Vulnerability-Lookup

CVE-2016-3606 (GCVE-0-2016-3606)

Vulnerability from cvelistv5 – Published: 2016-07-21 10:00 – Updated: 2024-10-11 20:41

Summary

Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot.

Severity ?

No CVSS data available.

CWE

Assigner

oracle

References

URL

Tags

	http://www.ubuntu.com/usn/USN-3043-1	vendor-advisoryx_refsource_UBUNTU
	http://www.oracle.com/technetwork/topics/security…	x_refsource_CONFIRM
	http://www.oracle.com/technetwork/security-adviso…	x_refsource_CONFIRM
	https://security.gentoo.org/glsa/201610-08	vendor-advisoryx_refsource_GENTOO
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://www.debian.org/security/2016/dsa-3641	vendor-advisoryx_refsource_DEBIAN
	https://security.netapp.com/advisory/ntap-2016072…	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2016:1475	vendor-advisoryx_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://www.securitytracker.com/id/1036365	vdb-entryx_refsource_SECTRACK
	https://security.gentoo.org/glsa/201701-43	vendor-advisoryx_refsource_GENTOO
	http://www.securityfocus.com/bid/91912	vdb-entryx_refsource_BID
	http://www.ubuntu.com/usn/USN-3062-1	vendor-advisoryx_refsource_UBUNTU
	http://www.securityfocus.com/bid/91787	vdb-entryx_refsource_BID
	https://access.redhat.com/errata/RHSA-2016:1476	vendor-advisoryx_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	https://access.redhat.com/errata/RHSA-2016:1458	vendor-advisoryx_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://lists.opensuse.org/opensuse-updates/2016-0…	vendor-advisoryx_refsource_SUSE
	http://www.ubuntu.com/usn/USN-3077-1	vendor-advisoryx_refsource_UBUNTU
	http://rhn.redhat.com/errata/RHSA-2016-1776.html	vendor-advisoryx_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://rhn.redhat.com/errata/RHSA-2016-1504.html	vendor-advisoryx_refsource_REDHAT

