CVE-2016-5556

critical
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Unspecified vulnerability in Oracle Java SE 6u121, 7u111, and 8u102 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to 2D.

References

http://rhn.redhat.com/errata/RHSA-2016-2088.html

http://rhn.redhat.com/errata/RHSA-2016-2089.html

http://rhn.redhat.com/errata/RHSA-2016-2090.html

http://rhn.redhat.com/errata/RHSA-2016-2136.html

http://rhn.redhat.com/errata/RHSA-2016-2137.html

http://rhn.redhat.com/errata/RHSA-2016-2138.html

http://rhn.redhat.com/errata/RHSA-2016-2659.html

http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

http://www.securityfocus.com/bid/93618

http://www.securitytracker.com/id/1037040

https://access.redhat.com/errata/RHSA-2017:1216

https://lists.apache.org/thread.html/[email protected]%3Cissues.bookkeeper.apache.org%3E

https://security.gentoo.org/glsa/201611-04

https://security.netapp.com/advisory/ntap-20161019-0001/

Details

Source: MITRE

Published: 2016-10-25

Updated: 2020-09-08

Type: CWE-284

Risk Information

CVSS v2

Base Score: 9.3

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 8.6

Severity: HIGH

CVSS v3

Base Score: 9.6

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Impact Score: 6

Exploitability Score: 2.8

Severity: CRITICAL

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:oracle:jdk:1.6.0:update_121:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.7.0:update111:*:*:*:*:*:*

cpe:2.3:a:oracle:jdk:1.8.0:update102:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.6.0:update_121:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.7.0:update_111:*:*:*:*:*:*

cpe:2.3:a:oracle:jre:1.8.0:update_102:*:*:*:*:*:*

Tenable Plugins

View all (29 total)

IDNameProductFamilySeverity
121661Photon OS 1.0: Openjre PHSA-2016-0015NessusPhotonOS Local Security Checks
critical
121660Photon OS 1.0: Openjdk PHSA-2016-0015NessusPhotonOS Local Security Checks
critical
119988SUSE SLES12 Security Update : java-1_6_0-ibm (SUSE-SU-2016:3010-1)NessusSuSE Local Security Checks
critical
111849Photon OS 1.0: Openjdk / Openjre / Postgresql PHSA-2016-0015 (deprecated)NessusPhotonOS Local Security Checks
critical
100094RHEL 6 : java-1.7.1-ibm (RHSA-2017:1216)NessusRed Hat Local Security Checks
critical
97051AIX Java Advisory : java_oct2016_advisory.asc (October 2016 CPU)NessusAIX Local Security Checks
critical
95750openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2016-1444)NessusSuSE Local Security Checks
critical
95711SUSE SLES12 Security Update : java-1_8_0-ibm (SUSE-SU-2016:3078-1)NessusSuSE Local Security Checks
critical
95710SUSE SLES11 Security Update : java-1_7_0-ibm (SUSE-SU-2016:3068-1)NessusSuSE Local Security Checks
critical
95623SUSE SLES12 Security Update : java-1_7_1-ibm (SUSE-SU-2016:3043-1)NessusSuSE Local Security Checks
critical
95608SUSE SLES11 Security Update : java-1_7_1-ibm (SUSE-SU-2016:3041-1)NessusSuSE Local Security Checks
critical
95607SUSE SLES11 Security Update : java-1_6_0-ibm (SUSE-SU-2016:3040-1)NessusSuSE Local Security Checks
critical
95549openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2016-1389)NessusSuSE Local Security Checks
critical
95532openSUSE Security Update : java-1_8_0-openjdk (openSUSE-2016-1380)NessusSuSE Local Security Checks
critical
95423SUSE SLED12 / SLES12 Security Update : java-1_7_0-openjdk (SUSE-SU-2016:2953-1)NessusSuSE Local Security Checks
critical
95311openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2016-1357)NessusSuSE Local Security Checks
critical
95294SUSE SLED12 / SLES12 Security Update : java-1_8_0-openjdk (SUSE-SU-2016:2887-1)NessusSuSE Local Security Checks
critical
95023openSUSE Security Update : java-1_8_0-openjdk (openSUSE-2016-1335)NessusSuSE Local Security Checks
critical
94624RHEL 5 / 6 : java-1.6.0-ibm (RHSA-2016:2659)NessusRed Hat Local Security Checks
critical
94595GLSA-201611-04 : Oracle JRE/JDK: Multiple vulnerabilitiesNessusGentoo Local Security Checks
critical
9712Oracle Java SE 6 < Update 131 / 7 < Update 121 / 8 < Update 112 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
high
94501RHEL 5 : java-1.7.0-ibm (RHSA-2016:2138)NessusRed Hat Local Security Checks
critical
94500RHEL 6 / 7 : java-1.7.1-ibm (RHSA-2016:2137)NessusRed Hat Local Security Checks
critical
94499RHEL 6 / 7 : java-1.8.0-ibm (RHSA-2016:2136)NessusRed Hat Local Security Checks
critical
94190RHEL 5 / 6 / 7 : java-1.6.0-sun (RHSA-2016:2090)NessusRed Hat Local Security Checks
critical
94189RHEL 5 / 6 / 7 : java-1.7.0-oracle (RHSA-2016:2089)NessusRed Hat Local Security Checks
critical
94188RHEL 6 / 7 : java-1.8.0-oracle (RHSA-2016:2088)NessusRed Hat Local Security Checks
critical
94139Oracle Java SE Multiple Vulnerabilities (October 2016 CPU) (Unix)NessusMisc.
critical
94138Oracle Java SE Multiple Vulnerabilities (October 2016 CPU)NessusWindows
critical