漏洞关键信息 CVE编号: CVE-2015-0395 CVSS 2.0 Base Score: 9.3 - Access Vector: Network - Access Complexity: Low - Confidentiality Impact: High - Integrity Impact: High - Availability Impact: High CVSS 2.0 Temporal Score: 6.9 - Exploitability: Unproven - Remediation Level: Official Fix - Report Confidence: Confirmed Consequences: Gain Access Remedy: Refer to Oracle Critical Patch Update Advisory - January 2015 for patch, upgrade or suggested workaround information. See References. For IBM products: Refer to the appropriate IBM Security Bulletin for patch, upgrade or suggested workaround information. See References. For other distributions: Apply the appropriate update for your system. Affected Products: - Oracle JDK 1.8.0 Update25 - Oracle JRE 1.8.0 Update25 - Oracle JDK 1.7.0 Update72 - Oracle JRE 1.7.0 Update72 Dependent Products: - IBM CICS Transaction Gateway 7.2 - IBM CICS Transaction Gateway 8.0 - IBM CICS Transaction Gateway 8.1 - IBM CICS Transaction Gateway 9.0 References: - BID-72142 - CVE-2015-0395 - RHSA-2015-0085 - RHSA-2015-0067