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T00:03:34.419Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "USN-3043-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-3043-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
          },
          {
            "name": "GLSA-201610-08",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201610-08"
          },
          {
            "name": "SUSE-SU-2016:2012",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00024.html"
          },
          {
            "name": "openSUSE-SU-2016:2052",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00034.html"
          },
          {
            "name": "DSA-3641",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3641"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20160721-0001/"
          },
          {
            "name": "RHSA-2016:1475",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2016:1475"
          },
          {
            "name": "openSUSE-SU-2016:2051",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00033.html"
          },
          {
            "name": "1036365",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1036365"
          },
          {
            "name": "GLSA-201701-43",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201701-43"
          },
          {
            "name": "91912",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/91912"
          },
          {
            "name": "USN-3062-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-3062-1"
          },
          {
            "name": "91787",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/91787"
          },
          {
            "name": "RHSA-2016:1476",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2016:1476"
          },
          {
            "name": "SUSE-SU-2016:1997",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00011.html"
          },
          {
            "name": "RHSA-2016:1458",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2016:1458"
          },
          {
            "name": "openSUSE-SU-2016:2050",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00032.html"
          },
          {
            "name": "openSUSE-SU-2016:1979",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00028.html"
          },
          {
            "name": "USN-3077-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-3077-1"
          },
          {
            "name": "RHSA-2016:1776",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2016-1776.html"
          },
          {
            "name": "openSUSE-SU-2016:2058",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00035.html"
          },
          {
            "name": "RHSA-2016:1504",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2016-1504.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2016-3606",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-11T19:52:52.729831Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-11T20:41:04.274Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-07-19T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-11-09T10:57:01.000Z",
        "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "shortName": "oracle"
      },
      "references": [
        {
          "name": "USN-3043-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-3043-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
        },
        {
          "name": "GLSA-201610-08",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201610-08"
        },
        {
          "name": "SUSE-SU-2016:2012",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00024.html"
        },
        {
          "name": "openSUSE-SU-2016:2052",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00034.html"
        },
        {
          "name": "DSA-3641",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3641"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://security.netapp.com/advisory/ntap-20160721-0001/"
        },
        {
          "name": "RHSA-2016:1475",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2016:1475"
        },
        {
          "name": "openSUSE-SU-2016:2051",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00033.html"
        },
        {
          "name": "1036365",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1036365"
        },
        {
          "name": "GLSA-201701-43",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201701-43"
        },
        {
          "name": "91912",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/91912"
        },
        {
          "name": "USN-3062-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-3062-1"
        },
        {
          "name": "91787",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/91787"
        },
        {
          "name": "RHSA-2016:1476",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2016:1476"
        },
        {
          "name": "SUSE-SU-2016:1997",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00011.html"
        },
        {
          "name": "RHSA-2016:1458",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2016:1458"
        },
        {
          "name": "openSUSE-SU-2016:2050",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00032.html"
        },
        {
          "name": "openSUSE-SU-2016:1979",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00028.html"
        },
        {
          "name": "USN-3077-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-3077-1"
        },
        {
          "name": "RHSA-2016:1776",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2016-1776.html"
        },
        {
          "name": "openSUSE-SU-2016:2058",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00035.html"
        },
        {
          "name": "RHSA-2016:1504",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2016-1504.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert_us@oracle.com",
          "ID": "CVE-2016-3606",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "USN-3043-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-3043-1"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
            },
            {
