ID CVE-2016-8328
Summary Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java Mission Control). The supported version that is affected is Java SE: 8u112. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data. Note: Applies to Java Mission Control Installation. CVSS v3.0 Base Score 3.7 (Integrity impacts).
References
Vulnerable Configurations
  • cpe:2.3:a:oracle:jdk:1.8:update_112:*:*:*:*:*:*
    cpe:2.3:a:oracle:jdk:1.8:update_112:*:*:*:*:*:*
  • cpe:2.3:a:oracle:jre:1.8:update_112:*:*:*:*:*:*
    cpe:2.3:a:oracle:jre:1.8:update_112:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 05-01-2018 - 02:31)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:P/A:N
redhat via4
advisories
rhsa
id RHSA-2017:0175
rpms
  • java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8
  • java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3
  • java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8
  • java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3
  • java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8
  • java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3
  • java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8
  • java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3
  • java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8
  • java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3
  • java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8
  • java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3
refmap via4
bid 95581
confirm
gentoo GLSA-201701-65
sectrack 1037637
Last major update 05-01-2018 - 02:31
Published 27-01-2017 - 22:59
Last modified 05-01-2018 - 02:31
Back to Top