Lucene search

[email protected]NVD:CVE-2016-3606

HistoryJul 21, 2016 - 10:14 a.m.

CVE-2016-3606

2016-07-2110:14:39

[email protected]

web.nvd.nist.gov

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

9.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

8.5 High

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

82.6%

JSON

Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot.

Affected configurations

NVD

Node

oraclelinuxMatch5.0

oraclelinuxMatch6.0

oraclelinuxMatch7.0

Node

oraclejdkMatch1.7.0update101

oraclejdkMatch1.8.0update91

oraclejdkMatch1.8.0update92

oraclejreMatch1.7.0update101

oraclejreMatch1.8.0update91

oraclejreMatch1.8.0update92

References

lists.opensuse.org/opensuse-security-announce/2016-08/msg00011.html

lists.opensuse.org/opensuse-security-announce/2016-08/msg00024.html

lists.opensuse.org/opensuse-security-announce/2016-08/msg00032.html

lists.opensuse.org/opensuse-security-announce/2016-08/msg00033.html

lists.opensuse.org/opensuse-security-announce/2016-08/msg00034.html

lists.opensuse.org/opensuse-security-announce/2016-08/msg00035.html

lists.opensuse.org/opensuse-updates/2016-08/msg00028.html

rhn.redhat.com/errata/RHSA-2016-1504.html

rhn.redhat.com/errata/RHSA-2016-1776.html

www.debian.org/security/2016/dsa-3641

www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html

www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html

www.securityfocus.com/bid/91787

www.securityfocus.com/bid/91912

www.securitytracker.com/id/1036365

www.ubuntu.com/usn/USN-3043-1

www.ubuntu.com/usn/USN-3062-1

www.ubuntu.com/usn/USN-3077-1

access.redhat.com/errata/RHSA-2016:1458

access.redhat.com/errata/RHSA-2016:1475

access.redhat.com/errata/RHSA-2016:1476

security.gentoo.org/glsa/201610-08

security.gentoo.org/glsa/201701-43

security.netapp.com/advisory/ntap-20160721-0001/

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

9.6 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

8.5 High

AI Score

Confidence

High

0.009 Low

EPSS

Percentile

82.6%

JSON

Related for NVD:CVE-2016-3606

zdi1 cve1 debiancve1 veracode1 redhatcve1 ubuntucve1 prion1 cvelist1 openvas30 nessus37 oraclelinux3 centos3 redhat5 debian2 ibm14 amazon3 ubuntu3 archlinux3 osv1 mageia1 f52 suse6 kaspersky1 gentoo2 oracle1