Attacker Value
Unknown
CVE-2015-4902
Attacker Value
Unknown
(1 user assessed)
Exploitability
Unknown
(1 user assessed)User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
MITRE ATT&CK
Log in to add MITRE ATT&CK tag
Add MITRE ATT&CK tactics and techniques that apply to this CVE.
Description
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60 allows remote attackers to affect integrity via unknown vectors related to Deployment.
Add Assessment
1
Technical Analysis
Reported as exploited in the wild as part of Google’s 2020 0day vulnerability spreadsheet they made available at https://docs.google.com/spreadsheets/d/1lkNJ0uQwbeC1ZTRrxdtuPLCIl7mlUreoKfSIgajnSyY/edit#gid=1869060786. Original tweet announcing this spreadsheet with the 2020 findings can be found at https://twitter.com/maddiestone/status/1329837665378725888
CVSS V3 Severity and Metrics
Data provided by the National Vulnerability Database (NVD)
Base Score:
None
Impact Score:
Unknown
Exploitability Score:
Unknown
Attack Vector (AV):
Unknown
Attack Complexity (AC):
Unknown
Privileges Required (PR):
Unknown
User Interaction (UI):
Unknown
Scope (S):
Unknown
Confidentiality (C):
Unknown
Integrity (I):
Unknown
Availability (A):
Unknown
General Information
Products
- enterprise linux desktop 5.0
- enterprise linux desktop 6.0
- enterprise linux desktop 7.0
- enterprise linux eus 6.7
- enterprise linux eus 7.2
- enterprise linux eus 7.3
- enterprise linux eus 7.4
- enterprise linux eus 7.5
- enterprise linux eus compute node 7.2
- enterprise linux eus compute node 7.3
- enterprise linux for ibm z systems 5.0 s390x
- enterprise linux for ibm z systems 6.0 s390x
- enterprise linux for ibm z systems 7.0 s390x
- enterprise linux for ibm z systems eus 6.7 s390x
- enterprise linux for ibm z systems eus 7.2 s390x
- enterprise linux for ibm z systems eus 7.3 s390x
- enterprise linux for ibm z systems eus 7.4 s390x
- enterprise linux for ibm z systems eus 7.5 s390x
- enterprise linux for power big endian 5.0 ppc
- enterprise linux for power big endian 6.0 ppc64
- enterprise linux for power big endian 7.0 ppc64
- enterprise linux for power big endian eus 6.7 ppc64
- enterprise linux for power big endian eus 7.2 ppc64
- enterprise linux for power big endian eus 7.3 ppc64
- enterprise linux for power big endian eus 7.4 ppc64
- enterprise linux for power big endian eus 7.5 ppc64
- enterprise linux for power little endian 7.0 ppc64le
- enterprise linux for power little endian eus 7.2 ppc64le
- enterprise linux for power little endian eus 7.3 ppc64le
- enterprise linux for power little endian eus 7.4 ppc64le
- enterprise linux for power little endian eus 7.5 ppc64le
- enterprise linux for scientific computing 6.0
- enterprise linux for scientific computing 7.0
- enterprise linux server 5.0
- enterprise linux server 6.0
- enterprise linux server 7.0
- enterprise linux server from rhui 5.0
- enterprise linux server from rhui 6.0
- enterprise linux server from rhui 7.0
- enterprise linux workstation 5.0
- enterprise linux workstation 6.0
- enterprise linux workstation 7.0
- jdk 1.6.0
- jdk 1.7.0
- jdk 1.8.0
- jre 1.6.0
- jre 1.7.0
- jre 1.8.0
- leap 42.1
- linux enterprise module for legacy 12
- linux enterprise server 10
- linux enterprise server 11
- linux enterprise server 12
- linux enterprise software development kit 11
- linux enterprise software development kit 12
- opensuse 13.2
- satellite 5.6
- satellite 5.7
Exploited in the Wild
References
Advisory
