CVE-2016-0475

Published on: 01/20/2016 12:00:00 AM UTC

Last Modified on: 03/23/2021 11:27:13 PM UTC

AV:N/AC:M/Au:N/C:P/I:P/A:N

Certain versions of Jdk from Oracle contain the following vulnerability:

Unspecified vulnerability in the Java SE, Java SE Embedded, and JRockit components in Oracle Java SE 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries.

CVSS2 Score: 5.8 - MEDIUM

Access
Vector
Access
Complexity
Authentication
NETWORK MEDIUM NONE
Confidentiality
Impact
Integrity
Impact
Availability
Impact
PARTIAL PARTIAL NONE

CVE References

Description Tags Link
Oracle JRE/JDK: Multiple vulnerabilities (GLSA 201610-08) — Gentoo Security security.gentoo.org
text/html
URL Logo GENTOO GLSA-201610-08
Red Hat Customer Portal web.archive.org
text/html
Inactive LinkNot Archived
URL Logo REDHAT RHSA-2016:0050
Red Hat Customer Portal web.archive.org
text/html
Inactive LinkNot Archived
URL Logo REDHAT RHSA-2016:0055
[security-announce] SUSE-SU-2016:0256-1: critical: Security update for j lists.opensuse.org
text/html
URL Logo SUSE SUSE-SU-2016:0256
McAfee KnowledgeBase - Intel Security - Security Bulletin: ePolicy Orchestrator update fixes multiple Oracle Java vulnerabilities kc.mcafee.com
text/html
URL Logo CONFIRM kc.mcafee.com/corporate/index?page=content&id=SB10148
Oracle Linux Bulletin - January 2016 www.oracle.com
text/html
URL Logo CONFIRM www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
Oracle Java SE Multiple Flaws Let Local and Remote Users Gain Elevated Privileges, Access and Modify Data, and Deny Service - SecurityTracker Third Party Advisory
VDB Entry
www.securitytracker.com
text/html
URL Logo SECTRACK 1034715
Red Hat Customer Portal web.archive.org
text/html
Inactive LinkNot Archived
URL Logo REDHAT RHSA-2016:0049
Oracle Critical Patch Update - January 2016 Vendor Advisory
www.oracle.com
text/html
URL Logo CONFIRM www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
ApplicationOracleJdk1.8.0update66AllAll
ApplicationOracleJdk1.8.0update66AllAll
ApplicationOracleJre1.8.0update_66AllAll
ApplicationOracleJre1.8.0update_66AllAll
ApplicationOracleJrockitr28.3.8AllAllAll
ApplicationOracleJrockitr28.3.8AllAllAll
  • cpe:2.3:a:oracle:jdk:1.8.0:update66:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:jdk:1.8.0:update66:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:jre:1.8.0:update_66:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:jre:1.8.0:update_66:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:jrockit:r28.3.8:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:jrockit:r28.3.8:*:*:*:*:*:*:*: