:00:00",
    "dateReserved": "2014-11-18T00:00:00",
    "dateUpdated": "2024-08-06T04:03:09.863Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2015-1914 (GCVE-0-2015-1914)

Vulnerability from cvelistv5

Published

2015-07-02 21:16

Modified

2024-08-06 04:54

Severity ?

CWE

Summary

IBM Java 7 R1 before SR3, 7 before SR9, 6 R1 before SR8 FP4, 6 before SR16 FP4, and 5.0 before SR16 FP10 allows remote attackers to bypass "permission checks" and obtain sensitive information via vectors related to the Java Virtual Machine.

References

►

URL

Tags

	http://rhn.redhat.com/errata/RHSA-2015-1007.html	vendor-advisory, x_refsource_REDHAT
	http://www-01.ibm.com/support/docview.wss?uid=swg1IV72245	vendor-advisory, x_refsource_AIXAPAR
	http://rhn.redhat.com/errata/RHSA-2015-1006.html	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2015-1091.html	vendor-advisory, x_refsource_REDHAT
	http://www-01.ibm.com/support/docview.wss?uid=swg21883640	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html	vendor-advisory, x_refsource_SUSE
	http://rhn.redhat.com/errata/RHSA-2015-1020.html	vendor-advisory, x_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html	vendor-advisory, x_refsource_SUSE
	http://www.securityfocus.com/bid/74645	vdb-entry, x_refsource_BID
	http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html	vendor-advisory, x_refsource_SUSE
	http://rhn.redhat.com/errata/RHSA-2015-1021.html	vendor-advisory, x_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html	vendor-advisory, x_refsource_SUSE
	http://www-01.ibm.com/support/docview.wss?uid=swg1IV72246	vendor-advisory, x_refsource_AIXAPAR

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T04:54:16.525Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2015:1007",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1007.html"
          },
          {
            "name": "IV72245",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV72245"
          },
          {
            "name": "RHSA-2015:1006",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1006.html"
          },
          {
            "name": "RHSA-2015:1091",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1091.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883640"
          },
          {
            "name": "SUSE-SU-2015:1138",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html"
          },
          {
            "name": "RHSA-2015:1020",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1020.html"
          },
          {
            "name": "SUSE-SU-2015:1086",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html"
          },
          {
            "name": "74645",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/74645"
          },
          {
            "name": "SUSE-SU-2015:1085",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html"
          },
          {
            "name": "RHSA-2015:1021",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1021.html"
          },
          {
            "name": "SUSE-SU-2015:1073",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html"
          },
          {
            "name": "SUSE-SU-2015:1161",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html"
          },
          {
            "name": "IV72246",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV72246"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-05-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM Java 7 R1 before SR3, 7 before SR9, 6 R1 before SR8 FP4, 6 before SR16 FP4, and 5.0 before SR16 FP10 allows remote attackers to bypass \"permission checks\" and obtain sensitive information via vectors related to the Java Virtual Machine."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-23T18:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "RHSA-2015:1007",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1007.html"
        },
        {
          "name": "IV72245",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV72245"
        },
        {
          "name": "RHSA-2015:1006",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1006.html"
        },
        {
          "name": "RHSA-2015:1091",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1091.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883640"
        },
        {
          "name": "SUSE-SU-2015:1138",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html"
        },
        {
          "name": "RHSA-2015:1020",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1020.html"
        },
        {
          "name": "SUSE-SU-2015:1086",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html"
        },
        {
          "name": "74645",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/74645"
        },
        {
          "name": "SUSE-SU-2015:1085",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html"
        },
        {
          "name": "RHSA-2015:1021",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1021.html"
        },
        {
          "name": "SUSE-SU-2015:1073",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html"
        },
        {
          "name": "SUSE-SU-2015:1161",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html"
        },
        {
          "name": "IV72246",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV72246"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2015-1914",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM Java 7 R1 before SR3, 7 before SR9, 6 R1 before SR8 FP4, 6 before SR16 FP4, and 5.0 before SR16 FP10 allows remote attackers to bypass \"permission checks\" and obtain sensitive information via vectors related to the Java Virtual Machine."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2015:1007",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-1007.html"
            },
            {
              "name": "IV72245",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV72245"
            },
            {
              "name": "RHSA-2015:1006",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-1006.html"
            },
            {
              "name": "RHSA-2015:1091",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-1091.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21883640",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883640"
            },
            {
              "name": "SUSE-SU-2015:1138",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html"
            },
            {
              "name": "RHSA-2015:1020",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-1020.html"
            },
            {
              "name": "SUSE-SU-2015:1086",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html"
            },
            {
              "name": "74645",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/74645"
            },
            {
              "name": "SUSE-SU-2015:1085",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html"
            },
            {
              "name": "RHSA-2015:1021",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-1021.html"
            },
            {
              "name": "SUSE-SU-2015:1073",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html"
            },
            {
              "name": "SUSE-SU-2015:1161",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html"
            },
            {
              "name": "IV72246",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV72246"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2015-1914",
    "datePublished": "2015-07-02T21:16:00",
    "dateReserved": "2015-02-19T00:00:00",
    "dateUpdated": "2024-08-06T04:54:16.525Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2015-0192 (GCVE-0-2015-0192)

