ID CVE-2016-3449
Summary Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Deployment.
References
Vulnerable Configurations
  • Oracle JDK 1.6.0 Update 113
    cpe:2.3:a:oracle:jdk:1.6.0:update_113
  • Oracle JDK 1.7.0 Update 99
    cpe:2.3:a:oracle:jdk:1.7.0:update_99
  • Oracle JDK 1.8.0 Update 77
    cpe:2.3:a:oracle:jdk:1.8.0:update_77
  • Oracle JRE 1.6.0 Update 113
    cpe:2.3:a:oracle:jre:1.6.0:update_113
  • Oracle JRE 1.7.0 Update 99
    cpe:2.3:a:oracle:jre:1.7.0:update_99
  • Oracle JRE 1.8.0 Update 77
    cpe:2.3:a:oracle:jre:1.8.0:update_77
CVSS
Base: 7.6 (as of 18-08-2016 - 09:24)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK HIGH NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
nessus via4
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2016-1430.NASL
    description An update for java-1.7.0-ibm and java-1.7.1-ibm is now available for Red Hat Satellite 5.7 and Red Hat Satellite 5.6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to versions 7 SR9-FP40 and 7R1 SR3-FP40. Security Fix(es) : * This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Security alerts page, listed in the References section. (CVE-2015-4734, CVE-2015-4803, CVE-2015-4805, CVE-2015-4806, CVE-2015-4810, CVE-2015-4835, CVE-2015-4840, CVE-2015-4842, CVE-2015-4843, CVE-2015-4844, CVE-2015-4860, CVE-2015-4871, CVE-2015-4872, CVE-2015-4882, CVE-2015-4883, CVE-2015-4893, CVE-2015-4902, CVE-2015-4903, CVE-2015-5006, CVE-2015-5041, CVE-2015-7575, CVE-2015-7981, CVE-2015-8126, CVE-2015-8472, CVE-2015-8540, CVE-2016-0264, CVE-2016-0363, CVE-2016-0376, CVE-2016-0402, CVE-2016-0448, CVE-2016-0466, CVE-2016-0483, CVE-2016-0494, CVE-2016-0686, CVE-2016-0687, CVE-2016-3422, CVE-2016-3426, CVE-2016-3427, CVE-2016-3443, CVE-2016-3449) Red Hat would like to thank Andrea Palazzo of Truel IT for reporting the CVE-2015-4806 issue.
    last seen 2019-02-21
    modified 2018-12-27
    plugin id 92400
    published 2016-07-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=92400
    title RHEL 5 / 6 : java-1.7.0-ibm and java-1.7.1-ibm (RHSA-2016:1430) (SLOTH)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2017-1216.NASL
    description An update for java-1.7.1-ibm is now available for Red Hat Satellite 5.7 and Red Hat Satellite 5.6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP1. Security Fix(es) : * This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Security alerts page, listed in the References section. (CVE-2016-2183, CVE-2017-3272, CVE-2017-3289, CVE-2017-3253, CVE-2017-3261, CVE-2017-3231, CVE-2016-5547, CVE-2016-5552, CVE-2017-3252, CVE-2016-5546, CVE-2016-5548, CVE-2016-5549, CVE-2017-3241, CVE-2017-3259, CVE-2016-5573, CVE-2016-5554, CVE-2016-5542, CVE-2016-5597, CVE-2016-5556, CVE-2016-3598, CVE-2016-3511, CVE-2016-0363, CVE-2016-0686, CVE-2016-0687, CVE-2016-3426, CVE-2016-3427, CVE-2016-3443, CVE-2016-3449, CVE-2016-3422, CVE-2016-0376, CVE-2016-0264)
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 100094
    published 2017-05-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=100094
    title RHEL 6 : java-1.7.1-ibm (RHSA-2017:1216)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2016-0678.NASL
    description An update for java-1.7.0-oracle is now available for Oracle Java for Red Hat Enterprise Linux 5, Oracle Java for Red Hat Enterprise Linux 6, and Oracle Java for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 7 to version 7 Update 101. Security Fix(es) : * This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section. (CVE-2016-0686, CVE-2016-0687, CVE-2016-0695, CVE-2016-3422, CVE-2016-3425, CVE-2016-3427, CVE-2016-3443, CVE-2016-3449)
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 90671
    published 2016-04-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=90671
    title RHEL 5 / 6 / 7 : java-1.7.0-oracle (RHSA-2016:0678)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2016-0679.NASL
    description An update for java-1.6.0-sun is now available for Oracle Java for Red Hat Enterprise Linux 5, Oracle Java for Red Hat Enterprise Linux 6, and Oracle Java for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Oracle Java SE version 6 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 6 to version 6 Update 115. Security Fix(es) : * This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section. (CVE-2016-0686, CVE-2016-0687, CVE-2016-0695, CVE-2016-3422, CVE-2016-3425, CVE-2016-3427, CVE-2016-3443, CVE-2016-3449)
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 90672
    published 2016-04-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=90672
    title RHEL 5 / 6 / 7 : java-1.6.0-sun (RHSA-2016:0679)
  • NASL family Windows
    NASL id ORACLE_JAVA_CPU_APR_2016.NASL
    description The version of Oracle (formerly Sun) Java SE or Java for Business installed on the remote host is prior to 8 Update 91, 7 Update 101, or 6 Update 115. It is, therefore, affected by security vulnerabilities in the following subcomponents : - 2D - Deployment - Hotspot - JAXP - JCE - JMX - Security - Serialization
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 90625
    published 2016-04-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=90625
    title Oracle Java SE Multiple Vulnerabilities (April 2016 CPU)
  • NASL family Misc.
