Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2016-AVI-027
Vulnerability from certfr_avis
De multiples vulnérabilités ont été corrigées dans Oracle Java SE. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance, une atteinte à la confidentialité des données et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
Title | Publication Time | Tags | |||
---|---|---|---|---|---|
|
{ "$ref": "https://www.cert.ssi.gouv.fr/openapi.json", "affected_systems": [ { "description": "JRockit versions R28.3.8 et ant\u00e9rieures", "product": { "name": "Java SE", "vendor": { "name": "Oracle", "scada": false } } }, { "description": "Java SE Embedded versions 8u65 et ant\u00e9rieures", "product": { "name": "Java SE", "vendor": { "name": "Oracle", "scada": false } } }, { "description": "Java SE versions 6u105, 7u91, 8u66 et ant\u00e9rieures", "product": { "name": "Java SE", "vendor": { "name": "Oracle", "scada": false } } } ], "affected_systems_content": null, "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n", "cves": [ { "name": "CVE-2016-0494", "url": "https://www.cve.org/CVERecord?id=CVE-2016-0494" }, { "name": "CVE-2016-0448", "url": "https://www.cve.org/CVERecord?id=CVE-2016-0448" }, { "name": "CVE-2016-0483", "url": "https://www.cve.org/CVERecord?id=CVE-2016-0483" }, { "name": "CVE-2016-0475", "url": "https://www.cve.org/CVERecord?id=CVE-2016-0475" }, { "name": "CVE-2016-0402", "url": "https://www.cve.org/CVERecord?id=CVE-2016-0402" }, { "name": "CVE-2015-8126", "url": "https://www.cve.org/CVERecord?id=CVE-2015-8126" }, { "name": "CVE-2015-7575", "url": "https://www.cve.org/CVERecord?id=CVE-2015-7575" }, { "name": "CVE-2016-0466", "url": "https://www.cve.org/CVERecord?id=CVE-2016-0466" } ], "initial_release_date": "2016-01-20T00:00:00", "last_revision_date": "2016-01-20T00:00:00", "links": [], "reference": "CERTFR-2016-AVI-027", "revisions": [ { "description": "version initiale.", "revision_date": "2016-01-20T00:00:00.000000" } ], "risks": [ { "description": "D\u00e9ni de service \u00e0 distance" }, { "description": "Ex\u00e9cution de code arbitraire \u00e0 distance" }, { "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es" }, { "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es" } ], "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eOracle Java SE\u003c/span\u003e. Certaines d\u0027entre elles permettent\n\u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance,\nun d\u00e9ni de service \u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des\ndonn\u00e9es et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n", "title": "Multiples vuln\u00e9rabilit\u00e9s dans Oracle Java SE", "vendor_advisories": [ { "published_at": null, "title": "Bulletin de s\u00e9curit\u00e9 Oracle du 19 janvier 2016", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" } ] }
CVE-2016-0402 (GCVE-0-2016-0402)
Vulnerability from cvelistv5
Published
2016-01-21 02:00
Modified
2024-08-05 22:15
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect integrity via unknown vectors related to Networking.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:15:24.209Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "openSUSE-SU-2016:0272", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html" }, { "name": "81096", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/81096" }, { "name": "1034715", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034715" }, { "name": "openSUSE-SU-2016:0279", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html" }, { "name": "GLSA-201610-08", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201610-08" }, { "name": "USN-2884-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-2884-1" }, { "name": "DSA-3465", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2016/dsa-3465" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "name": "USN-2885-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-2885-1" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" }, { "name": "RHSA-2016:1430", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1430" }, { "name": "RHSA-2016:0049", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0049.html" }, { "name": "openSUSE-SU-2016:0270", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html" }, { "name": "RHSA-2016:0053", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0053.html" }, { "name": "SUSE-SU-2016:0269", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html" }, { "name": "RHSA-2016:0067", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0067.html" }, { "name": "openSUSE-SU-2016:0263", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html" }, { "name": "SUSE-SU-2016:0256", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html" }, { "name": "GLSA-201603-14", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201603-14" }, { "name": "RHSA-2016:0057", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0057.html" }, { "name": "RHSA-2016:0055", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0055.html" }, { "name": "RHSA-2016:0054", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0054.html" }, { "name": "RHSA-2016:0056", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0056.html" }, { "name": "openSUSE-SU-2016:0268", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html" }, { "name": "RHSA-2016:0050", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0050.html" }, { "name": "DSA-3458", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2016/dsa-3458" }, { "name": "SUSE-SU-2016:0265", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-01-19T00:00:00", "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect integrity via unknown vectors related to Networking." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-06-30T16:57:01", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle" }, "references": [ { "name": "openSUSE-SU-2016:0272", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html" }, { "name": "81096", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/81096" }, { "name": "1034715", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034715" }, { "name": "openSUSE-SU-2016:0279", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html" }, { "name": "GLSA-201610-08", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201610-08" }, { "name": "USN-2884-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-2884-1" }, { "name": "DSA-3465", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2016/dsa-3465" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "name": "USN-2885-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-2885-1" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" }, { "name": "RHSA-2016:1430", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1430" }, { "name": "RHSA-2016:0049", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0049.html" }, { "name": "openSUSE-SU-2016:0270", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html" }, { "name": "RHSA-2016:0053", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0053.html" }, { "name": "SUSE-SU-2016:0269", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html" }, { "name": "RHSA-2016:0067", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0067.html" }, { "name": "openSUSE-SU-2016:0263", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html" }, { "name": "SUSE-SU-2016:0256", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html" }, { "name": "GLSA-201603-14", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201603-14" }, { "name": "RHSA-2016:0057", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0057.html" }, { "name": "RHSA-2016:0055", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0055.html" }, { "name": "RHSA-2016:0054", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0054.html" }, { "name": "RHSA-2016:0056", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0056.html" }, { "name": "openSUSE-SU-2016:0268", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html" }, { "name": "RHSA-2016:0050", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0050.html" }, { "name": "DSA-3458", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2016/dsa-3458" }, { "name": "SUSE-SU-2016:0265", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert_us@oracle.com", "ID": "CVE-2016-0402", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect integrity via unknown vectors related to Networking." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "openSUSE-SU-2016:0272", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html" }, { "name": "81096", "refsource": "BID", "url": "http://www.securityfocus.com/bid/81096" }, { "name": "1034715", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034715" }, { "name": "openSUSE-SU-2016:0279", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html" }, { "name": "GLSA-201610-08", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201610-08" }, { "name": "USN-2884-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2884-1" }, { "name": "DSA-3465", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2016/dsa-3465" }, { "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "name": "USN-2885-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2885-1" }, { "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" }, { "name": "RHSA-2016:1430", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1430" }, { "name": "RHSA-2016:0049", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0049.html" }, { "name": "openSUSE-SU-2016:0270", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html" }, { "name": "RHSA-2016:0053", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0053.html" }, { "name": "SUSE-SU-2016:0269", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html" }, { "name": "RHSA-2016:0067", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0067.html" }, { "name": "openSUSE-SU-2016:0263", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html" }, { "name": "SUSE-SU-2016:0256", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html" }, { "name": "GLSA-201603-14", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201603-14" }, { "name": "RHSA-2016:0057", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0057.html" }, { "name": "RHSA-2016:0055", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0055.html" }, { "name": "RHSA-2016:0054", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0054.html" }, { "name": "RHSA-2016:0056", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0056.html" }, { "name": "openSUSE-SU-2016:0268", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html" }, { "name": "RHSA-2016:0050", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0050.html" }, { "name": "DSA-3458", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2016/dsa-3458" }, { "name": "SUSE-SU-2016:0265", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2016-0402", "datePublished": "2016-01-21T02:00:00", "dateReserved": "2015-12-09T00:00:00", "dateUpdated": "2024-08-05T22:15:24.209Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2016-0466 (GCVE-0-2016-0466)
Vulnerability from cvelistv5
Published
2016-01-21 02:00
Modified
2024-08-05 22:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in the Java SE, Java SE Embedded, and JRockit components in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect availability via vectors related to JAXP.