Vulnerability from cvelistv5

Published

2015-07-02 21:16

Modified

2024-08-06 04:03

Severity ?

CWE

Summary

Unspecified vulnerability in IBM Java 8 before SR1, 7 R1 before SR2 FP11, 7 before SR9, 6 R1 before SR8 FP4, 6 before SR16 FP4, and 5.0 before SR16 FP10 allows remote attackers to gain privileges via unknown vectors related to the Java Virtual Machine.

References

►

URL

Tags

	http://rhn.redhat.com/errata/RHSA-2015-1007.html	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2015-1006.html	vendor-advisory, x_refsource_REDHAT
	http://www-01.ibm.com/support/docview.wss?uid=swg1IV70683	vendor-advisory, x_refsource_AIXAPAR
	http://rhn.redhat.com/errata/RHSA-2015-1091.html	vendor-advisory, x_refsource_REDHAT
	http://www-01.ibm.com/support/docview.wss?uid=swg21883640	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html	vendor-advisory, x_refsource_SUSE
	http://rhn.redhat.com/errata/RHSA-2015-1020.html	vendor-advisory, x_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html	vendor-advisory, x_refsource_SUSE
	http://www-01.ibm.com/support/docview.wss?uid=swg1IV70682	vendor-advisory, x_refsource_AIXAPAR
	http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html	vendor-advisory, x_refsource_SUSE
	http://rhn.redhat.com/errata/RHSA-2015-1021.html	vendor-advisory, x_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html	vendor-advisory, x_refsource_SUSE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T04:03:10.540Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2015:1007",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1007.html"
          },
          {
            "name": "RHSA-2015:1006",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1006.html"
          },
          {
            "name": "IV70683",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV70683"
          },
          {
            "name": "RHSA-2015:1091",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1091.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883640"
          },
          {
            "name": "SUSE-SU-2015:1138",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html"
          },
          {
            "name": "RHSA-2015:1020",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1020.html"
          },
          {
            "name": "SUSE-SU-2015:1086",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html"
          },
          {
            "name": "IV70682",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV70682"
          },
          {
            "name": "SUSE-SU-2015:1085",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html"
          },
          {
            "name": "RHSA-2015:1021",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1021.html"
          },
          {
            "name": "SUSE-SU-2015:1073",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html"
          },
          {
            "name": "SUSE-SU-2015:1161",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-05-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in IBM Java 8 before SR1, 7 R1 before SR2 FP11, 7 before SR9, 6 R1 before SR8 FP4, 6 before SR16 FP4, and 5.0 before SR16 FP10 allows remote attackers to gain privileges via unknown vectors related to the Java Virtual Machine."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-23T18:57:01",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "name": "RHSA-2015:1007",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1007.html"
        },
        {
          "name": "RHSA-2015:1006",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1006.html"
        },
        {
          "name": "IV70683",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV70683"
        },
        {
          "name": "RHSA-2015:1091",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1091.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883640"
        },
        {
          "name": "SUSE-SU-2015:1138",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html"
        },
        {
          "name": "RHSA-2015:1020",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1020.html"
        },
        {
          "name": "SUSE-SU-2015:1086",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html"
        },
        {
          "name": "IV70682",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV70682"
        },
        {
          "name": "SUSE-SU-2015:1085",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html"
        },
        {
          "name": "RHSA-2015:1021",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1021.html"
        },
        {
          "name": "SUSE-SU-2015:1073",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html"
        },
        {
          "name": "SUSE-SU-2015:1161",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@us.ibm.com",
          "ID": "CVE-2015-0192",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in IBM Java 8 before SR1, 7 R1 before SR2 FP11, 7 before SR9, 6 R1 before SR8 FP4, 6 before SR16 FP4, and 5.0 before SR16 FP10 allows remote attackers to gain privileges via unknown vectors related to the Java Virtual Machine."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2015:1007",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-1007.html"
            },
            {
              "name": "RHSA-2015:1006",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-1006.html"
            },
            {
              "name": "IV70683",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV70683"
            },
            {
              "name": "RHSA-2015:1091",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-1091.html"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21883640",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883640"
            },
            {
              "name": "SUSE-SU-2015:1138",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html"
            },
            {
              "name": "RHSA-2015:1020",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-1020.html"
            },
            {
              "name": "SUSE-SU-2015:1086",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html"
            },
            {
              "name": "IV70682",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV70682"
            },
            {
              "name": "SUSE-SU-2015:1085",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html"
            },
            {
              "name": "RHSA-2015:1021",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-1021.html"
            },
            {
              "name": "SUSE-SU-2015:1073",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html"
            },
            {
              "name": "SUSE-SU-2015:1161",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2015-0192",
    "datePublished": "2015-07-02T21:16:00",
    "dateReserved": "2014-11-18T00:00:00",
    "dateUpdated": "2024-08-06T04:03:10.540Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2015-2808 (GCVE-0-2015-2808)

Vulnerability from cvelistv5

Published

2015-04-01 00:00

Modified

2024-08-06 05:24

Severity ?

CWE

Summary

The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the "Bar Mitzvah" issue.

