CVE-2016-0466

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Unspecified vulnerability in the Java SE, Java SE Embedded, and JRockit components in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect availability via vectors related to JAXP.

References

http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html

http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html

http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html

http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html

http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html

http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html

http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html

http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html

http://rhn.redhat.com/errata/RHSA-2016-0049.html

http://rhn.redhat.com/errata/RHSA-2016-0050.html

http://rhn.redhat.com/errata/RHSA-2016-0053.html

http://rhn.redhat.com/errata/RHSA-2016-0054.html

http://rhn.redhat.com/errata/RHSA-2016-0055.html

http://rhn.redhat.com/errata/RHSA-2016-0056.html

http://rhn.redhat.com/errata/RHSA-2016-0057.html

http://rhn.redhat.com/errata/RHSA-2016-0067.html

http://www.debian.org/security/2016/dsa-3458

http://www.debian.org/security/2016/dsa-3465

http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html

http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

http://www.securityfocus.com/bid/81118

http://www.securitytracker.com/id/1034715

http://www.ubuntu.com/usn/USN-2884-1

http://www.ubuntu.com/usn/USN-2885-1

https://access.redhat.com/errata/RHSA-2016:1430

https://kc.mcafee.com/corporate/index?page=content&id=SB10148

https://security.gentoo.org/glsa/201603-14

https://security.gentoo.org/glsa/201610-08

Details

Source: MITRE

Published: 2016-01-21

Updated: 2020-09-08

Risk Information

CVSS v2

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

Tenable Plugins

View all (59 total)

IDNameProductFamilySeverity
700654Oracle Java SE 6 < Update 111 / 7 < Update 95 / 8 < Update 71 Multiple Vulnerabilities (January 2016 CPU) (SLOTH)Nessus Network MonitorWeb Clients
critical
119974SUSE SLES12 Security Update : java-1_6_0-ibm (SUSE-SU-2016:0428-1) (SLOTH)NessusSuSE Local Security Checks
critical
94085GLSA-201610-08 : Oracle JRE/JDK: Multiple vulnerabilitiesNessusGentoo Local Security Checks
critical
93916F5 Networks BIG-IP : Java vulnerabilities (K50118123)NessusF5 Networks Local Security Checks
critical
92400RHEL 5 / 6 : java-1.7.0-ibm and java-1.7.1-ibm (RHSA-2016:1430) (SLOTH)NessusRed Hat Local Security Checks
critical
89989SUSE SLES10 Security Update : java-1_6_0-ibm (SUSE-SU-2016:0776-1) (SLOTH)NessusSuSE Local Security Checks
critical
89961SUSE SLES11 Security Update : java-1_6_0-ibm (SUSE-SU-2016:0770-1) (SLOTH)NessusSuSE Local Security Checks
critical
89907GLSA-201603-14 : IcedTea: Multiple vulnerabilitiesNessusGentoo Local Security Checks
critical
89657SUSE SLES11 Security Update : java-1_7_0-ibm (SUSE-SU-2016:0636-1) (SLOTH)NessusSuSE Local Security Checks
critical
89119Amazon Linux AMI : java-1.6.0-openjdk (ALAS-2016-654)NessusAmazon Linux Local Security Checks
critical
89053AIX Java Advisory : java_jan2016_advisory.asc (January 2016 CPU) (SLOTH)NessusAIX Local Security Checks
critical
88710SUSE SLES11 Security Update : java-1_7_0-ibm (SUSE-SU-2016:0433-1) (SLOTH)NessusSuSE Local Security Checks
critical
88709SUSE SLES11 Security Update : java-1_6_0-ibm (SUSE-SU-2016:0431-1) (SLOTH)NessusSuSE Local Security Checks
critical
88692SUSE SLES12 Security Update : java-1_8_0-ibm (SUSE-SU-2016:0390-1) (SLOTH)NessusSuSE Local Security Checks
critical
88659Amazon Linux AMI : java-1.8.0-openjdk (ALAS-2016-647) (SLOTH)NessusAmazon Linux Local Security Checks
medium
88655Amazon Linux AMI : java-1.7.0-openjdk (ALAS-2016-643) (SLOTH)NessusAmazon Linux Local Security Checks
medium
88580Debian DLA-410-1 : openjdk-6 security update (SLOTH)NessusDebian Local Security Checks
high
88568Debian DSA-3465-1 : openjdk-6 - security update (SLOTH)NessusDebian Local Security Checks
medium
88557RHEL 5 / 6 : java-1.6.0-ibm (RHSA-2016:0101) (SLOTH)NessusRed Hat Local Security Checks
critical
88556RHEL 5 : java-1.7.0-ibm (RHSA-2016:0100) (SLOTH)NessusRed Hat Local Security Checks
critical
88555RHEL 6 / 7 : java-1.7.1-ibm (RHSA-2016:0099) (SLOTH)NessusRed Hat Local Security Checks
critical
88554RHEL 7 : java-1.8.0-ibm (RHSA-2016:0098) (SLOTH)NessusRed Hat Local Security Checks
critical
88541openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2016-115) (SLOTH)NessusSuSE Local Security Checks
high
88540openSUSE Security Update : Java7 (openSUSE-2016-110) (SLOTH)NessusSuSE Local Security Checks
high
88538openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2016-107) (SLOTH)NessusSuSE Local Security Checks
high
88537openSUSE Security Update : java-1_8_0-openjdk (openSUSE-2016-106) (SLOTH)NessusSuSE Local Security Checks
high
88536openSUSE Security Update : java-1_8_0-openjdk (openSUSE-2016-105) (SLOTH)NessusSuSE Local Security Checks
high
88517Ubuntu 12.04 LTS : openjdk-6 vulnerabilities (USN-2885-1)NessusUbuntu Local Security Checks
critical
88516Ubuntu 14.04 LTS / 15.04 / 15.10 : openjdk-7 vulnerabilities (USN-2884-1) (SLOTH)NessusUbuntu Local Security Checks
medium
88486SUSE SLED11 Security Update : java-1_7_0-openjdk (SUSE-SU-2016:0269-1) (SLOTH)NessusSuSE Local Security Checks
high
88485SUSE SLED12 / SLES12 Security Update : java-1_7_0-openjdk (SUSE-SU-2016:0265-1) (SLOTH)NessusSuSE Local Security Checks
high
88453SUSE SLED12 / SLES12 Security Update : java-1_8_0-openjdk (SUSE-SU-2016:0256-1) (SLOTH)NessusSuSE Local Security Checks
high
88427Debian DSA-3458-1 : openjdk-7 - security update (SLOTH)NessusDebian Local Security Checks
medium
88407Scientific Linux Security Update : java-1.6.0-openjdk on SL5.x, SL6.x, SL7.x i386/x86_64 (20160126)NessusScientific Linux Local Security Checks
critical
88404RHEL 5 / 6 / 7 : java-1.6.0-openjdk (RHSA-2016:0067)NessusRed Hat Local Security Checks
critical
88403Oracle Linux 5 / 6 / 7 : java-1.6.0-openjdk (ELSA-2016-0067)NessusOracle Linux Local Security Checks
critical
88386CentOS 5 / 6 / 7 : java-1.6.0-openjdk (CESA-2016:0067)NessusCentOS Local Security Checks
critical
88080Scientific Linux Security Update : java-1.7.0-openjdk on SL6.x i386/x86_64 (20160121) (SLOTH)NessusScientific Linux Local Security Checks
medium
88079Scientific Linux Security Update : java-1.7.0-openjdk on SL5.x, SL7.x i386/x86_64 (20160121) (SLOTH)NessusScientific Linux Local Security Checks
medium
88078Scientific Linux Security Update : java-1.8.0-openjdk on SL7.x x86_64 (20160120) (SLOTH)NessusScientific Linux Local Security Checks
medium
88076RHEL 5 / 6 / 7 : java-1.6.0-sun (RHSA-2016:0057)NessusRed Hat Local Security Checks
high
88075RHEL 5 / 6 / 7 : java-1.7.0-oracle (RHSA-2016:0056) (SLOTH)NessusRed Hat Local Security Checks
high
88074RHEL 6 / 7 : java-1.8.0-oracle (RHSA-2016:0055) (SLOTH)NessusRed Hat Local Security Checks
high
88073RHEL 5 / 7 : java-1.7.0-openjdk (RHSA-2016:0054) (SLOTH)NessusRed Hat Local Security Checks
medium
88072RHEL 6 : java-1.7.0-openjdk (RHSA-2016:0053) (SLOTH)NessusRed Hat Local Security Checks
medium
88071Oracle Linux 5 / 7 : java-1.7.0-openjdk (ELSA-2016-0054) (SLOTH)NessusOracle Linux Local Security Checks
medium
88070Oracle Linux 6 : java-1.7.0-openjdk (ELSA-2016-0053) (SLOTH)NessusOracle Linux Local Security Checks
medium
88069Oracle Linux 6 : java-1.8.0-openjdk (ELSA-2016-0050) (SLOTH)NessusOracle Linux Local Security Checks
medium
88063CentOS 5 / 7 : java-1.7.0-openjdk (CESA-2016:0054) (SLOTH)NessusCentOS Local Security Checks
medium
88062CentOS 6 : java-1.7.0-openjdk (CESA-2016:0053) (SLOTH)NessusCentOS Local Security Checks
medium
88061CentOS 6 : java-1.8.0-openjdk (CESA-2016:0050) (SLOTH)NessusCentOS Local Security Checks
medium
88060CentOS 7 : java-1.8.0-openjdk (CESA-2016:0049) (SLOTH)NessusCentOS Local Security Checks
medium
88046Oracle Java SE Multiple Vulnerabilities (January 2016 CPU) (SLOTH) (Unix)NessusMisc.
critical
88045Oracle Java SE Multiple Vulnerabilities (January 2016 CPU) (SLOTH)NessusWindows
critical
88041Oracle JRockit R28 < R28.3.9 Multiple Vulnerabilities (January 2016 CPU) (SLOTH)NessusWindows
critical
88037Scientific Linux Security Update : java-1.8.0-openjdk on SL6.x i386/x86_64 (20160120) (SLOTH)NessusScientific Linux Local Security Checks
medium
88036RHEL 6 : java-1.8.0-openjdk (RHSA-2016:0050) (SLOTH)NessusRed Hat Local Security Checks
medium
88035RHEL 7 : java-1.8.0-openjdk (RHSA-2016:0049) (SLOTH)NessusRed Hat Local Security Checks
medium
88031Oracle Linux 7 : java-1.8.0-openjdk (ELSA-2016-0049) (SLOTH)NessusOracle Linux Local Security Checks
medium