              "name": "GLSA-201610-08",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201610-08"
            },
            {
              "name": "SUSE-SU-2016:2012",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00024.html"
            },
            {
              "name": "openSUSE-SU-2016:2052",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00034.html"
            },
            {
              "name": "DSA-3641",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2016/dsa-3641"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20160721-0001/",
              "refsource": "CONFIRM",
              "url": "https://security.netapp.com/advisory/ntap-20160721-0001/"
            },
            {
              "name": "RHSA-2016:1475",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2016:1475"
            },
            {
              "name": "openSUSE-SU-2016:2051",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00033.html"
            },
            {
              "name": "1036365",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1036365"
            },
            {
              "name": "GLSA-201701-43",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201701-43"
            },
            {
              "name": "91912",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/91912"
            },
            {
              "name": "USN-3062-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-3062-1"
            },
            {
              "name": "91787",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/91787"
            },
            {
              "name": "RHSA-2016:1476",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2016:1476"
            },
            {
              "name": "SUSE-SU-2016:1997",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00011.html"
            },
            {
              "name": "RHSA-2016:1458",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2016:1458"
            },
            {
              "name": "openSUSE-SU-2016:2050",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00032.html"
            },
            {
              "name": "openSUSE-SU-2016:1979",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00028.html"
            },
            {
              "name": "USN-3077-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-3077-1"
            },
            {
              "name": "RHSA-2016:1776",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2016-1776.html"
            },
            {
              "name": "openSUSE-SU-2016:2058",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00035.html"
            },
            {
              "name": "RHSA-2016:1504",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2016-1504.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
    "assignerShortName": "oracle",
    "cveId": "CVE-2016-3606",
    "datePublished": "2016-07-21T10:00:00.000Z",
    "dateReserved": "2016-03-17T00:00:00.000Z",
    "dateUpdated": "2024-10-11T20:41:04.274Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"http://www.ubuntu.com/usn/USN-3043-1\", \"name\": \"USN-3043-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\", \"x_transferred\"]}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://security.gentoo.org/glsa/201610-08\", \"name\": \"GLSA-201610-08\", \"tags\": [\"vendor-advisory\", \"x_refsource_GENTOO\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00024.html\", \"name\": \"SUSE-SU-2016:2012\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00034.html\", \"name\": \"openSUSE-SU-2016:2052\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"http://www.debian.org/security/2016/dsa-3641\", \"name\": \"DSA-3641\", \"tags\": [\"vendor-advisory\", \"x_refsource_DEBIAN\", \"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20160721-0001/\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2016:1475\", \"name\": \"RHSA-2016:1475\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00033.html\", \"name\": \"openSUSE-SU-2016:2051\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"http://www.securitytracker.com/id/1036365\", \"name\": \"1036365\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"]}, {\"url\": \"https://security.gentoo.org/glsa/201701-43\", \"name\": \"GLSA-201701-43\", \"tags\": [\"vendor-advisory\", \"x_refsource_GENTOO\", \"x_transferred\"]}, {\"url\": \"http://www.securityfocus.com/bid/91912\", \"name\": \"91912\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\", \"x_transferred\"]}, {\"url\": \"http://www.ubuntu.com/usn/USN-3062-1\", \"name\": \"USN-3062-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\", \"x_transferred\"]}, {\"url\": \"http://www.securityfocus.com/bid/91787\", \"name\": \"91787\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2016:1476\", \"name\": \"RHSA-2016:1476\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00011.html\", \"name\": \"SUSE-SU-2016:1997\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2016:1458\", \"name\": \"RHSA-2016:1458\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00032.html\", \"name\": \"openSUSE-SU-2016:2050\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-updates/2016-08/msg00028.html\", \"name\": \"openSUSE-SU-2016:1979\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"http://www.ubuntu.com/usn/USN-3077-1\", \"name\": \"USN-3077-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\", \"x_transferred\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-1776.html\", \"name\": \"RHSA-2016:1776\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00035.html\", \"name\": \"openSUSE-SU-2016:2058\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\", \"x_transferred\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-1504.html\", \"name\": \"RHSA-2016:1504\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-06T00:03:34.419Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2016-3606\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-10-11T19:52:52.729831Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-10-11T19:53:22.672Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"datePublic\": \"2016-07-19T00:00:00.000Z\", \"references\": [{\"url\": \"http://www.ubuntu.com/usn/USN-3043-1\", \"name