[email protected]NVD:CVE-2016-3587

HistoryJul 21, 2016 - 10:14 a.m.

CVE-2016-3587

2016-07-2110:14:26

[email protected]

web.nvd.nist.gov

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

9.6

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

AI Score

8.4

Confidence

High

EPSS

0.012

Percentile

85.5%

JSON

Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot.

Affected configurations

Nvd

Node

oraclelinuxMatch6

oraclelinuxMatch7

Node

oraclejdkMatch1.8.0update91

oraclejdkMatch1.8.0update92

oraclejreMatch1.8.0update91

oraclejreMatch1.8.0update92

VendorProductVersionCPE
oraclelinux6cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*
oraclelinux7cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*
oraclejdk1.8.0cpe:2.3:a:oracle:jdk:1.8.0:update91:*:*:*:*:*:*
oraclejdk1.8.0cpe:2.3:a:oracle:jdk:1.8.0:update92:*:*:*:*:*:*
oraclejre1.8.0cpe:2.3:a:oracle:jre:1.8.0:update91:*:*:*:*:*:*
oraclejre1.8.0cpe:2.3:a:oracle:jre:1.8.0:update92:*:*:*:*:*:*

Vendor	Product	Version	CPE
oracle	linux	6	cpe:2.3:o:oracle:linux:6:::::::*
oracle	linux	7	cpe:2.3:o:oracle:linux:7:::::::*
oracle	jdk	1.8.0	cpe:2.3:a:oracle:jdk:1.8.0:update91::::::
oracle	jdk	1.8.0	cpe:2.3:a:oracle:jdk:1.8.0:update92::::::
oracle	jre	1.8.0	cpe:2.3:a:oracle:jre:1.8.0:update91::::::
oracle	jre	1.8.0	cpe:2.3:a:oracle:jre:1.8.0:update92::::::