CVE-2016-3587

critical

Description

Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot.

References

http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html

http://www.securityfocus.com/bid/91787

http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html

http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00024.html

http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00033.html

http://www.ubuntu.com/usn/USN-3043-1

https://access.redhat.com/errata/RHSA-2016:1475

http://www.securityfocus.com/bid/91904

https://access.redhat.com/errata/RHSA-2016:1458

http://lists.opensuse.org/opensuse-updates/2016-08/msg00028.html

https://security.gentoo.org/glsa/201701-43

https://security.gentoo.org/glsa/201610-08

http://www.securitytracker.com/id/1036365

https://security.netapp.com/advisory/ntap-20160721-0001/

Details

Source: MITRE

Published: 2016-07-21

Updated: 2022-05-13

Risk Information

CVSS v2

Base Score: 9.3

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 8.6

Severity: HIGH

CVSS v3

Base Score: 9.6

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Impact Score: 6

Exploitability Score: 2.8

Severity: CRITICAL