\": \"USN-3043-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\"]}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://security.gentoo.org/glsa/201610-08\", \"name\": \"GLSA-201610-08\", \"tags\": [\"vendor-advisory\", \"x_refsource_GENTOO\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00024.html\", \"name\": \"SUSE-SU-2016:2012\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00034.html\", \"name\": \"openSUSE-SU-2016:2052\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"http://www.debian.org/security/2016/dsa-3641\", \"name\": \"DSA-3641\", \"tags\": [\"vendor-advisory\", \"x_refsource_DEBIAN\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20160721-0001/\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2016:1475\", \"name\": \"RHSA-2016:1475\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00033.html\", \"name\": \"openSUSE-SU-2016:2051\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"http://www.securitytracker.com/id/1036365\", \"name\": \"1036365\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"]}, {\"url\": \"https://security.gentoo.org/glsa/201701-43\", \"name\": \"GLSA-201701-43\", \"tags\": [\"vendor-advisory\", \"x_refsource_GENTOO\"]}, {\"url\": \"http://www.securityfocus.com/bid/91912\", \"name\": \"91912\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\"]}, {\"url\": \"http://www.ubuntu.com/usn/USN-3062-1\", \"name\": \"USN-3062-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\"]}, {\"url\": \"http://www.securityfocus.com/bid/91787\", \"name\": \"91787\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2016:1476\", \"name\": \"RHSA-2016:1476\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00011.html\", \"name\": \"SUSE-SU-2016:1997\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2016:1458\", \"name\": \"RHSA-2016:1458\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00032.html\", \"name\": \"openSUSE-SU-2016:2050\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-updates/2016-08/msg00028.html\", \"name\": \"openSUSE-SU-2016:1979\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"http://www.ubuntu.com/usn/USN-3077-1\", \"name\": \"USN-3077-1\", \"tags\": [\"vendor-advisory\", \"x_refsource_UBUNTU\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-1776.html\", \"name\": \"RHSA-2016:1776\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00035.html\", \"name\": \"openSUSE-SU-2016:2058\", \"tags\": [\"vendor-advisory\", \"x_refsource_SUSE\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-1504.html\", \"name\": \"RHSA-2016:1504\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"43595867-4340-4103-b7a2-9a5208d29a85\", \"shortName\": \"oracle\", \"dateUpdated\": \"2017-11-09T10:57:01.000Z\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"n/a\"}]}, \"product_name\": \"n/a\"}]}, \"vendor_name\": \"n/a\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"http://www.ubuntu.com/usn/USN-3043-1\", \"name\": \"USN-3043-1\", \"refsource\": \"UBUNTU\"}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html\", \"name\": \"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html\", \"name\": \"http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://security.gentoo.org/glsa/201610-08\", \"name\": \"GLSA-201610-08\", \"refsource\": \"GENTOO\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00024.html\", \"name\": \"SUSE-SU-2016:2012\", \"refsource\": \"SUSE\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00034.html\", \"name\": \"openSUSE-SU-2016:2052\", \"refsource\": \"SUSE\"}, {\"url\": \"http://www.debian.org/security/2016/dsa-3641\", \"name\": \"DSA-3641\", \"refsource\": \"DEBIAN\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20160721-0001/\", \"name\": \"https://security.netapp.com/advisory/ntap-20160721-0001/\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2016:1475\", \"name\": \"RHSA-2016:1475\", \"refsource\": \"REDHAT\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00033.html\", \"name\": \"openSUSE-SU-2016:2051\", \"refsource\": \"SUSE\"}, {\"url\": \"http://www.securitytracker.com/id/1036365\", \"name\": \"1036365\", \"refsource\": \"SECTRACK\"}, {\"url\": \"https://security.gentoo.org/glsa/201701-43\", \"name\": \"GLSA-201701-43\", \"refsource\": \"GENTOO\"}, {\"url\": \"http://www.securityfocus.com/bid/91912\", \"name\": \"91912\", \"refsource\": \"BID\"}, {\"url\": \"http://www.ubuntu.com/usn/USN-3062-1\", \"name\": \"USN-3062-1\", \"refsource\": \"UBUNTU\"}, {\"url\": \"http://www.securityfocus.com/bid/91787\", \"name\": \"91787\", \"refsource\": \"BID\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2016:1476\", \"name\": \"RHSA-2016:1476\", \"refsource\": \"REDHAT\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00011.html\", \"name\": \"SUSE-SU-2016:1997\", \"refsource\": \"SUSE\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2016:1458\", \"name\": \"RHSA-2016:1458\", \"refsource\": \"REDHAT\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00032.html\", \"name\": \"openSUSE-SU-2016:2050\", \"refsource\": \"SUSE\"}, {\"url\": \"http://lists.opensuse.org/opensuse-updates/2016-08/msg00028.html\", \"name\": \"openSUSE-SU-2016:1979\", \"refsource\": \"SUSE\"}, {\"url\": \"http://www.ubuntu.com/usn/USN-3077-1\", \"name\": \"USN-3077-1\", \"refsource\": \"UBUNTU\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-1776.html\", \"name\": \"RHSA-2016:1776\", \"refsource\": \"REDHAT\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00035.html\", \"name\": \"openSUSE-SU-2016:2058\", \"refsource\": \"SUSE\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-1504.html\", \"name\": \"RHSA-2016:1504\", \"refsource\": \"REDHAT\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"n/a\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2016-3606\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"secalert_us@oracle.com\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2016-3606\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-10-11T20:41:04.274Z\", \"dateReserved\": \"2016-03-17T00:00:00.000Z\", \"assignerOrgId\": \"43595867-4340-4103-b7a2-9a5208d29a85\", \"datePublished\": \"2016-07-21T10:00:00.000Z\", \"assignerShortName\": \"oracle\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

CERTFR-2016-AVI-243

Vulnerability from certfr_avis - Published: 2016-07-20 - Updated: 2016-07-20

De multiples vulnérabilités ont été corrigées dans Oracle Java SE. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, un contournement de la politique de sécurité et une atteinte à l'intégrité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Oracle	Java SE	Oracle JRockit version R28.3.10
Oracle	Java SE	Oracle Java SE version 7u101
Oracle	Java SE	Oracle Java SE Embedded version 8u91
Oracle	Java SE	Oracle Java SE version 8u92
Oracle	Java SE	Oracle Java SE version 6u115

References

Title

Publication Time

CNVD-2016-05363

Vulnerability from cnvd - Published: 2016-07-26

Title

Oracle Java SE远程代码执行漏洞（CNVD-2016-05363）

Description

Oracle Java SE是美国甲骨文（Oracle）公司的一套标准版Java平台，用于开发和部署桌面、服务器以及嵌入设备和实时环境中的Java应用程序。 Oracle Java SE中的Hotspot子组件存在安全漏洞。远程攻击者可利用该漏洞执行任意代码，影响数据的保密性、完整性及可用性。

Severity

高

Patch Name

Oracle Java SE远程代码执行漏洞（CNVD-2016-05363）的补丁

Patch Description

Oracle Java SE是美国甲骨文（Oracle）公司的一套标准版Java平台，用于开发和部署桌面、服务器以及嵌入设备和实时环境中的Java应用程序。 Oracle Java SE中的Hotspot子组件存在安全漏洞。远程攻击者可利用该漏洞执行任意代码，影响数据的保密性、完整性及可用性。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

用户可参考如下供应商提供的安全公告获得补丁信息： http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixDB

Reference

http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixDB

Impacted products

Name
['Oracle Java SE 7u101', 'Oracle Java SE 8u92', 'Oracle Java SE Embedded 8u91']

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "91912"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-3606"
    }
  },
  "description": "Oracle Java SE\u662f\u7f8e\u56fd\u7532\u9aa8\u6587\uff08Oracle\uff09\u516c\u53f8\u7684\u4e00\u5957\u6807\u51c6\u7248Java\u5e73\u53f0\uff0c\u7528\u4e8e\u5f00\u53d1\u548c\u90e8\u7f72\u684c\u9762\u3001\u670d\u52a1\u5668\u4ee5\u53ca\u5d4c\u5165\u8bbe\u5907\u548c\u5b9e\u65f6\u73af\u5883\u4e2d\u7684Java\u5e94\u7528\u7a0b\u5e8f\u3002\r\n\r\nOracle Java SE\u4e2d\u7684Hotspot\u5b50\u7ec4\u4ef6\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u4efb\u610f\u4ee3\u7801\uff0c\u5f71\u54cd\u6570\u636e\u7684\u4fdd\u5bc6\u6027\u3001\u5b8c\u6574\u6027\u53ca\u53ef\u7528\u6027\u3002",
  "discovererName": "Oracle",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u4f9b\u5e94\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\nhttp://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixDB",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-05363",
  "openTime": "2016-07-26",
  "patchDescription": "Oracle Java SE\u662f\u7f8e\u56fd\u7532\u9aa8\u6587\uff08Oracle\uff09\u516c\u53f8\u7684\u4e00\u5957\u6807\u51c6\u7248Java\u5e73\u53f0\uff0c\u7528\u4e8e\u5f00\u53d1\u548c\u90e8\u7f72\u684c\u9762\u3001\u670d\u52a1\u5668\u4ee5\u53ca\u5d4c\u5165\u8bbe\u5907\u548c\u5b9e\u65f6\u73af\u5883\u4e2d\u7684Java\u5e94\u7528\u7a0b\u5e8f\u3002\r\n\r\nOracle Java SE\u4e2d\u7684Hotspot\u5b50\u7ec4\u4ef6\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u6267\u884c\u4efb\u610f\u4ee3\u7801\uff0c\u5f71\u54cd\u6570\u636e\u7684\u4fdd\u5bc6\u6027\u3001\u5b8c\u6574\u6027\u53ca\u53ef\u7528\u6027\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Oracle Java SE\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff08CNVD-2016-05363\uff09\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Oracle Java SE 7u101",
      "Oracle Java SE 8u92",
      "Oracle Java SE Embedded 8u91"
    ]
  },
  "referenceLink": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixDB",
  "serverity": "\u9ad8",
  "submitTime": "2016-07-21",
  "title": "Oracle Java SE\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff08CNVD-2016-05363\uff09"
}

GHSA-C3FP-G88J-7H59

Vulnerability from github – Published: 2022-05-13 01:17 – Updated: 2025-04-12 13:02

Details

Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot.

Severity ?

9.6 (Critical)


                  
                    CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2016-3606"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2016-07-21T10:14:00Z",
    "severity": "CRITICAL"
  },
  "details": "Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot.",
  "id": "GHSA-c3fp-g88j-7h59",
  "modified": "2025-04-12T13:02:38Z",
  "published": "2022-05-13T01:17:06Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3606"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2016:1458"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2016:1475"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2016:1476"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/201610-08"
    },
    {
      "type": "WEB",
      "url": "https://security.gentoo.org/glsa/201701-43"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20160721-0001"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00011.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00024.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00032.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00033.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00034.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00035.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00028.html"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2016-1504.html"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2016-1776.html"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2016/dsa-3641"
    },
    {
      "type": "WEB",
      "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
    },
    {
      "type": "WEB",
      "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/91787"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/91912"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1036365"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/USN-3043-1"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/USN-3062-1"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/USN-3077-1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2016-3606

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot.

Aliases

CVE-2016-3606

Aliases

CVE-2016-3606

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2016-3606",
    "description": "Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot.",
    "id": "GSD-2016-3606",
    "references": [
      "https://www.suse.com/security/cve/CVE-2016-3606.html",
      "https://www.debian.org/security/2016/dsa-3641",
      "https://access.redhat.com/errata/RHSA-2016:1776",
      "https://access.redhat.com/errata/RHSA-2016:1504",
      "https://access.redhat.com/errata/RHSA-2016:1476",
      "https://access.redhat.com/errata/RHSA-2016:1475",
      "https://access.redhat.com/errata/RHSA-2016:1458",
      "https://ubuntu.com/security/CVE-2016-3606",
      "https://advisories.mageia.org/CVE-2016-3606.html",
      "https://alas.aws.amazon.com/cve/html/CVE-2016-3606.html",
      "https://linux.oracle.com/cve/CVE-2016-3606.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2016-3606"
      ],
      "details": "Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot.",
      "id": "GSD-2016-3606",
      "modified": "2023-12-13T01:21:27.465979Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert_us@oracle.com",
        "ID": "CVE-2016-3606",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "USN-3043-1",
            "refsource": "UBUNTU",
            "url": "http://www.ubuntu.com/usn/USN-3043-1"
          },
          {
            "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html",
            "refsource": "CONFIRM",
            "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
          },
          {
            "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
            "refsource": "CONFIRM",
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
          },
          {
            "name": "GLSA-201610-08",
            "refsource": "GENTOO",
            "url": "https://security.gentoo.org/glsa/201610-08"
          },
          {
            "name": "SUSE-SU-2016:2012",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00024.html"
          },
          {
            "name": "openSUSE-SU-2016:2052",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00034.html"
          },
          {
            "name": "DSA-3641",
            "refsource": "DEBIAN",
            "url": "http://www.debian.org/security/2016/dsa-3641"
          },
          {
            "name": "https://security.netapp.com/advisory/ntap-20160721-0001/",
            "refsource": "CONFIRM",
            "url": "https://security.netapp.com/advisory/ntap-20160721-0001/"
          },
          {
            "name": "RHSA-2016:1475",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2016:1475"
          },
          {
            "name": "openSUSE-SU-2016:2051",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00033.html"
          },
          {
            "name": "1036365",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1036365"
          },
          {
            "name": "GLSA-201701-43",
            "refsource": "GENTOO",
            "url": "https://security.gentoo.org/glsa/201701-43"
          },
          {
            "name": "91912",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/91912"
          },
          {
            "name": "USN-3062-1",
            "refsource": "UBUNTU",
            "url": "http://www.ubuntu.com/usn/USN-3062-1"
          },
          {
            "name": "91787",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/91787"
          },
          {
            "name": "RHSA-2016:1476",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2016:1476"
          },
          {
            "name": "SUSE-SU-2016:1997",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00011.html"
          },
          {
            "name": "RHSA-2016:1458",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2016:1458"
          },
          {
            "name": "openSUSE-SU-2016:2050",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00032.html"
          },
          {
            "name": "openSUSE-SU-2016:1979",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00028.html"
          },
          {
            "name": "USN-3077-1",
            "refsource": "UBUNTU",
            "url": "http://www.ubuntu.com/usn/USN-3077-1"
          },
          {
            "name": "RHSA-2016:1776",
            "refsource": "REDHAT",
            "url": "http://rhn.redhat.com/errata/RHSA-2016-1776.html"
          },
          {
            "name": "openSUSE-SU-2016:2058",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00035.html"
          },
          {
            "name": "RHSA-2016:1504",
            "refsource": "REDHAT",
            "url": "http://rhn.redhat.com/errata/RHSA-2016-1504.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:oracle:linux:5.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:linux:6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:linux:7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.8.0:update91:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.8.0:update92:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update101:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:jre:1.8.0:update92:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update101:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:jre:1.8.0:update91:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert_us@oracle.com",
          "ID": "CVE-2016-3606"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
            },
            {
              "name": "91787",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/91787"
            },
            {
              "name": "91912",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/91912"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
            },
            {
              "name": "RHSA-2016:1504",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://rhn.redhat.com/errata/RHSA-2016-1504.html"
            },
            {
              "name": "openSUSE-SU-2016:2052",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00034.html"
            },
            {
              "name": "DSA-3641",
              "refsource": "DEBIAN",
              "tags": [],
              "url": "http://www.debian.org/security/2016/dsa-3641"
            },
            {
              "name": "openSUSE-SU-2016:2051",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00033.html"
            },
            {
              "name": "openSUSE-SU-2016:2058",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00035.html"
            },
            {
              "name": "SUSE-SU-2016:1997",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00011.html"
            },
            {
              "name": "openSUSE-SU-2016:2050",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00032.html"
            },
            {
              "name": "RHSA-2016:1476",
              "refsource": "REDHAT",
              "tags": [],
              "url": "https://access.redhat.com/errata/RHSA-2016:1476"
            },
            {
              "name": "RHSA-2016:1776",
              "refsource": "REDHAT",
              "tags": [],
              "url": "http://rhn.redhat.com/errata/RHSA-2016-1776.html"
            },
            {
              "name": "SUSE-SU-2016:2012",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00024.html"
            },
            {
              "name": "USN-3077-1",
              "refsource": "UBUNTU",
              "tags": [],
              "url": "http://www.ubuntu.com/usn/USN-3077-1"
            },
            {
              "name": "USN-3043-1",
              "refsource": "UBUNTU",
              "tags": [],
              "url": "http://www.ubuntu.com/usn/USN-3043-1"
            },
            {
              "name": "RHSA-2016:1475",
              "refsource": "REDHAT",
              "tags": [],
              "url": "https://access.redhat.com/errata/RHSA-2016:1475"
            },
            {
              "name": "USN-3062-1",
              "refsource": "UBUNTU",
              "tags": [],
              "url": "http://www.ubuntu.com/usn/USN-3062-1"
            },
            {
              "name": "RHSA-2016:1458",
              "refsource": "REDHAT",
              "tags": [],
              "url": "https://access.redhat.com/errata/RHSA-2016:1458"
            },
            {
              "name": "openSUSE-SU-2016:1979",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00028.html"
            },
            {
              "name": "GLSA-201701-43",
              "refsource": "GENTOO",
              "tags": [],
              "url": "https://security.gentoo.org/glsa/201701-43"
            },
            {
              "name": "GLSA-201610-08",
              "refsource": "GENTOO",
              "tags": [],
              "url": "https://security.gentoo.org/glsa/201610-08"
            },
            {
              "name": "1036365",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id/1036365"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20160721-0001/",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://security.netapp.com/advisory/ntap-20160721-0001/"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 6.8,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.6,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 6.0
        }
      },
      "lastModifiedDate": "2022-05-13T14:57Z",
      "publishedDate": "2016-07-21T10:14Z"
    }
  }
}

CVE-2016-3606

Vulnerability from fstec - Published: 21.07.2016

Title

Уязвимость программной платформы Java Platform, позволяющая нарушителю повлиять на конфиденциальность, целостность и доступность информации

Description

Уязвимость программной платформы Java Platform связана с ошибками в коде. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, повлиять на конфиденциальность, целостность и доступность информации путём воздействия, связанного с Hotspot

Severity ?