References

►

URL

Tags

	http://marc.info/?l=bugtraq&m=143818140118771&w=2	vendor-advisory
	http://rhn.redhat.com/errata/RHSA-2015-1243.html	vendor-advisory
	http://rhn.redhat.com/errata/RHSA-2015-1007.html	vendor-advisory
	http://marc.info/?l=bugtraq&m=143817899717054&w=2	vendor-advisory
	http://marc.info/?l=bugtraq&m=144493176821532&w=2	vendor-advisory
	http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
	http://rhn.redhat.com/errata/RHSA-2015-1006.html	vendor-advisory
	https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773256
	https://kb.juniper.net/JSA10783
	http://www.securitytracker.com/id/1033737	vdb-entry
	http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html	vendor-advisory
	http://marc.info/?l=bugtraq&m=144060576831314&w=2	vendor-advisory
	http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
	http://www.securitytracker.com/id/1036222	vdb-entry
	http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04779034
	http://marc.info/?l=bugtraq&m=143817899717054&w=2	vendor-advisory
	http://www-304.ibm.com/support/docview.wss?uid=swg21960769
	https://security.gentoo.org/glsa/201512-10	vendor-advisory
	http://rhn.redhat.com/errata/RHSA-2015-1229.html	vendor-advisory
	https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04708650
	http://www.securitytracker.com/id/1032600	vdb-entry
	http://www.securitytracker.com/id/1032910	vdb-entry
	http://www.ubuntu.com/usn/USN-2706-1	vendor-advisory
	http://rhn.redhat.com/errata/RHSA-2015-1526.html	vendor-advisory
	http://marc.info/?l=bugtraq&m=143817021313142&w=2	vendor-advisory
	http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
	http://www.securitytracker.com/id/1032599	vdb-entry
	http://marc.info/?l=bugtraq&m=144104533800819&w=2	vendor-advisory
	http://www-304.ibm.com/support/docview.wss?uid=swg21903565
	https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04772190
	https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04711380
	https://kc.mcafee.com/corporate/index?page=content&id=SB10163
	http://marc.info/?l=bugtraq&m=144043644216842&w=2	vendor-advisory
	http://www.securitytracker.com/id/1032734	vdb-entry
	http://www-01.ibm.com/support/docview.wss?uid=swg1IV71892	vendor-advisory
	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05193347
	http://www.securitytracker.com/id/1033769	vdb-entry
	http://www.securitytracker.com/id/1032707	vdb-entry
	http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html	vendor-advisory
	http://marc.info/?l=bugtraq&m=143817021313142&w=2	vendor-advisory
	http://rhn.redhat.com/errata/RHSA-2015-1091.html	vendor-advisory
	http://marc.info/?l=bugtraq&m=144069189622016&w=2	vendor-advisory
	http://www-01.ibm.com/support/docview.wss?uid=swg1IV71888	vendor-advisory
	http://rhn.redhat.com/errata/RHSA-2015-1228.html	vendor-advisory
	http://marc.info/?l=bugtraq&m=144060606031437&w=2	vendor-advisory
	http://www.securitytracker.com/id/1032708	vdb-entry
	http://www.huawei.com/en/psirt/security-advisories/hw-454055
	http://www.debian.org/security/2015/dsa-3316	vendor-advisory
	http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html	vendor-advisory
	http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
	http://www.securitytracker.com/id/1033415	vdb-entry
	https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246
	http://marc.info/?l=bugtraq&m=143818140118771&w=2	vendor-advisory
	https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098709
