CVE-2006-0615

Name: CVE-2006-0615
Creator: NVD / NIST
Published: 2006-02-09T02:02:00+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 5.33%

Last modified Jun 16, 2026

CVE-2006-0615 is a vulnerability of currently unknown severity. Multiple unspecified vulnerabilities in Sun Java JDK and JRE 5.0 Update 4 and earlier, SDK and JRE 1.4.x through 1.4.2_09 allow remote attackers to bypass Java sandbox security and obtain privileges via unspecified vectors involving the reflection APIs, aka the "second and third issues.". EPSS estimates a 5.33% chance of exploitation in the next 30 days.

Description

Multiple unspecified vulnerabilities in Sun Java JDK and JRE 5.0 Update 4 and earlier, SDK and JRE 1.4.x through 1.4.2_09 allow remote attackers to bypass Java sandbox security and obtain privileges via unspecified vectors involving the reflection APIs, aka the "second and third issues."

Metrics

EPSS Probability

5.33%

91.6th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

Vendor	Product	Versions
Sun	Jdk	1.5.0
Sun	Jre	1.4.2
Sun	Jre	1.4.2_1
Sun	Jre	1.4.2_2
Sun	Jre	1.4.2_3
Sun	Jre	1.4.2_4
Sun	Jre	1.4.2_5
Sun	Jre	1.4.2_6
Sun	Jre	1.4.2_7
Sun	Jre	1.4.2_8
Sun	Jre	1.4.2_9
Sun	Jre	1.5.0
Sun	Sdk	1.4.2
Sun	Sdk	1.4.2_1
Sun	Sdk	1.4.2_2
Sun	Sdk	1.4.2_3
Sun	Sdk	1.4.2_4
Sun	Sdk	1.4.2_5
Sun	Sdk	1.4.2_6
Sun	Sdk	1.4.2_7
Sun	Sdk	1.4.2_8
Sun	Sdk	1.4.2_9

References

http://docs.info.apple.com/article.html?artnum=303658Broken Link
http://secunia.com/advisories/18760Patch, Third Party Advisory
http://secunia.com/advisories/18884Third Party Advisory
http://securitytracker.com/id?1015596Third Party Advisory, VDB Entry
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102171-1Broken Link, Patch
http://www.gentoo.org/security/en/glsa/glsa-200602-07.xmlThird Party Advisory
http://www.kb.cert.org/vuls/id/759996Third Party Advisory, US Government Resource
http://www.vupen.com/english/advisories/2006/0467Permissions Required
http://www.vupen.com/english/advisories/2006/0828Permissions Required
http://www.vupen.com/english/advisories/2006/1398Permissions Required
https://exchange.xforce.ibmcloud.com/vulnerabilities/24561Third Party Advisory, VDB Entry
http://docs.info.apple.com/article.html?artnum=303658Broken Link
http://secunia.com/advisories/18760Patch, Third Party Advisory
http://secunia.com/advisories/18884Third Party Advisory
http://securitytracker.com/id?1015596Third Party Advisory, VDB Entry
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102171-1Broken Link, Patch
http://www.gentoo.org/security/en/glsa/glsa-200602-07.xmlThird Party Advisory
http://www.kb.cert.org/vuls/id/759996Third Party Advisory, US Government Resource
http://www.vupen.com/english/advisories/2006/0467Permissions Required
http://www.vupen.com/english/advisories/2006/0828Permissions Required
http://www.vupen.com/english/advisories/2006/1398Permissions Required
https://exchange.xforce.ibmcloud.com/vulnerabilities/24561Third Party Advisory, VDB Entry

Timeline

Published: Feb 9, 2006
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2006-0615?

How severe is CVE-2006-0615?

Severity scoring for CVE-2006-0615 is pending analysis. The EPSS model estimates a 5.33% probability of exploitation in the next 30 days.

How do I fix CVE-2006-0615?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2006-0615?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST