CVE-2015-2590
CRITICAL KEVOracle Java SE <6u95, 7u80, 8u45 - Info Disclosure
Title source: llmExploitation Summary
CVE-2015-2590 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added March 3, 2022.
Description
Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2015-4732.
References (26)
Core 26
Core References
Third Party Advisory vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2015-1243.html
Patch, Vendor Advisory x_refsource_confirm
http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
Broken Link, Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/75818
Third Party Advisory vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2015-1229.html
Third Party Advisory vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2015-1526.html
Third Party Advisory vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2015-1485.html
Third Party Advisory vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2015-1544.html
Mailing List, Third Party Advisory vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html
Third Party Advisory vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2015-1228.html
Mailing List, Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2015/dsa-3316
Third Party Advisory vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2015-1486.html
Mailing List, Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2015/dsa-3339
Third Party Advisory vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2015-1242.html
Third Party Advisory vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2015-1488.html
Mailing List, Third Party Advisory vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html
Mailing List, Third Party Advisory vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html
Mailing List, Third Party Advisory vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html
Third Party Advisory vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2015-1241.html
Third Party Advisory vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2015-1230.html
Third Party Advisory vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2015-1604.html
Broken Link, Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1032910
Third Party Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2706-1
Third Party Advisory vendor-advisory
x_refsource_gentoo
https://security.gentoo.org/glsa/201603-11
Third Party Advisory vendor-advisory
x_refsource_gentoo
https://security.gentoo.org/glsa/201603-14
Third Party Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2696-1
Third Party Advisory, US Government Resource
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2015-2590
Scores
CVSS v3
9.8
EPSS
0.6662
EPSS Percentile
98.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
active
Automatable
yes
Technical Impact
total
Details
CISA KEV
2022-03-03
VulnCheck KEV
2015-07-14
InTheWild.io
2015-07-14
ENISA EUVD
EUVD-2015-2682
Status
published
Products (40)
canonical/ubuntu_linux
12.04
canonical/ubuntu_linux
14.04
canonical/ubuntu_linux
15.04
debian/debian_linux
7.0
debian/debian_linux
8.0
opensuse/opensuse
13.1
opensuse/opensuse
13.2
oracle/jdk
1.6.0 update95
oracle/jdk
1.7.0 update75 (2 CPE variants)
oracle/jdk
1.8.0 update_33 (3 CPE variants)
... and 30 more
Published
Jul 16, 2015
KEV Added
Mar 03, 2022
Tracked Since
Feb 18, 2026