VDB
RHSA-2015%3A1485
RHSA-2015%3A1485
PUBLISHED
CVSS 3.700000047683716 LOW
Updated java-1.7.1-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 6 and 7 Supplementary. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
Risk Scores
CVSS 3.1
3.700000047683716
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat Enterprise Linux Server Supplementary (v. 6) | ||
| java | ||
| Red Hat Enterprise Linux Client Supplementary (v. 7) | ||
| Red Hat Enterprise Linux Server Supplementary (v. 7) | ||
| Red Hat Enterprise Linux Workstation Supplementary (v. 6) | ||
| Red Hat Enterprise Linux ComputeNode Supplementary (v. 7) | ||
| Red Hat Enterprise Linux Workstation Supplementary (v. 7) | ||
| Red Hat Enterprise Linux Desktop Supplementary (v. 6) | ||
| Red Hat Enterprise Linux HPC Node Supplementary (v. 6) |
Exploit Intelligence
- ✨ HAProxy ve Keepalived konusunu load balancer ve cluster'a ek olarak güvenlik(zayıf SSL/Kripto Kullanımı (LOGJAM) (CVE-2015-4000) zafiyeti önlemi) ve yüksek yüklere karşı ele alır. (github-poc-repo)
- ✨ HAProxy ve Keepalived konusunu load balancer ve cluster'a ek olarak güvenlik(zayıf SSL/Kripto Kullanımı (LOGJAM) (CVE-2015-4000) zafiyeti önlemi) ve yüksek yüklere karşı ele alır. (github-poc-repo)
- ✨ HAProxy ve Keepalived konusunu load balancer ve cluster'a ek olarak güvenlik(zayıf SSL/Kripto Kullanımı (LOGJAM) (CVE-2015-4000) zafiyeti önlemi) ve yüksek yüklere karşı ele alır. (github-poc-repo)
- A2SV = Auto Scanning to SSL Vulnerability HeartBleed, CCS Injection, SSLv3 POODLE, FREAK... etc Support Vulnerability [CVE-2007-1858] Anonymous Cipher [CVE-2012-4929] CRIME(SPDY) [CVE-2014-0160] CCS Injection [CVE-2014-0224] HeartBleed [CVE-2014-3566] SSLv3 POODLE [CVE-2015-0204] FREAK Attack [CVE-2015-4000] LOGJAM Attack [CVE-2016-0800] SSLv2 DROWN Installation : $ apt update && apt upgrade $ apt install git $ apt install python2 $ apt install python $ git clone https://github.com/hahwul/ a2... (github-poc-repo)
- A2SV = Auto Scanning to SSL Vulnerability HeartBleed, CCS Injection, SSLv3 POODLE, FREAK... etc Support Vulnerability [CVE-2007-1858] Anonymous Cipher [CVE-2012-4929] CRIME(SPDY) [CVE-2014-0160] CCS Injection [CVE-2014-0224] HeartBleed [CVE-2014-3566] SSLv3 POODLE [CVE-2015-0204] FREAK Attack [CVE-2015-4000] LOGJAM Attack [CVE-2016-0800] SSLv2 DROWN Installation : $ apt update && apt upgrade $ apt install git $ apt install python2 $ apt install python $ git clone https://github.com/hahwul/ a2... (github-poc-repo)
- A2SV = Auto Scanning to SSL Vulnerability HeartBleed, CCS Injection, SSLv3 POODLE, FREAK... etc Support Vulnerability [CVE-2007-1858] Anonymous Cipher [CVE-2012-4929] CRIME(SPDY) [CVE-2014-0160] CCS Injection [CVE-2014-0224] HeartBleed [CVE-2014-3566] SSLv3 POODLE [CVE-2015-0204] FREAK Attack [CVE-2015-4000] LOGJAM Attack [CVE-2016-0800] SSLv2 DROWN Installation : $ apt update && apt upgrade $ apt install git $ apt install python2 $ apt install python $ git clone https://github.com/hahwul/ a2... (github-poc-repo)
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog (redhat)
- ✨ HAProxy ve Keepalived konusunu load balancer ve cluster'a ek olarak güvenlik(zayıf SSL/Kripto Kullanımı (LOGJAM) (CVE-2015-4000) zafiyeti önlemi) ve yüksek yüklere karşı ele alır. (github-poc)
- https://bugzilla.redhat.com/show_bug.cgi?id=1243290 (circl)
- https://bugzilla.redhat.com/show_bug.cgi?id=1241965 (circl)
…and 36 more exploits
Timeline
- Jul 22, 2015 CVE Published
- Apr 30, 2017 PoC Published
- Nov 14, 2024 CVE Updated
- Apr 11, 2025 PoC Published
- Apr 3, 2026 Distribution Patch
- Apr 3, 2026 Distribution Patch
- Apr 3, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
References
- https://access.redhat.com/errata/RHSA-2015:1485 advisory
- https://access.redhat.com/security/updates/classification/#critical url
- http://www.ibm.com/developerworks/java/jdk/alerts/ url
- https://bugzilla.redhat.com/show_bug.cgi?id=1223211#c33 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1223211 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1241965 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1242019 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1242234 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1242240 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1242275 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1242281 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1242372 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1242379 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1242394 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1242447 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1242456 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1243139 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1243283 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1243284 url
- https://bugzilla.redhat.com/show_bug.cgi?id=1243286 url
…and 5 more