	http://marc.info/?l=bugtraq&m=144104565600964&w=2	vendor-advisory
	http://marc.info/?l=bugtraq&m=144493176821532&w=2	vendor-advisory
	http://www-01.ibm.com/support/docview.wss?uid=swg21883640
	http://marc.info/?l=bugtraq&m=144102017024820&w=2	vendor-advisory
	http://www.securitytracker.com/id/1033432	vdb-entry
	http://marc.info/?l=bugtraq&m=143629696317098&w=2	vendor-advisory
	http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html	vendor-advisory
	http://www.securitytracker.com/id/1032858	vdb-entry
	https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04687922	vendor-advisory
	http://www.securitytracker.com/id/1032788	vdb-entry
	http://www.ubuntu.com/usn/USN-2696-1	vendor-advisory
	https://www.blackhat.com/docs/asia-15/materials/asia-15-Mantin-Bar-Mitzvah-Attack-Breaking-SSL-With-13-Year-Old-RC4-Weakness-wp.pdf
	http://www.debian.org/security/2015/dsa-3339	vendor-advisory
	http://rhn.redhat.com/errata/RHSA-2015-1020.html	vendor-advisory
	http://rhn.redhat.com/errata/RHSA-2015-1242.html	vendor-advisory
	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10727
	https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773241
	http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html	vendor-advisory
	http://www.securitytracker.com/id/1033431	vdb-entry
	http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-454055.htm
	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05085988
	http://www.securitytracker.com/id/1032868	vdb-entry
	http://marc.info/?l=bugtraq&m=144059703728085&w=2	vendor-advisory
	http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
	http://www.securityfocus.com/bid/91787	vdb-entry
	http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html	vendor-advisory
	http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html	vendor-advisory
	http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html	vendor-advisory
	http://rhn.redhat.com/errata/RHSA-2015-1241.html	vendor-advisory
	https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04770140
	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
	http://rhn.redhat.com/errata/RHSA-2015-1230.html	vendor-advisory
	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05336888
	http://marc.info/?l=bugtraq&m=143456209711959&w=2	vendor-advisory
	http://www.securitytracker.com/id/1033386	vdb-entry
	http://marc.info/?l=bugtraq&m=143741441012338&w=2	vendor-advisory
	http://www.securitytracker.com/id/1033072	vdb-entry
	http://marc.info/?l=bugtraq&m=143741441012338&w=2	vendor-advisory
	https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789
	http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html	vendor-advisory
	https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773119
	http://rhn.redhat.com/errata/RHSA-2015-1021.html	vendor-advisory
	http://www-304.ibm.com/support/docview.wss?uid=swg21960015
	http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html	vendor-advisory
	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289935
	http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html	vendor-advisory
	http://marc.info/?l=bugtraq&m=144059660127919&w=2	vendor-advisory
	http://www.securityfocus.com/bid/73684	vdb-entry
	http://www.securitytracker.com/id/1032990	vdb-entry
	http://www.securitytracker.com/id/1033071	vdb-entry
	http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html	vendor-advisory
	https://www.secpod.com/blog/cve-2015-2808-bar-mitzvah-attack-in-rc4-2/

