CVE-2015-4842: Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to
infovulnerability
security
Summary
CVE-2015-4842 is a vulnerability in Oracle Java SE versions 6u101, 7u85, 8u60, and Java SE Embedded 8u51 that affects confidentiality (the protection of information from unauthorized access) through JAXP (Java API for XML Processing). The vulnerability can only be exploited in sandboxed Java Web Start applications and sandboxed Java applets (small programs run through a web browser in a restricted environment), making it limited to client-side Java deployments.
Vulnerability Details
CVSS Score
5
EPSS (30-day exploit probability)
EPSS: 3.1%
Classification
Attack SophisticationModerate
Impact (CIA+S)
confidentiality
Original source: https://nvd.nist.gov/vuln/detail/CVE-2015-4842
First tracked: February 15, 2026 at 08:43 PM
Classified by LLM (prompt v3) · confidence: 95%