References
URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:22:54.926Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "openSUSE-SU-2016:0272", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html" }, { "name": "1034715", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034715" }, { "name": "openSUSE-SU-2016:0279", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html" }, { "name": "81118", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/81118" }, { "name": "GLSA-201610-08", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201610-08" }, { "name": "USN-2884-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-2884-1" }, { "name": "DSA-3465", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2016/dsa-3465" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "name": "USN-2885-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-2885-1" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" }, { "name": "RHSA-2016:1430", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1430" }, { "name": "RHSA-2016:0049", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0049.html" }, { "name": "openSUSE-SU-2016:0270", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10148" }, { "name": "RHSA-2016:0053", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0053.html" }, { "name": "SUSE-SU-2016:0269", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html" }, { "name": "RHSA-2016:0067", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0067.html" }, { "name": "openSUSE-SU-2016:0263", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html" }, { "name": "SUSE-SU-2016:0256", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html" }, { "name": "GLSA-201603-14", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201603-14" }, { "name": "RHSA-2016:0057", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0057.html" }, { "name": "RHSA-2016:0055", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0055.html" }, { "name": "RHSA-2016:0054", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0054.html" }, { "name": "RHSA-2016:0056", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0056.html" }, { "name": "openSUSE-SU-2016:0268", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html" }, { "name": "RHSA-2016:0050", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0050.html" }, { "name": "DSA-3458", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2016/dsa-3458" }, { "name": "SUSE-SU-2016:0265", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-01-19T00:00:00", "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in the Java SE, Java SE Embedded, and JRockit components in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect availability via vectors related to JAXP." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-06-30T16:57:01", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle" }, "references": [ { "name": "openSUSE-SU-2016:0272", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html" }, { "name": "1034715", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034715" }, { "name": "openSUSE-SU-2016:0279", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html" }, { "name": "81118", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/81118" }, { "name": "GLSA-201610-08", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201610-08" }, { "name": "USN-2884-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-2884-1" }, { "name": "DSA-3465", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2016/dsa-3465" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "name": "USN-2885-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-2885-1" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" }, { "name": "RHSA-2016:1430", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1430" }, { "name": "RHSA-2016:0049", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0049.html" }, { "name": "openSUSE-SU-2016:0270", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10148" }, { "name": "RHSA-2016:0053", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0053.html" }, { "name": "SUSE-SU-2016:0269", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html" }, { "name": "RHSA-2016:0067", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0067.html" }, { "name": "openSUSE-SU-2016:0263", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html" }, { "name": "SUSE-SU-2016:0256", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html" }, { "name": "GLSA-201603-14", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201603-14" }, { "name": "RHSA-2016:0057", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0057.html" }, { "name": "RHSA-2016:0055", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0055.html" }, { "name": "RHSA-2016:0054", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0054.html" }, { "name": "RHSA-2016:0056", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0056.html" }, { "name": "openSUSE-SU-2016:0268", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html" }, { "name": "RHSA-2016:0050", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0050.html" }, { "name": "DSA-3458", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2016/dsa-3458" }, { "name": "SUSE-SU-2016:0265", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert_us@oracle.com", "ID": "CVE-2016-0466", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Unspecified vulnerability in the Java SE, Java SE Embedded, and JRockit components in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect availability via vectors related to JAXP." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "openSUSE-SU-2016:0272", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html" }, { "name": "1034715", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034715" }, { "name": "openSUSE-SU-2016:0279", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html" }, { "name": "81118", "refsource": "BID", "url": "http://www.securityfocus.com/bid/81118" }, { "name": "GLSA-201610-08", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201610-08" }, { "name": "USN-2884-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2884-1" }, { "name": "DSA-3465", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2016/dsa-3465" }, { "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "name": "USN-2885-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2885-1" }, { "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" }, { "name": "RHSA-2016:1430", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1430" }, { "name": "RHSA-2016:0049", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0049.html" }, { "name": "openSUSE-SU-2016:0270", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html" }, { "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10148", "refsource": "CONFIRM", "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10148" }, { "name": "RHSA-2016:0053", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0053.html" }, { "name": "SUSE-SU-2016:0269", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html" }, { "name": "RHSA-2016:0067", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0067.html" }, { "name": "openSUSE-SU-2016:0263", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html" }, { "name": "SUSE-SU-2016:0256", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html" }, { "name": "GLSA-201603-14", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201603-14" }, { "name": "RHSA-2016:0057", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0057.html" }, { "name": "RHSA-2016:0055", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0055.html" }, { "name": "RHSA-2016:0054", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0054.html" }, { "name": "RHSA-2016:0056", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0056.html" }, { "name": "openSUSE-SU-2016:0268", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html" }, { "name": "RHSA-2016:0050", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0050.html" }, { "name": "DSA-3458", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2016/dsa-3458" }, { "name": "SUSE-SU-2016:0265", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2016-0466", "datePublished": "2016-01-21T02:00:00", "dateReserved": "2015-12-09T00:00:00", "dateUpdated": "2024-08-05T22:22:54.926Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2016-0494 (GCVE-0-2016-0494)
