CVE-2016-3606

MEDIUM

Description

Unspecified vulnerability in Oracle Java SE 7u101 and 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot.

References

http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00011.html

http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00024.html

http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00032.html

http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00033.html

http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00034.html

http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00035.html

http://lists.opensuse.org/opensuse-updates/2016-08/msg00028.html

http://rhn.redhat.com/errata/RHSA-2016-1504.html

http://rhn.redhat.com/errata/RHSA-2016-1776.html

http://www.debian.org/security/2016/dsa-3641

http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html

http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html

http://www.securityfocus.com/bid/91787

http://www.securityfocus.com/bid/91912

http://www.securitytracker.com/id/1036365

http://www.ubuntu.com/usn/USN-3043-1

http://www.ubuntu.com/usn/USN-3062-1

http://www.ubuntu.com/usn/USN-3077-1

https://access.redhat.com/errata/RHSA-2016:1458

https://access.redhat.com/errata/RHSA-2016:1475

https://access.redhat.com/errata/RHSA-2016:1476

https://security.gentoo.org/glsa/201610-08

https://security.gentoo.org/glsa/201701-43

https://security.netapp.com/advisory/ntap-20160721-0001/

Details

Source: MITRE

Published: 2016-07-21

Updated: 2020-09-08

Risk Information

CVSS v2.0

Base Score: 6.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3.0

Base Score: 9.6

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Impact Score: 6

Exploitability Score: 2.8

Severity: CRITICAL

Tenable Plugins

View all (36 total)

IDNameProductFamilySeverity
127348NewStart CGSL MAIN 4.05 : java-1.8.0-openjdk Multiple Vulnerabilities (NS-SA-2019-0111)NessusNewStart CGSL Local Security Checks
high
99795EulerOS 2.0 SP1 : java-1.7.0-openjdk (EulerOS-SA-2016-1032)NessusHuawei Local Security Checks
high
96640GLSA-201701-43 : IcedTea: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
94085GLSA-201610-08 : Oracle JRE/JDK: Multiple vulnerabilitiesNessusGentoo Local Security Checks
critical
93540Amazon Linux AMI : java-1.6.0-openjdk (ALAS-2016-748)NessusAmazon Linux Local Security Checks
medium
93460Ubuntu 12.04 LTS : openjdk-6 vulnerabilities (USN-3077-1)NessusUbuntu Local Security Checks
medium
93281SUSE SLED12 / SLES12 Security Update : java-1_8_0-openjdk (SUSE-SU-2016:2012-1)NessusSuSE Local Security Checks
high
93272SUSE SLED12 / SLES12 Security Update : java-1_7_0-openjdk (SUSE-SU-2016:1997-1)NessusSuSE Local Security Checks
high
93150Scientific Linux Security Update : java-1.6.0-openjdk on SL5.x, SL6.x, SL7.x i386/x86_64 (20160826)NessusScientific Linux Local Security Checks
medium
93149RHEL 5 / 6 / 7 : java-1.6.0-openjdk (RHSA-2016:1776)NessusRed Hat Local Security Checks
medium
93147Oracle Linux 5 / 6 / 7 : java-1.6.0-openjdk (ELSA-2016-1776)NessusOracle Linux Local Security Checks
medium
93129CentOS 5 / 6 / 7 : java-1.6.0-openjdk (CESA-2016:1776)NessusCentOS Local Security Checks
medium
92999Ubuntu 14.04 LTS : openjdk-7 vulnerabilities (USN-3062-1)NessusUbuntu Local Security Checks
high
92992openSUSE Security Update : OpenJDK7 (openSUSE-2016-982)NessusSuSE Local Security Checks
high
92979openSUSE Security Update : java-1_8_0-openjdk (openSUSE-2016-978)NessusSuSE Local Security Checks
high
92978openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2016-977)NessusSuSE Local Security Checks
high
92954Debian DSA-3641-1 : openjdk-7 - security updateNessusDebian Local Security Checks
medium
92932openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2016-976)NessusSuSE Local Security Checks
high
9449Oracle Java SE 6 < Update 121 / 7 < Update 111 / 8 < Update 102 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
high
92774openSUSE Security Update : java-1_8_0-openjdk (openSUSE-2016-944)NessusSuSE Local Security Checks
high
92763Debian DLA-579-1 : openjdk-7 security updateNessusDebian Local Security Checks
medium
92664Amazon Linux AMI : java-1.7.0-openjdk (ALAS-2016-729)NessusAmazon Linux Local Security Checks
high
92605Scientific Linux Security Update : java-1.7.0-openjdk on SL5.x, SL6.x, SL7.x i386/x86_64 (20160727)NessusScientific Linux Local Security Checks
high
92604RHEL 5 / 6 / 7 : java-1.7.0-openjdk (RHSA-2016:1504)NessusRed Hat Local Security Checks
high
92599Oracle Linux 5 / 6 / 7 : java-1.7.0-openjdk (ELSA-2016-1504)NessusOracle Linux Local Security Checks
high
92586CentOS 5 / 6 / 7 : java-1.7.0-openjdk (CESA-2016:1504)NessusCentOS Local Security Checks
high
92584Ubuntu 16.04 LTS : openjdk-8 vulnerabilities (USN-3043-1)NessusUbuntu Local Security Checks
high
92517Oracle Java SE Multiple Vulnerabilities (July 2016 CPU) (Unix)NessusMisc.
high
92516Oracle Java SE Multiple Vulnerabilities (July 2016 CPU)NessusWindows
high
92509RHEL 5 / 6 / 7 : java-1.7.0-oracle (RHSA-2016:1476)NessusRed Hat Local Security Checks
medium
92508RHEL 6 / 7 : java-1.8.0-oracle (RHSA-2016:1475)NessusRed Hat Local Security Checks
high
92491Scientific Linux Security Update : java-1.8.0-openjdk on SL6.x, SL7.x i386/x86_64 (20160720)NessusScientific Linux Local Security Checks
high
92490RHEL 6 / 7 : java-1.8.0-openjdk (RHSA-2016:1458)NessusRed Hat Local Security Checks
high
92489Oracle Linux 6 / 7 : java-1.8.0-openjdk (ELSA-2016-1458)NessusOracle Linux Local Security Checks
high
92473CentOS 6 / 7 : java-1.8.0-openjdk (CESA-2016:1458)NessusCentOS Local Security Checks
high
92470Amazon Linux AMI : java-1.8.0-openjdk (ALAS-2016-723)NessusAmazon Linux Local Security Checks
high