CVE-2016-0475

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Unspecified vulnerability in the Java SE, Java SE Embedded, and JRockit components in Oracle Java SE 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries.

References

http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html

http://rhn.redhat.com/errata/RHSA-2016-0049.html

http://rhn.redhat.com/errata/RHSA-2016-0050.html

http://rhn.redhat.com/errata/RHSA-2016-0055.html

http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html

http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

http://www.securitytracker.com/id/1034715

https://kc.mcafee.com/corporate/index?page=content&id=SB10148

https://security.gentoo.org/glsa/201610-08

Details

Source: MITRE

Published: 2016-01-21

Updated: 2020-09-08

Risk Information

CVSS v2

Base Score: 5.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:N

Impact Score: 4.9

Exploitability Score: 8.6

Severity: MEDIUM

Tenable Plugins

View all (19 total)

IDNameProductFamilySeverity
700654Oracle Java SE 6 < Update 111 / 7 < Update 95 / 8 < Update 71 Multiple Vulnerabilities (January 2016 CPU) (SLOTH)Nessus Network MonitorWeb Clients
critical
94085GLSA-201610-08 : Oracle JRE/JDK: Multiple vulnerabilitiesNessusGentoo Local Security Checks
critical
89053AIX Java Advisory : java_jan2016_advisory.asc (January 2016 CPU) (SLOTH)NessusAIX Local Security Checks
critical
88692SUSE SLES12 Security Update : java-1_8_0-ibm (SUSE-SU-2016:0390-1) (SLOTH)NessusSuSE Local Security Checks
critical
88659Amazon Linux AMI : java-1.8.0-openjdk (ALAS-2016-647) (SLOTH)NessusAmazon Linux Local Security Checks
medium
88554RHEL 7 : java-1.8.0-ibm (RHSA-2016:0098) (SLOTH)NessusRed Hat Local Security Checks
critical
88453SUSE SLED12 / SLES12 Security Update : java-1_8_0-openjdk (SUSE-SU-2016:0256-1) (SLOTH)NessusSuSE Local Security Checks
high
88078Scientific Linux Security Update : java-1.8.0-openjdk on SL7.x x86_64 (20160120) (SLOTH)NessusScientific Linux Local Security Checks
medium
88074RHEL 6 / 7 : java-1.8.0-oracle (RHSA-2016:0055) (SLOTH)NessusRed Hat Local Security Checks
high
88069Oracle Linux 6 : java-1.8.0-openjdk (ELSA-2016-0050) (SLOTH)NessusOracle Linux Local Security Checks
medium
88061CentOS 6 : java-1.8.0-openjdk (CESA-2016:0050) (SLOTH)NessusCentOS Local Security Checks
medium
88060CentOS 7 : java-1.8.0-openjdk (CESA-2016:0049) (SLOTH)NessusCentOS Local Security Checks
medium
88046Oracle Java SE Multiple Vulnerabilities (January 2016 CPU) (SLOTH) (Unix)NessusMisc.
critical
88045Oracle Java SE Multiple Vulnerabilities (January 2016 CPU) (SLOTH)NessusWindows
critical
88041Oracle JRockit R28 < R28.3.9 Multiple Vulnerabilities (January 2016 CPU) (SLOTH)NessusWindows
critical
88037Scientific Linux Security Update : java-1.8.0-openjdk on SL6.x i386/x86_64 (20160120) (SLOTH)NessusScientific Linux Local Security Checks
medium
88036RHEL 6 : java-1.8.0-openjdk (RHSA-2016:0050) (SLOTH)NessusRed Hat Local Security Checks
medium
88035RHEL 7 : java-1.8.0-openjdk (RHSA-2016:0049) (SLOTH)NessusRed Hat Local Security Checks
medium
88031Oracle Linux 7 : java-1.8.0-openjdk (ELSA-2016-0049) (SLOTH)NessusOracle Linux Local Security Checks
medium