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T05:24:38.828Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "SSRT102127",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=143818140118771\u0026w=2"
          },
          {
            "name": "RHSA-2015:1243",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1243.html"
          },
          {
            "name": "RHSA-2015:1007",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1007.html"
          },
          {
            "name": "HPSBGN03367",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=143817899717054\u0026w=2"
          },
          {
            "name": "HPSBUX03512",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=144493176821532\u0026w=2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
          },
          {
            "name": "RHSA-2015:1006",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1006.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773256"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://kb.juniper.net/JSA10783"
          },
          {
            "name": "1033737",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1033737"
          },
          {
            "name": "SUSE-SU-2015:2192",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html"
          },
          {
            "name": "HPSBGN03399",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=144060576831314\u0026w=2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
          },
          {
            "name": "1036222",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1036222"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04779034"
          },
          {
            "name": "SSRT102129",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=143817899717054\u0026w=2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960769"
          },
          {
            "name": "GLSA-201512-10",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201512-10"
          },
          {
            "name": "RHSA-2015:1229",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1229.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04708650"
          },
          {
            "name": "1032600",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1032600"
          },
          {
            "name": "1032910",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1032910"
          },
          {
            "name": "USN-2706-1",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2706-1"
          },
          {
            "name": "RHSA-2015:1526",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1526.html"
          },
          {
            "name": "SSRT102133",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=143817021313142\u0026w=2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
          },
          {
            "name": "1032599",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1032599"
          },
          {
            "name": "HPSBMU03401",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=144104533800819\u0026w=2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www-304.ibm.com/support/docview.wss?uid=swg21903565"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04772190"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04711380"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10163"
          },
          {
            "name": "HPSBMU03345",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=144043644216842\u0026w=2"
          },
          {
            "name": "1032734",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1032734"
          },
          {
            "name": "IV71892",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV71892"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05193347"
          },
          {
            "name": "1033769",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1033769"
          },
          {
            "name": "1032707",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1032707"
          },
          {
            "name": "openSUSE-SU-2015:1289",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html"
          },
          {
            "name": "HPSBGN03372",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=143817021313142\u0026w=2"
          },
          {
            "name": "RHSA-2015:1091",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1091.html"
          },
          {
            "name": "HPSBGN03402",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=144069189622016\u0026w=2"
          },
          {
            "name": "IV71888",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV71888"
          },
          {
            "name": "RHSA-2015:1228",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1228.html"
          },
          {
            "name": "HPSBGN03405",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=144060606031437\u0026w=2"
          },
          {
            "name": "1032708",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1032708"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.huawei.com/en/psirt/security-advisories/hw-454055"
          },
          {
            "name": "DSA-3316",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2015/dsa-3316"
          },
          {
            "name": "SUSE-SU-2015:2166",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
          },
          {
            "name": "1033415",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1033415"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246"
          },
          {
            "name": "HPSBGN03366",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=143818140118771\u0026w=2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098709"
          },
          {
            "name": "HPSBGN03403",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=144104565600964\u0026w=2"
          },
          {
            "name": "SSRT102254",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=144493176821532\u0026w=2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883640"
          },
          {