    NASL id ORACLE_JAVA_CPU_APR_2016_UNIX.NASL
    description The version of Oracle (formerly Sun) Java SE or Java for Business installed on the remote host is prior to 8 Update 91, 7 Update 101, or 6 Update 115. It is, therefore, affected by security vulnerabilities in the following subcomponents : - 2D - Deployment - Hotspot - JAXP - JCE - JMX - Security - Serialization
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 90626
    published 2016-04-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=90626
    title Oracle Java SE Multiple Vulnerabilities (April 2016 CPU) (Unix)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2016-1378-1.NASL
    description This IBM Java 1.7.0 SR9 FP40 release fixes the following issues : Security issues fixed : - CVE-2016-0264: buffer overflow vulnerability in the IBM JVM (bsc#977648) - CVE-2016-0363: insecure use of invoke method in CORBA component, incorrect CVE-2013-3009 fix (bsc#977650) - CVE-2016-0376: insecure deserialization in CORBA, incorrect CVE-2013-5456 fix (bsc#977646) - The following CVEs got also fixed during this update. (bsc#979252) CVE-2016-3443, CVE-2016-0687, CVE-2016-0686, CVE-2016-3427, CVE-2016-3449, CVE-2016-3422, CVE-2016-3426 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-29
    plugin id 91308
    published 2016-05-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=91308
    title SUSE SLES11 Security Update : java-1_7_0-ibm (SUSE-SU-2016:1378-1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2016-1388-1.NASL
    description This IBM Java 1.6.0 SR16 FP25 release fixes the following issues : Security issues fixed : CVE-2016-0264: buffer overflow vulnerability in the IBM JVM (bsc#977648) CVE-2016-0363: insecure use of invoke method in CORBA component, incorrect CVE-2013-3009 fix (bsc#977650) CVE-2016-0376: insecure deserialization in CORBA, incorrect CVE-2013-5456 fix (bsc#977646) The following CVEs got also fixed during this update. (bsc#979252) CVE-2016-3443, CVE-2016-0687, CVE-2016-0686, CVE-2016-3427, CVE-2016-3449, CVE-2016-3422, CVE-2016-3426 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-29
    plugin id 91319
    published 2016-05-25
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=91319
    title SUSE SLES10 Security Update : IBM Java 1.6.0 (SUSE-SU-2016:1388-1)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2016-1039.NASL
    description An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR3. Security Fix(es) : * This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Security alerts page, listed in the References section. (CVE-2016-0264, CVE-2016-0363, CVE-2016-0376, CVE-2016-0686, CVE-2016-0687, CVE-2016-3422, CVE-2016-3426, CVE-2016-3427, CVE-2016-3443, CVE-2016-3449)
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 91079
    published 2016-05-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=91079
    title RHEL 6 : java-1.8.0-ibm (RHSA-2016:1039)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2016-0701.NASL
    description An update for java-1.7.1-ibm is now available for Red Hat Enterprise Linux 6 Supplementary and Red Hat Enterprise Linux 7 Supplementary. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR3-FP40. Security Fix(es) : * This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Security alerts page, listed in the References section. (CVE-2016-0264, CVE-2016-0363, CVE-2016-0376, CVE-2016-0686, CVE-2016-0687, CVE-2016-3422, CVE-2016-3426, CVE-2016-3427, CVE-2016-3443, CVE-2016-3449)
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 90818
    published 2016-05-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=90818
    title RHEL 6 / 7 : java-1.7.1-ibm (RHSA-2016:0701)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2016-1379-1.NASL
    description This IBM Java 1.6.0 SR16 FP25 release fixes the following issues : Security issues fixed : - CVE-2016-0264: buffer overflow vulnerability in the IBM JVM (bsc#977648) - CVE-2016-0363: insecure use of invoke method in CORBA component, incorrect CVE-2013-3009 fix (bsc#977650) - CVE-2016-0376: insecure deserialization in CORBA, incorrect CVE-2013-5456 fix (bsc#977646) - The following CVEs got also fixed during this update. (bsc#979252) CVE-2016-3443, CVE-2016-0687, CVE-2016-0686, CVE-2016-3427, CVE-2016-3449, CVE-2016-3422, CVE-2016-3426 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-29
    plugin id 91309
    published 2016-05-24
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=91309
    title SUSE SLES11 Security Update : java-1_6_0-ibm (SUSE-SU-2016:1379-1)
  • NASL family AIX Local Security Checks
    NASL id AIX_JAVA_APRIL2016_ADVISORY.NASL
    description The version of Java SDK installed on the remote AIX host is affected by multiple vulnerabilities in the following components : - 2D - Deployment - Hotspot - JCE - JMX - JVM - ORB - SDK - Serialization
    last seen 2019-02-21
    modified 2018-07-17
    plugin id 91103
    published 2016-05-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=91103
    title AIX Java Advisory : java_april2016_advisory.asc (April 2016 CPU)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2016-1303-1.NASL
    description This IBM Java 1.6.0 SR16 FP25 release fixes the following issues : Security issues fixed : - CVE-2016-0264: buffer overflow vulnerability in the IBM JVM (bsc#977648) - CVE-2016-0363: insecure use of invoke method in CORBA component, incorrect CVE-2013-3009 fix (bsc#977650) - CVE-2016-0376: insecure deserialization in CORBA, incorrect CVE-2013-5456 fix (bsc#977646) - The following CVEs got also fixed during this update. (bsc#979252) CVE-2016-3443, CVE-2016-0687, CVE-2016-0686, CVE-2016-3427, CVE-2016-3449, CVE-2016-3422, CVE-2016-3426 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 119977
    published 2019-01-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=119977
    title SUSE SLES12 Security Update : java-1_6_0-ibm (SUSE-SU-2016:1303-1)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2016-0677.NASL
    description An update for java-1.8.0-oracle is now available for Oracle Java for Red Hat Enterprise Linux 6 and Oracle Java for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Oracle Java SE version 8 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 8 to version 8 Update 91. Security Fix(es) : * This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section. (CVE-2016-0686, CVE-2016-0687, CVE-2016-0695, CVE-2016-3422, CVE-2016-3425, CVE-2016-3426, CVE-2016-3427, CVE-2016-3443, CVE-2016-3449)
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 90670
    published 2016-04-22
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=90670
    title RHEL 6 / 7 : java-1.8.0-oracle (RHSA-2016:0677)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2016-0708.NASL
    description An update for java-1.6.0-ibm is now available for Red Hat Enterprise Linux 5 Supplementary and Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 6 to version 6 SR16-FP25. Security Fix(es) : * This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Security alerts page, listed in the References section. (CVE-2016-0264, CVE-2016-0363, CVE-2016-0376, CVE-2016-0686, CVE-2016-0687, CVE-2016-3422, CVE-2016-3426, CVE-2016-3427, CVE-2016-3443, CVE-2016-3449)
    last seen 2019-02-21
    modified 2018-12-27
    plugin id 90853
    published 2016-05-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=90853
    title RHEL 5 / 6 : java-1.6.0-ibm (RHSA-2016:0708)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2016-0702.NASL
    description An update for java-1.7.0-ibm is now available for Red Hat Enterprise Linux 5 Supplementary. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7 SR9-FP40. Security Fix(es) : * This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Security alerts page, listed in the References section. (CVE-2016-0264, CVE-2016-0363, CVE-2016-0376, CVE-2016-0686, CVE-2016-0687, CVE-2016-3422, CVE-2016-3426, CVE-2016-3427, CVE-2016-3443, CVE-2016-3449)
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 90819
    published 2016-05-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=90819
    title RHEL 5 : java-1.7.0-ibm (RHSA-2016:0702)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2016-0716.NASL
