10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.049 Low
EPSS
Percentile
92.7%
Update the bundled version of java to a version >= 1.8u71 (1.8 update 71), which fixes many security issues (http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixJAVA).
Included in the security fixes is a fix for CVE-2016-0483 “An out-of-bounds write flaw was found in the JPEG image format decoder in the AWT component in OpenJDK. A specially crafted JPEG image could cause a Java application to crash or, possibly execute arbitrary code. An untrusted Java application or applet could use this flaw to bypass Java sandbox restrictions”.
Edit: updating to latest - 1.8.0_74
CPE | Name | Operator | Version |
---|---|---|---|
confluence data center | le | 5.9.4 | |
confluence data center | lt | 5.9.5 |