            "name": "HPSBGN03407",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=144102017024820\u0026w=2"
          },
          {
            "name": "1033432",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1033432"
          },
          {
            "name": "HPSBGN03354",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=143629696317098\u0026w=2"
          },
          {
            "name": "SUSE-SU-2015:1138",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html"
          },
          {
            "name": "1032858",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1032858"
          },
          {
            "name": "SSRT102073",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04687922"
          },
          {
            "name": "1032788",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1032788"
          },
          {
            "name": "USN-2696-1",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2696-1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.blackhat.com/docs/asia-15/materials/asia-15-Mantin-Bar-Mitzvah-Attack-Breaking-SSL-With-13-Year-Old-RC4-Weakness-wp.pdf"
          },
          {
            "name": "DSA-3339",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2015/dsa-3339"
          },
          {
            "name": "RHSA-2015:1020",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1020.html"
          },
          {
            "name": "RHSA-2015:1242",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1242.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10727"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773241"
          },
          {
            "name": "SUSE-SU-2015:1086",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html"
          },
          {
            "name": "1033431",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1033431"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-454055.htm"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05085988"
          },
          {
            "name": "1032868",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1032868"
          },
          {
            "name": "HPSBGN03415",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=144059703728085\u0026w=2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
          },
          {
            "name": "91787",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/91787"
          },
          {
            "name": "SUSE-SU-2015:1319",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html"
          },
          {
            "name": "SUSE-SU-2015:1320",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html"
          },
          {
            "name": "openSUSE-SU-2015:1288",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html"
          },
          {
            "name": "RHSA-2015:1241",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1241.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04770140"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
          },
          {
            "name": "RHSA-2015:1230",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1230.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05336888"
          },
          {
            "name": "HPSBGN03338",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=143456209711959\u0026w=2"
          },
          {
            "name": "1033386",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1033386"
          },
          {
            "name": "HPSBMU03377",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=143741441012338\u0026w=2"
          },
          {
            "name": "1033072",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1033072"
          },
          {
            "name": "SSRT102150",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=143741441012338\u0026w=2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789"
          },
          {
            "name": "SUSE-SU-2015:1085",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773119"
          },
          {
            "name": "RHSA-2015:1021",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1021.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960015"
          },
          {
            "name": "SUSE-SU-2015:1073",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289935"
          },
          {
            "name": "SUSE-SU-2015:1161",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html"
          },
          {
            "name": "HPSBGN03414",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=144059660127919\u0026w=2"
          },
          {
            "name": "73684",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/73684"
          },
          {
            "name": "1032990",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1032990"
          },
          {
            "name": "1033071",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1033071"
          },
          {
            "name": "SUSE-SU-2016:0113",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.secpod.com/blog/cve-2015-2808-bar-mitzvah-attack-in-rc4-2/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-03-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the \"Bar Mitzvah\" issue."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-09-07T16:46:59.848306",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "SSRT102127",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=143818140118771\u0026w=2"
        },
        {
          "name": "RHSA-2015:1243",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1243.html"
        },
        {
          "name": "RHSA-2015:1007",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1007.html"
        },
        {
          "name": "HPSBGN03367",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=143817899717054\u0026w=2"
        },
        {
          "name": "HPSBUX03512",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=144493176821532\u0026w=2"
        },
        {
          "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"
        },
        {
          "name": "RHSA-2015:1006",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1006.html"
