CVE-2016-5582

critical
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot, a different vulnerability than CVE-2016-5573.

References

http://rhn.redhat.com/errata/RHSA-2016-2079.html

http://rhn.redhat.com/errata/RHSA-2016-2088.html

http://rhn.redhat.com/errata/RHSA-2016-2089.html

http://rhn.redhat.com/errata/RHSA-2016-2090.html

http://rhn.redhat.com/errata/RHSA-2016-2658.html

http://rhn.redhat.com/errata/RHSA-2017-0061.html

http://www.debian.org/security/2016/dsa-3707

http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

http://www.securityfocus.com/bid/93623

http://www.securitytracker.com/id/1037040

http://www.ubuntu.com/usn/USN-3130-1

http://www.ubuntu.com/usn/USN-3154-1

https://lists.apache.org/thread.html/[email protected]%3Cissues.bookkeeper.apache.org%3E

https://security.gentoo.org/glsa/201611-04

https://security.gentoo.org/glsa/201701-43

https://security.netapp.com/advisory/ntap-20161019-0001/

Details

Source: MITRE

Published: 2016-10-25

Updated: 2020-09-08

Type: CWE-284

Risk Information

CVSS v2

Base Score: 9.3

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 8.6

Severity: HIGH

CVSS v3

Base Score: 9.6

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Impact Score: 6

Exploitability Score: 2.8

Severity: CRITICAL

Tenable Plugins

View all (41 total)

IDNameProductFamilySeverity
127348NewStart CGSL MAIN 4.05 : java-1.8.0-openjdk Multiple Vulnerabilities (NS-SA-2019-0111)NessusNewStart CGSL Local Security Checks
critical
121661Photon OS 1.0: Openjre PHSA-2016-0015NessusPhotonOS Local Security Checks
critical
121660Photon OS 1.0: Openjdk PHSA-2016-0015NessusPhotonOS Local Security Checks
critical
111849Photon OS 1.0: Openjdk / Openjre / Postgresql PHSA-2016-0015 (deprecated)NessusPhotonOS Local Security Checks
critical
101406Virtuozzo 7 : java-1.6.0-openjdk / java-1.6.0-openjdk-demo / etc (VZLSA-2017-0061)NessusVirtuozzo Local Security Checks
critical
99840EulerOS 2.0 SP1 : java-1.7.0-openjdk (EulerOS-SA-2016-1080)NessusHuawei Local Security Checks
critical
97025Amazon Linux AMI : java-1.6.0-openjdk (ALAS-2017-795)NessusAmazon Linux Local Security Checks
critical
96640GLSA-201701-43 : IcedTea: Multiple vulnerabilitiesNessusGentoo Local Security Checks
critical
96526Scientific Linux Security Update : java-1.6.0-openjdk on SL5.x, SL6.x, SL7.x i386/x86_64 (20170113)NessusScientific Linux Local Security Checks
critical
96480RHEL 5 / 6 / 7 : java-1.6.0-openjdk (RHSA-2017:0061)NessusRed Hat Local Security Checks
critical
96476Oracle Linux 5 / 6 / 7 : java-1.6.0-openjdk (ELSA-2017-0061)NessusOracle Linux Local Security Checks
critical
96457CentOS 5 / 6 / 7 : java-1.6.0-openjdk (CESA-2017:0061)NessusCentOS Local Security Checks
critical
95750openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2016-1444)NessusSuSE Local Security Checks
critical
95629Ubuntu 12.04 LTS : openjdk-6 vulnerabilities (USN-3154-1)NessusUbuntu Local Security Checks
critical
95549openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2016-1389)NessusSuSE Local Security Checks
critical
95532openSUSE Security Update : java-1_8_0-openjdk (openSUSE-2016-1380)NessusSuSE Local Security Checks
critical
95423SUSE SLED12 / SLES12 Security Update : java-1_7_0-openjdk (SUSE-SU-2016:2953-1)NessusSuSE Local Security Checks
critical
95311openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2016-1357)NessusSuSE Local Security Checks
critical
95294SUSE SLED12 / SLES12 Security Update : java-1_8_0-openjdk (SUSE-SU-2016:2887-1)NessusSuSE Local Security Checks
critical
95023openSUSE Security Update : java-1_8_0-openjdk (openSUSE-2016-1335)NessusSuSE Local Security Checks
critical
94977Amazon Linux AMI : java-1.7.0-openjdk (ALAS-2016-771)NessusAmazon Linux Local Security Checks
critical
94954Ubuntu 14.04 LTS : openjdk-7 vulnerabilities (USN-3130-1)NessusUbuntu Local Security Checks
critical
94740CentOS 5 / 6 / 7 : java-1.7.0-openjdk (CESA-2016:2658)NessusCentOS Local Security Checks
critical
94627Scientific Linux Security Update : java-1.7.0-openjdk on SL5.x, SL6.x i386/x86_64 (20161107)NessusScientific Linux Local Security Checks
critical
94623RHEL 5 / 6 / 7 : java-1.7.0-openjdk (RHSA-2016:2658)NessusRed Hat Local Security Checks
critical
94621Oracle Linux 5 / 6 / 7 : java-1.7.0-openjdk (ELSA-2016-2658)NessusOracle Linux Local Security Checks
critical
94613Debian DSA-3707-1 : openjdk-7 - security updateNessusDebian Local Security Checks
critical
94595GLSA-201611-04 : Oracle JRE/JDK: Multiple vulnerabilitiesNessusGentoo Local Security Checks
critical
94587Debian DLA-704-1 : openjdk-7 security updateNessusDebian Local Security Checks
critical
9712Oracle Java SE 6 < Update 131 / 7 < Update 121 / 8 < Update 112 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
high
94510Ubuntu 16.04 LTS / 16.10 : openjdk-8 vulnerabilities (USN-3121-1)NessusUbuntu Local Security Checks
critical
94341Amazon Linux AMI : java-1.8.0-openjdk (ALAS-2016-759)NessusAmazon Linux Local Security Checks
critical
94190RHEL 5 / 6 / 7 : java-1.6.0-sun (RHSA-2016:2090)NessusRed Hat Local Security Checks
critical
94189RHEL 5 / 6 / 7 : java-1.7.0-oracle (RHSA-2016:2089)NessusRed Hat Local Security Checks
critical
94188RHEL 6 / 7 : java-1.8.0-oracle (RHSA-2016:2088)NessusRed Hat Local Security Checks
critical
94151Scientific Linux Security Update : java-1.8.0-openjdk on SL6.x, SL7.x i386/x86_64 (20161019)NessusScientific Linux Local Security Checks
critical
94150RHEL 6 / 7 : java-1.8.0-openjdk (RHSA-2016:2079)NessusRed Hat Local Security Checks
critical
94149Oracle Linux 6 / 7 : java-1.8.0-openjdk (ELSA-2016-2079)NessusOracle Linux Local Security Checks
critical
94140CentOS 6 / 7 : java-1.8.0-openjdk (CESA-2016:2079)NessusCentOS Local Security Checks
critical
94139Oracle Java SE Multiple Vulnerabilities (October 2016 CPU) (Unix)NessusMisc.
critical
94138Oracle Java SE Multiple Vulnerabilities (October 2016 CPU)NessusWindows
critical