Vulnerability from cvelistv5
Published
2016-01-21 02:00
Modified
2024-08-05 22:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
References
URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:22:55.218Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "openSUSE-SU-2016:0272", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html" }, { "name": "1034715", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034715" }, { "name": "openSUSE-SU-2016:0279", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html" }, { "name": "GLSA-201610-08", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201610-08" }, { "name": "USN-2884-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-2884-1" }, { "name": "DSA-3465", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2016/dsa-3465" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "name": "USN-2885-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-2885-1" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" }, { "name": "RHSA-2016:1430", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1430" }, { "name": "RHSA-2016:0049", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0049.html" }, { "name": "openSUSE-SU-2016:0270", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html" }, { "name": "RHSA-2016:0053", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0053.html" }, { "name": "SUSE-SU-2016:0269", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html" }, { "name": "RHSA-2016:0067", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0067.html" }, { "name": "openSUSE-SU-2016:0263", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html" }, { "name": "SUSE-SU-2016:0256", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html" }, { "name": "GLSA-201603-14", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201603-14" }, { "name": "RHSA-2016:0057", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0057.html" }, { "name": "RHSA-2016:0055", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0055.html" }, { "name": "RHSA-2016:0054", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0054.html" }, { "name": "RHSA-2016:0056", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0056.html" }, { "name": "openSUSE-SU-2016:0268", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html" }, { "name": "RHSA-2016:0050", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0050.html" }, { "name": "DSA-3458", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2016/dsa-3458" }, { "name": "SUSE-SU-2016:0265", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-01-19T00:00:00", "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-06-30T16:57:01", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle" }, "references": [ { "name": "openSUSE-SU-2016:0272", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html" }, { "name": "1034715", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034715" }, { "name": "openSUSE-SU-2016:0279", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html" }, { "name": "GLSA-201610-08", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201610-08" }, { "name": "USN-2884-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-2884-1" }, { "name": "DSA-3465", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2016/dsa-3465" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "name": "USN-2885-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-2885-1" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" }, { "name": "RHSA-2016:1430", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1430" }, { "name": "RHSA-2016:0049", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0049.html" }, { "name": "openSUSE-SU-2016:0270", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html" }, { "name": "RHSA-2016:0053", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0053.html" }, { "name": "SUSE-SU-2016:0269", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html" }, { "name": "RHSA-2016:0067", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0067.html" }, { "name": "openSUSE-SU-2016:0263", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html" }, { "name": "SUSE-SU-2016:0256", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html" }, { "name": "GLSA-201603-14", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201603-14" }, { "name": "RHSA-2016:0057", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0057.html" }, { "name": "RHSA-2016:0055", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0055.html" }, { "name": "RHSA-2016:0054", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0054.html" }, { "name": "RHSA-2016:0056", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0056.html" }, { "name": "openSUSE-SU-2016:0268", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html" }, { "name": "RHSA-2016:0050", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0050.html" }, { "name": "DSA-3458", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2016/dsa-3458" }, { "name": "SUSE-SU-2016:0265", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert_us@oracle.com", "ID": "CVE-2016-0494", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "openSUSE-SU-2016:0272", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html" }, { "name": "1034715", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034715" }, { "name": "openSUSE-SU-2016:0279", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html" }, { "name": "GLSA-201610-08", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201610-08" }, { "name": "USN-2884-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2884-1" }, { "name": "DSA-3465", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2016/dsa-3465" }, { "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "name": "USN-2885-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2885-1" }, { "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" }, { "name": "RHSA-2016:1430", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1430" }, { "name": "RHSA-2016:0049", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0049.html" }, { "name": "openSUSE-SU-2016:0270", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html" }, { "name": "RHSA-2016:0053", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0053.html" }, { "name": "SUSE-SU-2016:0269", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html" }, { "name": "RHSA-2016:0067", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0067.html" }, { "name": "openSUSE-SU-2016:0263", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html" }, { "name": "SUSE-SU-2016:0256", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html" }, { "name": "GLSA-201603-14", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201603-14" }, { "name": "RHSA-2016:0057", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0057.html" }, { "name": "RHSA-2016:0055", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0055.html" }, { "name": "RHSA-2016:0054", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0054.html" }, { "name": "RHSA-2016:0056", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0056.html" }, { "name": "openSUSE-SU-2016:0268", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html" }, { "name": "RHSA-2016:0050", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0050.html" }, { "name": "DSA-3458", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2016/dsa-3458" }, { "name": "SUSE-SU-2016:0265", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2016-0494", "datePublished": "2016-01-21T02:00:00", "dateReserved": "2015-12-09T00:00:00", "dateUpdated": "2024-08-05T22:22:55.218Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-7575 (GCVE-0-2015-7575)
Vulnerability from cvelistv5
Published
2016-01-09 02:00
Modified
2024-08-06 07:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Mozilla Network Security Services (NSS) before 3.20.2, as used in Mozilla Firefox before 43.0.2 and Firefox ESR 38.x before 38.5.2, does not reject MD5 signatures in Server Key Exchange messages in TLS 1.2 Handshake Protocol traffic, which makes it easier for man-in-the-middle attackers to spoof servers by triggering a collision.