        },
        {
          "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773256"
        },
        {
          "url": "https://kb.juniper.net/JSA10783"
        },
        {
          "name": "1033737",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securitytracker.com/id/1033737"
        },
        {
          "name": "SUSE-SU-2015:2192",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html"
        },
        {
          "name": "HPSBGN03399",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=144060576831314\u0026w=2"
        },
        {
          "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
        },
        {
          "name": "1036222",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securitytracker.com/id/1036222"
        },
        {
          "url": "http://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04779034"
        },
        {
          "name": "SSRT102129",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=143817899717054\u0026w=2"
        },
        {
          "url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960769"
        },
        {
          "name": "GLSA-201512-10",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.gentoo.org/glsa/201512-10"
        },
        {
          "name": "RHSA-2015:1229",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1229.html"
        },
        {
          "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04708650"
        },
        {
          "name": "1032600",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securitytracker.com/id/1032600"
        },
        {
          "name": "1032910",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securitytracker.com/id/1032910"
        },
        {
          "name": "USN-2706-1",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2706-1"
        },
        {
          "name": "RHSA-2015:1526",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1526.html"
        },
        {
          "name": "SSRT102133",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=143817021313142\u0026w=2"
        },
        {
          "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
        },
        {
          "name": "1032599",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securitytracker.com/id/1032599"
        },
        {
          "name": "HPSBMU03401",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=144104533800819\u0026w=2"
        },
        {
          "url": "http://www-304.ibm.com/support/docview.wss?uid=swg21903565"
        },
        {
          "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04772190"
        },
        {
          "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04711380"
        },
        {
          "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10163"
        },
        {
          "name": "HPSBMU03345",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=144043644216842\u0026w=2"
        },
        {
          "name": "1032734",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securitytracker.com/id/1032734"
        },
        {
          "name": "IV71892",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV71892"
        },
        {
          "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05193347"
        },
        {
          "name": "1033769",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securitytracker.com/id/1033769"
        },
        {
          "name": "1032707",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securitytracker.com/id/1032707"
        },
        {
          "name": "openSUSE-SU-2015:1289",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html"
        },
        {
          "name": "HPSBGN03372",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=143817021313142\u0026w=2"
        },
        {
          "name": "RHSA-2015:1091",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1091.html"
        },
        {
          "name": "HPSBGN03402",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=144069189622016\u0026w=2"
        },
        {
          "name": "IV71888",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IV71888"
        },
        {
          "name": "RHSA-2015:1228",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1228.html"
        },
        {
          "name": "HPSBGN03405",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=144060606031437\u0026w=2"
        },
        {
          "name": "1032708",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securitytracker.com/id/1032708"
        },
        {
          "url": "http://www.huawei.com/en/psirt/security-advisories/hw-454055"
        },
        {
          "name": "DSA-3316",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://www.debian.org/security/2015/dsa-3316"
        },
        {
          "name": "SUSE-SU-2015:2166",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html"
        },
        {
          "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
        },
        {
          "name": "1033415",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securitytracker.com/id/1033415"
        },
        {
          "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04832246"
        },
        {
          "name": "HPSBGN03366",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=143818140118771\u0026w=2"
        },
        {
          "url": "https://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5098709"
        },
        {
          "name": "HPSBGN03403",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=144104565600964\u0026w=2"
        },
        {
          "name": "SSRT102254",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=144493176821532\u0026w=2"
        },
        {
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21883640"
        },
        {
          "name": "HPSBGN03407",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=144102017024820\u0026w=2"
        },
        {
          "name": "1033432",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securitytracker.com/id/1033432"
        },