Vendor

Oracle Corp.

Software Name

Java Platform

Software Version

8u92 SE (Java Platform), 2u91 SE Embedded (Java Platform), 7u101 (Java Platform)

Possible Mitigations

Использование рекомендаций произволителя: http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html

Reference

http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html

CWE

CWE-17

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
  "CVSS 3.0": null,
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Oracle Corp.",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "8u92 SE (Java Platform), 2u91 SE Embedded (Java Platform), 7u101 (Java Platform)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u0438\u0442\u0435\u043b\u044f:\nhttp://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "21.07.2016",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "23.03.2021",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "07.09.2016",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2016-02039",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2016-3606",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Java Platform",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux . 64-bit, \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux . 32-bit, Apple Inc. MacOS . PowerPC, \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux . PowerPC, Apple Inc. MacOS . 64-bit, Apple Inc. MacOS . 32-bit, Microsoft Corp Windows - 64-bit, Microsoft Corp Windows - 32-bit, Oracle Corp. Solaris . 64-bit, Oracle Corp. Solaris . 32-bit, Oracle Corp. Solaris . PowerPC",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b Java Platform, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u0432\u043b\u0438\u044f\u0442\u044c \u043d\u0430 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u044c, \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u044c \u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u044c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041a\u043e\u0434 (CWE-17)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b Java Platform \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043e\u0448\u0438\u0431\u043a\u0430\u043c\u0438 \u0432 \u043a\u043e\u0434\u0435. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u043f\u043e\u0432\u043b\u0438\u044f\u0442\u044c \u043d\u0430 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u044c, \u0446\u0435\u043b\u043e\u0441\u0442\u043d\u043e\u0441\u0442\u044c \u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u044c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043f\u0443\u0442\u0451\u043c \u0432\u043e\u0437\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u043e\u0433\u043e \u0441 Hotspot",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": "-",
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u0417\u043b\u043e\u0443\u043f\u043e\u0442\u0440\u0435\u0431\u043b\u0435\u043d\u0438\u0435 \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b\u043e\u043c",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041f\u041e \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438/\u041f\u041e \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e-\u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0433\u043e \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-17",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 9,3)"
}

FKIE_CVE-2016-3606

Vulnerability from fkie_nvd - Published: 2016-07-21 10:14 - Updated: 2025-04-12 10:46

Severity ?

9.6 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Summary

Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot.

References

URL	Tags
secalert_us@oracle.com	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00011.html
secalert_us@oracle.com	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00024.html
secalert_us@oracle.com	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00032.html
secalert_us@oracle.com	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00033.html
secalert_us@oracle.com	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00034.html
secalert_us@oracle.com	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00035.html
secalert_us@oracle.com	http://lists.opensuse.org/opensuse-updates/2016-08/msg00028.html
secalert_us@oracle.com	http://rhn.redhat.com/errata/RHSA-2016-1504.html
secalert_us@oracle.com	http://rhn.redhat.com/errata/RHSA-2016-1776.html
secalert_us@oracle.com	http://www.debian.org/security/2016/dsa-3641
secalert_us@oracle.com	http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html	Patch, Vendor Advisory
secalert_us@oracle.com	http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html	Vendor Advisory
secalert_us@oracle.com	http://www.securityfocus.com/bid/91787	Third Party Advisory, VDB Entry
secalert_us@oracle.com	http://www.securityfocus.com/bid/91912	Third Party Advisory, VDB Entry
secalert_us@oracle.com	http://www.securitytracker.com/id/1036365
secalert_us@oracle.com	http://www.ubuntu.com/usn/USN-3043-1
secalert_us@oracle.com	http://www.ubuntu.com/usn/USN-3062-1
secalert_us@oracle.com	http://www.ubuntu.com/usn/USN-3077-1
secalert_us@oracle.com	https://access.redhat.com/errata/RHSA-2016:1458
secalert_us@oracle.com	https://access.redhat.com/errata/RHSA-2016:1475
secalert_us@oracle.com	https://access.redhat.com/errata/RHSA-2016:1476
secalert_us@oracle.com	https://security.gentoo.org/glsa/201610-08
secalert_us@oracle.com	https://security.gentoo.org/glsa/201701-43
secalert_us@oracle.com	https://security.netapp.com/advisory/ntap-20160721-0001/
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00011.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00024.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00032.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00033.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00034.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00035.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-updates/2016-08/msg00028.html
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2016-1504.html
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2016-1776.html
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2016/dsa-3641
af854a3a-2127-422b-91ae-364da2661108	http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/91787	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/91912	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1036365
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-3043-1
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-3062-1
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-3077-1
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2016:1458
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2016:1475
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2016:1476
af854a3a-2127-422b-91ae-364da2661108	https://security.gentoo.org/glsa/201610-08
af854a3a-2127-422b-91ae-364da2661108	https://security.gentoo.org/glsa/201701-43
af854a3a-2127-422b-91ae-364da2661108	https://security.netapp.com/advisory/ntap-20160721-0001/

Impacted products

Vendor	Product	Version
oracle	linux	5.0
oracle	linux	6.0
oracle	linux	7.0
oracle	jdk	1.7.0
oracle	jdk	1.8.0
oracle	jdk	1.8.0
oracle	jre	1.7.0
oracle	jre	1.8.0
oracle	jre	1.8.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:oracle:linux:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CD09BE6-841F-48EE-B066-38218963A2D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:linux:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "634CE616-76A3-4202-A4F6-6BB5042A859E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:linux:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "794E2C8A-AE82-45D5-A232-54A987ACE7AA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.7.0:update101:*:*:*:*:*:*",
              "matchCriteriaId": "8AEA7244-D1DC-4144-BA69-0488EDD8ABAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update91:*:*:*:*:*:*",
              "matchCriteriaId": "429DC535-FA00-4309-AD75-E79F238A4B29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jdk:1.8.0:update92:*:*:*:*:*:*",
              "matchCriteriaId": "95C17CAA-0971-44CB-8A04-F135ACBEFBF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.7.0:update101:*:*:*:*:*:*",
              "matchCriteriaId": "8AE0C67B-6B6E-4B16-A0EB-4DFBAE83134F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.8.0:update91:*:*:*:*:*:*",
              "matchCriteriaId": "35E4B9B9-917E-4EB1-B8ED-B69D5589A0BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:jre:1.8.0:update92:*:*:*:*:*:*",
              "matchCriteriaId": "CFC93807-F81D-4F4C-AD4F-3F0A45C36F34",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en Oracle Java SE 7u101 y 8u92 y Java SE Embedded 8u91 permite a atacantes remotos afectar la confidencialidad, la integridad y disponibilidad a trav\u00e9s de vectores relacionados con Hotspot."
    }
  ],
  "id": "CVE-2016-3606",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.6,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 6.0,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-07-21T10:14:39.643",
  "references": [
    {
      "source": "secalert_us@oracle.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00011.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00024.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00032.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00033.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00034.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00035.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00028.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2016-1504.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2016-1776.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "url": "http://www.debian.org/security/2016/dsa-3641"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/91787"
    },
    {
      "source": "secalert_us@oracle.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/91912"
    },
    {
      "source": "secalert_us@oracle.com",
      "url": "http://www.securitytracker.com/id/1036365"
    },
    {
      "source": "secalert_us@oracle.com",
      "url": "http://www.ubuntu.com/usn/USN-3043-1"
    },
    {
      "source": "secalert_us@oracle.com",
      "url": "http://www.ubuntu.com/usn/USN-3062-1"
    },
    {
      "source": "secalert_us@oracle.com",
      "url": "http://www.ubuntu.com/usn/USN-3077-1"
    },
    {
      "source": "secalert_us@oracle.com",
      "url": "https://access.redhat.com/errata/RHSA-2016:1458"
    },
    {
      "source": "secalert_us@oracle.com",
      "url": "https://access.redhat.com/errata/RHSA-2016:1475"
    },
    {
      "source": "secalert_us@oracle.com",
      "url": "https://access.redhat.com/errata/RHSA-2016:1476"
    },
    {
      "source": "secalert_us@oracle.com",
      "url": "https://security.gentoo.org/glsa/201610-08"
    },
    {
      "source": "secalert_us@oracle.com",
      "url": "https://security.gentoo.org/glsa/201701-43"
    },
    {
      "source": "secalert_us@oracle.com",
      "url": "https://security.netapp.com/advisory/ntap-20160721-0001/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00011.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00024.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00032.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00033.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00034.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00035.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00028.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2016-1504.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2016-1776.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2016/dsa-3641"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/91787"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/91912"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1036365"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-3043-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-3062-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-3077-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2016:1458"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2016:1475"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2016:1476"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://security.gentoo.org/glsa/201610-08"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://security.gentoo.org/glsa/201701-43"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://security.netapp.com/advisory/ntap-20160721-0001/"
    }
  ],
  "sourceIdentifier": "secalert_us@oracle.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2016-3606 (GCVE-0-2016-3606)

CERTFR-2016-AVI-243

Solution

CNVD-2016-05363

GHSA-C3FP-G88J-7H59

GSD-2016-3606

CVE-2016-3606

FKIE_CVE-2016-3606

Tags

Sightings

Nomenclature