References
URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T07:51:28.586Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "DSA-3688", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2016/dsa-3688" }, { "name": "DSA-3457", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2016/dsa-3457" }, { "name": "DSA-3491", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2016/dsa-3491" }, { "name": "openSUSE-SU-2016:0272", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html" }, { "name": "1036467", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036467" }, { "name": "GLSA-201701-46", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201701-46" }, { "name": "openSUSE-SU-2016:0279", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html" }, { "name": "openSUSE-SU-2016:0161", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00058.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" }, { "name": "USN-2884-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-2884-1" }, { "name": "79684", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/79684" }, { "name": "DSA-3465", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2016/dsa-3465" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://developer.mozilla.org/docs/Mozilla/Projects/NSS/NSS_3.20.2_release_notes" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" }, { "name": "RHSA-2016:1430", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1430" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1158489" }, { "name": "RHSA-2016:0049", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0049.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" }, { "name": "openSUSE-SU-2016:0270", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html" }, { "name": "openSUSE-SU-2016:0308", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00008.html" }, { "name": "DSA-3437", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2016/dsa-3437" }, { "name": "RHSA-2016:0053", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0053.html" }, { "name": "USN-2904-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-2904-1" }, { "name": "openSUSE-SU-2015:2405", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00139.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20160225-0001/" }, { "name": "SUSE-SU-2016:0269", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html" }, { "name": "DSA-3436", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2016/dsa-3436" }, { "name": "openSUSE-SU-2016:0263", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html" }, { "name": "USN-2866-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-2866-1" }, { "name": "SUSE-SU-2016:0256", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html" }, { "name": "91787", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/91787" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.mozilla.org/security/announce/2015/mfsa2015-150.html" }, { "name": "RHSA-2016:0055", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0055.html" }, { "name": "GLSA-201801-15", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201801-15" }, { "name": "RHSA-2016:0054", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0054.html" }, { "name": "openSUSE-SU-2016:0488", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00101.html" }, { "name": "GLSA-201706-18", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201706-18" }, { "name": "USN-2864-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-2864-1" }, { "name": "openSUSE-SU-2016:0162", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00059.html" }, { "name": "openSUSE-SU-2016:0605", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00166.html" }, { "name": "RHSA-2016:0056", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0056.html" }, { "name": "openSUSE-SU-2016:0268", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html" }, { "name": "openSUSE-SU-2016:0307", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00007.html" }, { "name": "RHSA-2016:0050", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0050.html" }, { "name": "DSA-3458", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2016/dsa-3458" }, { "name": "SUSE-SU-2016:0265", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html" }, { "name": "USN-2865-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-2865-1" }, { "name": "1034541", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034541" }, { "name": "openSUSE-SU-2016:0007", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00005.html" }, { "name": "USN-2863-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-2863-1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-12-22T00:00:00", "descriptions": [ { "lang": "en", "value": "Mozilla Network Security Services (NSS) before 3.20.2, as used in Mozilla Firefox before 43.0.2 and Firefox ESR 38.x before 38.5.2, does not reject MD5 signatures in Server Key Exchange messages in TLS 1.2 Handshake Protocol traffic, which makes it easier for man-in-the-middle attackers to spoof servers by triggering a collision." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-01-15T10:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "DSA-3688", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2016/dsa-3688" }, { "name": "DSA-3457", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2016/dsa-3457" }, { "name": "DSA-3491", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2016/dsa-3491" }, { "name": "openSUSE-SU-2016:0272", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html" }, { "name": "1036467", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036467" }, { "name": "GLSA-201701-46", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201701-46" }, { "name": "openSUSE-SU-2016:0279", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html" }, { "name": "openSUSE-SU-2016:0161", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00058.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html" }, { "name": "USN-2884-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-2884-1" }, { "name": "79684", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/79684" }, { "name": "DSA-3465", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2016/dsa-3465" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://developer.mozilla.org/docs/Mozilla/Projects/NSS/NSS_3.20.2_release_notes" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" }, { "name": "RHSA-2016:1430", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1430" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1158489" }, { "name": "RHSA-2016:0049", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0049.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" }, { "name": "openSUSE-SU-2016:0270", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html" }, { "name": "openSUSE-SU-2016:0308", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00008.html" }, { "name": "DSA-3437", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2016/dsa-3437" }, { "name": "RHSA-2016:0053", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0053.html" }, { "name": "USN-2904-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-2904-1" }, { "name": "openSUSE-SU-2015:2405", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00139.