        {
          "name": "HPSBGN03354",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=143629696317098\u0026w=2"
        },
        {
          "name": "SUSE-SU-2015:1138",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html"
        },
        {
          "name": "1032858",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securitytracker.com/id/1032858"
        },
        {
          "name": "SSRT102073",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04687922"
        },
        {
          "name": "1032788",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securitytracker.com/id/1032788"
        },
        {
          "name": "USN-2696-1",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2696-1"
        },
        {
          "url": "https://www.blackhat.com/docs/asia-15/materials/asia-15-Mantin-Bar-Mitzvah-Attack-Breaking-SSL-With-13-Year-Old-RC4-Weakness-wp.pdf"
        },
        {
          "name": "DSA-3339",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://www.debian.org/security/2015/dsa-3339"
        },
        {
          "name": "RHSA-2015:1020",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1020.html"
        },
        {
          "name": "RHSA-2015:1242",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1242.html"
        },
        {
          "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10727"
        },
        {
          "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773241"
        },
        {
          "name": "SUSE-SU-2015:1086",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html"
        },
        {
          "name": "1033431",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securitytracker.com/id/1033431"
        },
        {
          "url": "http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-454055.htm"
        },
        {
          "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05085988"
        },
        {
          "name": "1032868",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securitytracker.com/id/1032868"
        },
        {
          "name": "HPSBGN03415",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=144059703728085\u0026w=2"
        },
        {
          "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"
        },
        {
          "name": "91787",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securityfocus.com/bid/91787"
        },
        {
          "name": "SUSE-SU-2015:1319",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html"
        },
        {
          "name": "SUSE-SU-2015:1320",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html"
        },
        {
          "name": "openSUSE-SU-2015:1288",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html"
        },
        {
          "name": "RHSA-2015:1241",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1241.html"
        },
        {
          "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04770140"
        },
        {
          "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
        },
        {
          "name": "RHSA-2015:1230",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1230.html"
        },
        {
          "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05336888"
        },
        {
          "name": "HPSBGN03338",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=143456209711959\u0026w=2"
        },
        {
          "name": "1033386",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securitytracker.com/id/1033386"
        },
        {
          "name": "HPSBMU03377",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=143741441012338\u0026w=2"
        },
        {
          "name": "1033072",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securitytracker.com/id/1033072"
        },
        {
          "name": "SSRT102150",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=143741441012338\u0026w=2"
        },
        {
          "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04926789"
        },
        {
          "name": "SUSE-SU-2015:1085",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html"
        },
        {
          "url": "https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04773119"
        },
        {
          "name": "RHSA-2015:1021",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-1021.html"
        },
        {
          "url": "http://www-304.ibm.com/support/docview.wss?uid=swg21960015"
        },
        {
          "name": "SUSE-SU-2015:1073",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html"
        },
        {
          "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289935"
        },
        {
          "name": "SUSE-SU-2015:1161",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html"
        },
        {
          "name": "HPSBGN03414",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=144059660127919\u0026w=2"
        },
        {
          "name": "73684",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securityfocus.com/bid/73684"
        },
        {
          "name": "1032990",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securitytracker.com/id/1032990"
        },
        {
          "name": "1033071",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securitytracker.com/id/1033071"
        },
        {
          "name": "SUSE-SU-2016:0113",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html"
        },
        {
          "url": "https://www.secpod.com/blog/cve-2015-2808-bar-mitzvah-attack-in-rc4-2/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2015-2808",
    "datePublished": "2015-04-01T00:00:00",
    "dateReserved": "2015-03-31T00:00:00",
    "dateUpdated": "2024-08-06T05:24:38.828Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

suse-su-2015:1073-1

Vulnerability from csaf_suse

CVE-2015-0138 (GCVE-0-2015-0138)

Vulnerability from cvelistv5

CVE-2015-1914 (GCVE-0-2015-1914)

Vulnerability from cvelistv5

CVE-2015-0192 (GCVE-0-2015-0192)

Vulnerability from cvelistv5

CVE-2015-2808 (GCVE-0-2015-2808)

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature