CVE-2016-0466

MEDIUM

Description

Unspecified vulnerability in the Java SE, Java SE Embedded, and JRockit components in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect availability via vectors related to JAXP.

References

http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html

http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html

http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html

http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html

http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html

http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html

http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html

http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html

http://rhn.redhat.com/errata/RHSA-2016-0049.html

http://rhn.redhat.com/errata/RHSA-2016-0050.html

http://rhn.redhat.com/errata/RHSA-2016-0053.html

http://rhn.redhat.com/errata/RHSA-2016-0054.html

http://rhn.redhat.com/errata/RHSA-2016-0055.html

http://rhn.redhat.com/errata/RHSA-2016-0056.html

http://rhn.redhat.com/errata/RHSA-2016-0057.html

http://rhn.redhat.com/errata/RHSA-2016-0067.html

http://www.debian.org/security/2016/dsa-3458

http://www.debian.org/security/2016/dsa-3465

http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html

http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

http://www.securityfocus.com/bid/81118

http://www.securitytracker.com/id/1034715

http://www.ubuntu.com/usn/USN-2884-1

http://www.ubuntu.com/usn/USN-2885-1

https://access.redhat.com/errata/RHSA-2016:1430

https://kc.mcafee.com/corporate/index?page=content&id=SB10148

https://security.gentoo.org/glsa/201603-14

https://security.gentoo.org/glsa/201610-08

Details

Source: MITRE

Published: 2016-01-21

Updated: 2020-09-08

Risk Information

CVSS v2.0

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

Tenable Plugins

View all (59 total)

IDNameProductFamilySeverity
700654Oracle Java SE 6 < Update 111 / 7 < Update 95 / 8 < Update 71 Multiple Vulnerabilities (January 2016 CPU) (SLOTH)Nessus Network MonitorWeb Clients
critical
119974SUSE SLES12 Security Update : java-1_6_0-ibm (SUSE-SU-2016:0428-1) (SLOTH)NessusSuSE Local Security Checks
critical
94085GLSA-201610-08 : Oracle JRE/JDK: Multiple vulnerabilitiesNessusGentoo Local Security Checks
critical
93916F5 Networks BIG-IP : Java vulnerabilities (K50118123)NessusF5 Networks Local Security Checks
critical
92400RHEL 5 / 6 : java-1.7.0-ibm and java-1.7.1-ibm (RHSA-2016:1430) (SLOTH)NessusRed Hat Local Security Checks
critical
89989SUSE SLES10 Security Update : java-1_6_0-ibm (SUSE-SU-2016:0776-1) (SLOTH)NessusSuSE Local Security Checks
critical
89961SUSE SLES11 Security Update : java-1_6_0-ibm (SUSE-SU-2016:0770-1) (SLOTH)NessusSuSE Local Security Checks
critical
89907GLSA-201603-14 : IcedTea: Multiple vulnerabilitiesNessusGentoo Local Security Checks
critical
89657SUSE SLES11 Security Update : java-1_7_0-ibm (SUSE-SU-2016:0636-1) (SLOTH)NessusSuSE Local Security Checks
critical
89119Amazon Linux AMI : java-1.6.0-openjdk (ALAS-2016-654)NessusAmazon Linux Local Security Checks
critical
89053AIX Java Advisory : java_jan2016_advisory.asc (January 2016 CPU) (SLOTH)NessusAIX Local Security Checks
critical
88710SUSE SLES11 Security Update : java-1_7_0-ibm (SUSE-SU-2016:0433-1) (SLOTH)NessusSuSE Local Security Checks
critical
88709SUSE SLES11 Security Update : java-1_6_0-ibm (SUSE-SU-2016:0431-1) (SLOTH)NessusSuSE Local Security Checks
critical
88692SUSE SLES12 Security Update : java-1_8_0-ibm (SUSE-SU-2016:0390-1) (SLOTH)NessusSuSE Local Security Checks
critical
88659Amazon Linux AMI : java-1.8.0-openjdk (ALAS-2016-647) (SLOTH)NessusAmazon Linux Local Security Checks
critical
88655Amazon Linux AMI : java-1.7.0-openjdk (ALAS-2016-643) (SLOTH)NessusAmazon Linux Local Security Checks
critical
88580Debian DLA-410-1 : openjdk-6 security update (SLOTH)NessusDebian Local Security Checks
critical
88568Debian DSA-3465-1 : openjdk-6 - security update (SLOTH)NessusDebian Local Security Checks
critical
88557RHEL 5 / 6 : java-1.6.0-ibm (RHSA-2016:0101) (SLOTH)NessusRed Hat Local Security Checks
critical
88556RHEL 5 : java-1.7.0-ibm (RHSA-2016:0100) (SLOTH)NessusRed Hat Local Security Checks
critical
88555RHEL 6 / 7 : java-1.7.1-ibm (RHSA-2016:0099) (SLOTH)NessusRed Hat Local Security Checks
critical
88554RHEL 7 : java-1.8.0-ibm (RHSA-2016:0098) (SLOTH)NessusRed Hat Local Security Checks
critical
88541openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2016-115) (SLOTH)NessusSuSE Local Security Checks
critical
88540openSUSE Security Update : Java7 (openSUSE-2016-110) (SLOTH)NessusSuSE Local Security Checks
critical
88538openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2016-107) (SLOTH)NessusSuSE Local Security Checks
critical
88537openSUSE Security Update : java-1_8_0-openjdk (openSUSE-2016-106) (SLOTH)NessusSuSE Local Security Checks
critical
88536openSUSE Security Update : java-1_8_0-openjdk (openSUSE-2016-105) (SLOTH)NessusSuSE Local Security Checks
critical
88517Ubuntu 12.04 LTS : openjdk-6 vulnerabilities (USN-2885-1)NessusUbuntu Local Security Checks
critical
88516Ubuntu 14.04 LTS / 15.04 / 15.10 : openjdk-7 vulnerabilities (USN-2884-1) (SLOTH)NessusUbuntu Local Security Checks
critical
88486SUSE SLED11 Security Update : java-1_7_0-openjdk (SUSE-SU-2016:0269-1) (SLOTH)NessusSuSE Local Security Checks
critical
88485SUSE SLED12 / SLES12 Security Update : java-1_7_0-openjdk (SUSE-SU-2016:0265-1) (SLOTH)NessusSuSE Local Security Checks
critical
88453SUSE SLED12 / SLES12 Security Update : java-1_8_0-openjdk (SUSE-SU-2016:0256-1) (SLOTH)NessusSuSE Local Security Checks
critical
88427Debian DSA-3458-1 : openjdk-7 - security update (SLOTH)NessusDebian Local Security Checks
critical
88407Scientific Linux Security Update : java-1.6.0-openjdk on SL5.x, SL6.x, SL7.x i386/x86_64 (20160126)NessusScientific Linux Local Security Checks
critical
88404RHEL 5 / 6 / 7 : java-1.6.0-openjdk (RHSA-2016:0067)NessusRed Hat Local Security Checks
critical
88403Oracle Linux 5 / 6 / 7 : java-1.6.0-openjdk (ELSA-2016-0067)NessusOracle Linux Local Security Checks
critical
88386CentOS 5 / 6 / 7 : java-1.6.0-openjdk (CESA-2016:0067)NessusCentOS Local Security Checks
critical
88080Scientific Linux Security Update : java-1.7.0-openjdk on SL6.x i386/x86_64 (20160121) (SLOTH)NessusScientific Linux Local Security Checks
critical
88079Scientific Linux Security Update : java-1.7.0-openjdk on SL5.x, SL7.x i386/x86_64 (20160121) (SLOTH)NessusScientific Linux Local Security Checks
critical
88078Scientific Linux Security Update : java-1.8.0-openjdk on SL7.x x86_64 (20160120) (SLOTH)NessusScientific Linux Local Security Checks
critical
88076RHEL 5 / 6 / 7 : java-1.6.0-sun (RHSA-2016:0057)NessusRed Hat Local Security Checks
critical
88075RHEL 5 / 6 / 7 : java-1.7.0-oracle (RHSA-2016:0056) (SLOTH)NessusRed Hat Local Security Checks
critical
88074RHEL 6 / 7 : java-1.8.0-oracle (RHSA-2016:0055) (SLOTH)NessusRed Hat Local Security Checks
critical
88073RHEL 5 / 7 : java-1.7.0-openjdk (RHSA-2016:0054) (SLOTH)NessusRed Hat Local Security Checks
critical
88072RHEL 6 : java-1.7.0-openjdk (RHSA-2016:0053) (SLOTH)NessusRed Hat Local Security Checks
critical
88071Oracle Linux 5 / 7 : java-1.7.0-openjdk (ELSA-2016-0054) (SLOTH)NessusOracle Linux Local Security Checks
critical
88070Oracle Linux 6 : java-1.7.0-openjdk (ELSA-2016-0053) (SLOTH)NessusOracle Linux Local Security Checks
critical
88069Oracle Linux 6 : java-1.8.0-openjdk (ELSA-2016-0050) (SLOTH)NessusOracle Linux Local Security Checks
critical
88063CentOS 5 / 7 : java-1.7.0-openjdk (CESA-2016:0054) (SLOTH)NessusCentOS Local Security Checks
critical
88062CentOS 6 : java-1.7.0-openjdk (CESA-2016:0053) (SLOTH)NessusCentOS Local Security Checks
critical
88061CentOS 6 : java-1.8.0-openjdk (CESA-2016:0050) (SLOTH)NessusCentOS Local Security Checks
critical
88060CentOS 7 : java-1.8.0-openjdk (CESA-2016:0049) (SLOTH)NessusCentOS Local Security Checks
critical
88046Oracle Java SE Multiple Vulnerabilities (January 2016 CPU) (SLOTH) (Unix)NessusMisc.
critical
88045Oracle Java SE Multiple Vulnerabilities (January 2016 CPU) (SLOTH)NessusWindows
critical
88041Oracle JRockit R28 < R28.3.9 Multiple Vulnerabilities (January 2016 CPU) (SLOTH)NessusWindows
critical
88037Scientific Linux Security Update : java-1.8.0-openjdk on SL6.x i386/x86_64 (20160120) (SLOTH)NessusScientific Linux Local Security Checks
critical
88036RHEL 6 : java-1.8.0-openjdk (RHSA-2016:0050) (SLOTH)NessusRed Hat Local Security Checks
critical
88035RHEL 7 : java-1.8.0-openjdk (RHSA-2016:0049) (SLOTH)NessusRed Hat Local Security Checks
critical
88031Oracle Linux 7 : java-1.8.0-openjdk (ELSA-2016-0049) (SLOTH)NessusOracle Linux Local Security Checks
critical