    description An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 7 Supplementary. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR3. Security Fix(es) : * This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further information about these flaws can be found on the IBM Java Security alerts page, listed in the References section. (CVE-2016-0264, CVE-2016-0363, CVE-2016-0376, CVE-2016-0686, CVE-2016-0687, CVE-2016-3422, CVE-2016-3426, CVE-2016-3427, CVE-2016-3443, CVE-2016-3449)
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 90882
    published 2016-05-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=90882
    title RHEL 7 : java-1.8.0-ibm (RHSA-2016:0716)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2016-1299-1.NASL
    description This IBM Java 1.7.1 SR3 FP40 release fixes the following issues : Security issues fixed : - CVE-2016-0264: buffer overflow vulnerability in the IBM JVM (bsc#977648) - CVE-2016-0363: insecure use of invoke method in CORBA component, incorrect CVE-2013-3009 fix (bsc#977650) - CVE-2016-0376: insecure deserialization in CORBA, incorrect CVE-2013-5456 fix (bsc#977646) - The following CVEs got also fixed during this update. (bsc#979252) CVE-2016-3443, CVE-2016-0687, CVE-2016-0686, CVE-2016-3427, CVE-2016-3449, CVE-2016-3422, CVE-2016-3426 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-29
    plugin id 91160
    published 2016-05-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=91160
    title SUSE SLES12 Security Update : java-1_7_1-ibm (SUSE-SU-2016:1299-1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2016-1300-1.NASL
    description This IBM Java 1.7.1 SR3 FP40 relese fixes the following issues : Security issues fixed : - CVE-2016-0264: buffer overflow vulnerability in the IBM JVM (bsc#977648) - CVE-2016-0363: insecure use of invoke method in CORBA component, incorrect CVE-2013-3009 fix (bsc#977650) - CVE-2016-0376: insecure deserialization in CORBA, incorrect CVE-2013-5456 fix (bsc#977646) - The following CVEs got also fixed during this update. (bsc#979252) CVE-2016-3443, CVE-2016-0687, CVE-2016-0686, CVE-2016-3427, CVE-2016-3449, CVE-2016-3422, CVE-2016-3426 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-29
    plugin id 91161
    published 2016-05-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=91161
    title SUSE SLES11 Security Update : java-1_7_1-ibm (SUSE-SU-2016:1300-1)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-201606-18.NASL
    description The remote host is affected by the vulnerability described in GLSA-201606-18 (IcedTea: Multiple vulnerabilities) Various OpenJDK attack vectors in IcedTea, such as 2D, Corba, Hotspot, Libraries, and JAXP, exist which allows remote attackers to affect the confidentiality, integrity, and availability of vulnerable systems. Many of the vulnerabilities can only be exploited through sandboxed Java Web Start applications and java applets. Please review the CVE identifiers referenced below for details. Impact : Remote attackers may execute arbitrary code, compromise information, or cause Denial of Service. Workaround : There is no known work around at this time.
    last seen 2019-02-21
    modified 2017-02-01
    plugin id 91863
    published 2016-06-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=91863
    title GLSA-201606-18 : IcedTea: Multiple vulnerabilities
redhat via4
advisories
  • rhsa
    id RHSA-2016:0677
  • rhsa
    id RHSA-2016:0678
  • rhsa
    id RHSA-2016:0679
  • rhsa
    id RHSA-2016:0701
  • rhsa
    id RHSA-2016:0702
  • rhsa
    id RHSA-2016:0708
  • rhsa
    id RHSA-2016:0716
  • rhsa
    id RHSA-2016:1039
  • rhsa
    id RHSA-2016:1430
  • rhsa
    id RHSA-2017:1216
refmap via4
bid 86485
confirm
gentoo GLSA-201606-18
sectrack 1035596
suse
  • SUSE-SU-2016:1299
  • SUSE-SU-2016:1300
  • SUSE-SU-2016:1303
  • SUSE-SU-2016:1378
  • SUSE-SU-2016:1379
  • SUSE-SU-2016:1388
  • SUSE-SU-2016:1458
  • SUSE-SU-2016:1475
Last major update 02-12-2016 - 22:27
Published 21-04-2016 - 07:00
Last modified 04-01-2018 - 21:30
Back to Top