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20160225-0001/" }, { "name": "SUSE-SU-2016:0269", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html" }, { "name": "DSA-3436", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2016/dsa-3436" }, { "name": "openSUSE-SU-2016:0263", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html" }, { "name": "USN-2866-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-2866-1" }, { "name": "SUSE-SU-2016:0256", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html" }, { "name": "91787", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/91787" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.mozilla.org/security/announce/2015/mfsa2015-150.html" }, { "name": "RHSA-2016:0055", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0055.html" }, { "name": "GLSA-201801-15", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201801-15" }, { "name": "RHSA-2016:0054", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0054.html" }, { "name": "openSUSE-SU-2016:0488", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00101.html" }, { "name": "GLSA-201706-18", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201706-18" }, { "name": "USN-2864-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-2864-1" }, { "name": "openSUSE-SU-2016:0162", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00059.html" }, { "name": "openSUSE-SU-2016:0605", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00166.html" }, { "name": "RHSA-2016:0056", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0056.html" }, { "name": "openSUSE-SU-2016:0268", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html" }, { "name": "openSUSE-SU-2016:0307", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-02/msg00007.html" }, { "name": "RHSA-2016:0050", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0050.html" }, { "name": "DSA-3458", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2016/dsa-3458" }, { "name": "SUSE-SU-2016:0265", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html" }, { "name": "USN-2865-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-2865-1" }, { "name": "1034541", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034541" }, { "name": "openSUSE-SU-2016:0007", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00005.html" }, { "name": "USN-2863-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-2863-1" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2015-7575", "datePublished": "2016-01-09T02:00:00", "dateReserved": "2015-09-29T00:00:00", "dateUpdated": "2024-08-06T07:51:28.586Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2016-0483 (GCVE-0-2016-0483)
Vulnerability from cvelistv5
Published
2016-01-21 02:00
Modified
2024-08-05 22:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this is a heap-based buffer overflow in the readImage function, which allows remote attackers to execute arbitrary code via crafted image data.
References
URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:22:54.250Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-032" }, { "name": "openSUSE-SU-2016:0272", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html" }, { "name": "1034715", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034715" }, { "name": "openSUSE-SU-2016:0279", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html" }, { "name": "GLSA-201610-08", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201610-08" }, { "name": "USN-2884-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-2884-1" }, { "name": "DSA-3465", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2016/dsa-3465" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "name": "USN-2885-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-2885-1" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" }, { "name": "RHSA-2016:1430", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1430" }, { "name": "RHSA-2016:0049", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0049.html" }, { "name": "openSUSE-SU-2016:0270", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html" }, { "name": "RHSA-2016:0053", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0053.html" }, { "name": "SUSE-SU-2016:0269", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html" }, { "name": "RHSA-2016:0067", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0067.html" }, { "name": "openSUSE-SU-2016:0263", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html" }, { "name": "SUSE-SU-2016:0256", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html" }, { "name": "GLSA-201603-14", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201603-14" }, { "name": "RHSA-2016:0057", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0057.html" }, { "name": "RHSA-2016:0055", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0055.html" }, { "name": "RHSA-2016:0054", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0054.html" }, { "name": "RHSA-2016:0056", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0056.html" }, { "name": "openSUSE-SU-2016:0268", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html" }, { "name": "RHSA-2016:0050", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0050.html" }, { "name": "DSA-3458", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2016/dsa-3458" }, { "name": "SUSE-SU-2016:0265", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-01-19T00:00:00", "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this is a heap-based buffer overflow in the readImage function, which allows remote attackers to execute arbitrary code via crafted image data." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-06-30T16:57:01", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-032" }, { "name": "openSUSE-SU-2016:0272", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html" }, { "name": "1034715", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034715" }, { "name": "openSUSE-SU-2016:0279", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html" }, { "name": "GLSA-201610-08", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201610-08" }, { "name": "USN-2884-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-2884-1" }, { "name": "DSA-3465", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2016/dsa-3465" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "name": "USN-2885-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-2885-1" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" }, { "name": "RHSA-2016:1430", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1430" }, { "name": "RHSA-2016:0049", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0049.html" }, { "name": "openSUSE-SU-2016:0270", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html" }, { "name": "RHSA-2016:0053", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0053.html" }, { "name": "SUSE-SU-2016:0269", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html" }, { "name": "RHSA-2016:0067", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0067.html" }, { "name": "openSUSE-SU-2016:0263", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html" }, { "name": "SUSE-SU-2016:0256", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html" }, { "name": "GLSA-201603-14", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201603-14" }, { "name": "RHSA-2016:0057", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0057.html" }, { "name": "RHSA-2016:0055", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0055.html" }, { "name": "RHSA-2016:0054", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0054.html" }, { "name": "RHSA-2016:0056", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0056.html" }, { "name": "openSUSE-SU-2016:0268", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html" }, { "name": "RHSA-2016:0050", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0050.html" }, { "name": "DSA-3458", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2016/dsa-3458" }, { "name": "SUSE-SU-2016:0265", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert_us@oracle.com", "ID": "CVE-2016-0483", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Unspecified