- Home
- CVEs with nessus.description==The version of Oracle (formerly Sun) Java SE or Java for Business
installed on the remote host is prior to 8 Update 101, 7 Update 111,
or 6 Update 121. It is, therefore, affected by multiple
vulnerabilities :
- An unspecified flaw exists in the CORBA subcomponent
that allows an unauthenticated, remote attacker to
impact integrity. (CVE-2016-3458)
- An unspecified flaw exists in the Networking
subcomponent that allows a local attacker to impact
integrity. (CVE-2016-3485)
- An unspecified flaw exists in the JavaFX subcomponent
that allows an unauthenticated, remote attacker to cause
a denial of service condition. (CVE-2016-3498)
- An unspecified flaw exists in the JAXP subcomponent that
allows an unauthenticated, remote attacker to cause a
denial of service condition. (CVE-2016-3500)
- An unspecified flaw exists in the Install subcomponent
that allows a local attacker to gain elevated
privileges. (CVE-2016-3503)
- An unspecified flaw exists in the JAXP subcomponent that
allows an unauthenticated, remote attacker to cause a
denial of service condition. (CVE-2016-3508)
- An unspecified flaw exists in the Deployment
subcomponent that allows a local attacker to gain
elevated privileges. (CVE-2016-3511)
- An unspecified flaw exists in the Hotspot subcomponent
that allows an unauthenticated, remote attacker to
disclose potentially sensitive information.
(CVE-2016-3550)
- An unspecified flaw exists in the Install subcomponent
that allows a local attacker to gain elevated
privileges. (CVE-2016-3552)
- A flaw exists in the Hotspot subcomponent due to
improper access to the MethodHandle::invokeBasic()
function. An unauthenticated, remote attacker can
exploit this to execute arbitrary code. (CVE-2016-3587)
- A flaw exists in the Libraries subcomponent within the
MethodHandles::dropArguments() function that allows an
unauthenticated, remote attacker to execute arbitrary
code. (CVE-2016-3598)
- A flaw exists in the Hotspot subcomponent within the
ClassVerifier::ends_in_athrow() function when handling
bytecode verification. An unauthenticated, remote
attacker can exploit this to execute arbitrary code.
(CVE-2016-3606)
- An unspecified flaw exists in the Libraries subcomponent
that allows an unauthenticated, remote attacker to
execute arbitrary code. (CVE-2016-3610)
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top