CVE-2016-3606

MEDIUM

Description

Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot.

References

http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00011.html

http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00024.html

http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00032.html

http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00033.html

http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00034.html

http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00035.html

http://lists.opensuse.org/opensuse-updates/2016-08/msg00028.html

http://rhn.redhat.com/errata/RHSA-2016-1504.html

http://rhn.redhat.com/errata/RHSA-2016-1776.html

http://www.debian.org/security/2016/dsa-3641

http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html

http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html

http://www.securityfocus.com/bid/91787

http://www.securityfocus.com/bid/91912

http://www.securitytracker.com/id/1036365

http://www.ubuntu.com/usn/USN-3043-1

http://www.ubuntu.com/usn/USN-3062-1

http://www.ubuntu.com/usn/USN-3077-1

https://access.redhat.com/errata/RHSA-2016:1458

https://access.redhat.com/errata/RHSA-2016:1475

https://access.redhat.com/errata/RHSA-2016:1476

https://security.gentoo.org/glsa/201610-08

https://security.gentoo.org/glsa/201701-43

https://security.netapp.com/advisory/ntap-20160721-0001/

Details

Source: MITRE

Published: 2016-07-21

Updated: 2017-11-10

Risk Information

CVSS v2.0

Base Score: 6.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3.0

Base Score: 9.6

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Impact Score: 6

Exploitability Score: 2.8

Severity: CRITICAL