vulnerability in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this is a heap-based buffer overflow in the readImage function, which allows remote attackers to execute arbitrary code via crafted image data." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://www.zerodayinitiative.com/advisories/ZDI-16-032", "refsource": "MISC", "url": "http://www.zerodayinitiative.com/advisories/ZDI-16-032" }, { "name": "openSUSE-SU-2016:0272", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html" }, { "name": "1034715", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034715" }, { "name": "openSUSE-SU-2016:0279", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html" }, { "name": "GLSA-201610-08", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201610-08" }, { "name": "USN-2884-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2884-1" }, { "name": "DSA-3465", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2016/dsa-3465" }, { "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "name": "USN-2885-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2885-1" }, { "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" }, { "name": "RHSA-2016:1430", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1430" }, { "name": "RHSA-2016:0049", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0049.html" }, { "name": "openSUSE-SU-2016:0270", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html" }, { "name": "RHSA-2016:0053", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0053.html" }, { "name": "SUSE-SU-2016:0269", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html" }, { "name": "RHSA-2016:0067", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0067.html" }, { "name": "openSUSE-SU-2016:0263", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html" }, { "name": "SUSE-SU-2016:0256", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html" }, { "name": "GLSA-201603-14", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201603-14" }, { "name": "RHSA-2016:0057", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0057.html" }, { "name": "RHSA-2016:0055", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0055.html" }, { "name": "RHSA-2016:0054", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0054.html" }, { "name": "RHSA-2016:0056", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0056.html" }, { "name": "openSUSE-SU-2016:0268", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html" }, { "name": "RHSA-2016:0050", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0050.html" }, { "name": "DSA-3458", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2016/dsa-3458" }, { "name": "SUSE-SU-2016:0265", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2016-0483", "datePublished": "2016-01-21T02:00:00", "dateReserved": "2015-12-09T00:00:00", "dateUpdated": "2024-08-05T22:22:54.250Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2016-0448 (GCVE-0-2016-0448)
Vulnerability from cvelistv5
Published
2016-01-21 02:00
Modified
2024-08-05 22:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66, and Java SE Embedded 8u65 allows remote authenticated users to affect confidentiality via vectors related to JMX.
References
URL | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:22:54.684Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "openSUSE-SU-2016:0272", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html" }, { "name": "1034715", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034715" }, { "name": "openSUSE-SU-2016:0279", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html" }, { "name": "GLSA-201610-08", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201610-08" }, { "name": "USN-2884-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-2884-1" }, { "name": "DSA-3465", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2016/dsa-3465" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "name": "USN-2885-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-2885-1" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" }, { "name": "RHSA-2016:1430", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1430" }, { "name": "81123", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/81123" }, { "name": "RHSA-2016:0049", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0049.html" }, { "name": "openSUSE-SU-2016:0270", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html" }, { "name": "RHSA-2016:0053", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0053.html" }, { "name": "SUSE-SU-2016:0269", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html" }, { "name": "RHSA-2016:0067", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0067.html" }, { "name": "openSUSE-SU-2016:0263", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html" }, { "name": "SUSE-SU-2016:0256", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html" }, { "name": "GLSA-201603-14", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201603-14" }, { "name": "RHSA-2016:0057", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0057.html" }, { "name": "RHSA-2016:0055", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0055.html" }, { "name": "RHSA-2016:0054", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0054.html" }, { "name": "RHSA-2016:0056", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0056.html" }, { "name": "openSUSE-SU-2016:0268", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html" }, { "name": "RHSA-2016:0050", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0050.html" }, { "name": "DSA-3458", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2016/dsa-3458" }, { "name": "SUSE-SU-2016:0265", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-01-19T00:00:00", "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66, and Java SE Embedded 8u65 allows remote authenticated users to affect confidentiality via vectors related to JMX." