10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.048 Low
EPSS
Percentile
91.9%
Update the bundled version of java to a version >= 1.8u71 (1.8 update 71), which fixes many security issues (http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixJAVA).
Included in the security fixes is a fix for CVE-2016-0483 “An out-of-bounds write flaw was found in the JPEG image format decoder in the AWT component in OpenJDK. A specially crafted JPEG image could cause a Java application to crash or, possibly execute arbitrary code. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions”.
CPE | Name | Operator | Version |
---|---|---|---|
jira server and data center | le | 7.0.9 | |
jira server and data center | lt | 7.1.2 |