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-06-30T16:57:01", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle" }, "references": [ { "name": "openSUSE-SU-2016:0272", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html" }, { "name": "1034715", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034715" }, { "name": "openSUSE-SU-2016:0279", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html" }, { "name": "GLSA-201610-08", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201610-08" }, { "name": "USN-2884-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-2884-1" }, { "name": "DSA-3465", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2016/dsa-3465" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "name": "USN-2885-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-2885-1" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" }, { "name": "RHSA-2016:1430", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1430" }, { "name": "81123", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/81123" }, { "name": "RHSA-2016:0049", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0049.html" }, { "name": "openSUSE-SU-2016:0270", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html" }, { "name": "RHSA-2016:0053", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0053.html" }, { "name": "SUSE-SU-2016:0269", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html" }, { "name": "RHSA-2016:0067", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0067.html" }, { "name": "openSUSE-SU-2016:0263", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html" }, { "name": "SUSE-SU-2016:0256", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html" }, { "name": "GLSA-201603-14", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201603-14" }, { "name": "RHSA-2016:0057", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0057.html" }, { "name": "RHSA-2016:0055", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0055.html" }, { "name": "RHSA-2016:0054", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0054.html" }, { "name": "RHSA-2016:0056", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0056.html" }, { "name": "openSUSE-SU-2016:0268", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html" }, { "name": "RHSA-2016:0050", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0050.html" }, { "name": "DSA-3458", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2016/dsa-3458" }, { "name": "SUSE-SU-2016:0265", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert_us@oracle.com", "ID": "CVE-2016-0448", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66, and Java SE Embedded 8u65 allows remote authenticated users to affect confidentiality via vectors related to JMX." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "openSUSE-SU-2016:0272", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html" }, { "name": "1034715", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034715" }, { "name": "openSUSE-SU-2016:0279", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html" }, { "name": "GLSA-201610-08", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201610-08" }, { "name": "USN-2884-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2884-1" }, { "name": "DSA-3465", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2016/dsa-3465" }, { "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "name": "USN-2885-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2885-1" }, { "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" }, { "name": "RHSA-2016:1430", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1430" }, { "name": "81123", "refsource": "BID", "url": "http://www.securityfocus.com/bid/81123" }, { "name": "RHSA-2016:0049", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0049.html" }, { "name": "openSUSE-SU-2016:0270", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html" }, { "name": "RHSA-2016:0053", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0053.html" }, { "name": "SUSE-SU-2016:0269", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html" }, { "name": "RHSA-2016:0067", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0067.html" }, { "name": "openSUSE-SU-2016:0263", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html" }, { "name": "SUSE-SU-2016:0256", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html" }, { "name": "GLSA-201603-14", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201603-14" }, { "name": "RHSA-2016:0057", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0057.html" }, { "name": "RHSA-2016:0055", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0055.html" }, { "name": "RHSA-2016:0054", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0054.html" }, { "name": "RHSA-2016:0056", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0056.html" }, { "name": "openSUSE-SU-2016:0268", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html" }, { "name": "RHSA-2016:0050", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0050.html" }, { "name": "DSA-3458", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2016/dsa-3458" }, { "name": "SUSE-SU-2016:0265", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2016-0448", "datePublished": "2016-01-21T02:00:00", "dateReserved": "2015-12-09T00:00:00", "dateUpdated": "2024-08-05T22:22:54.684Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-8126 (GCVE-0-2015-8126)
Vulnerability from cvelistv5
Published
2015-11-13 02:00
Modified
2024-08-06 08:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image.
References
URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T08:13:31.073Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "APPLE-SA-2016-03-21-5", "tags": [ "vendor-advisory", "x_refsource_APPLE", "x_transferred" ], "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html" }, { "name": "openSUSE-SU-2016:0664", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00014.html" }, { "name": "openSUSE-SU-2016:0103", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00028.html" }, { "name": "openSUSE-SU-2016:0684", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00018.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.apple.com/HT206167" }, { "name": "openSUSE-SU-2015:2135", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00159.html" }, { "name": "openSUSE-SU-2015:2136", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00160.html" }, { "name": "77568", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/77568" }, { "name": "openSUSE-SU-2016:0272", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html" }, { "name": "FEDORA-2015-5e52306c9c", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172324.html" }, { "name": "FEDORA-2015-ec2ddd15d7", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172647.html" }, { "name": "GLSA-201611-08", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201611-08" }, { "name": "openSUSE-SU-2016:0279", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html" }, { "name": "DSA-3507", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2016/dsa-3507" }, { "name": "FEDORA-2015-501493d853", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172663.html" }, { "name": "1034142", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034142" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" }, { "name": "RHSA-2016:1430", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1430" }, { "name": "FEDORA-2015-1d87313b7c", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172620.html" }, { "name": "DSA-3399", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2015/dsa-3399" }, { "name": "RHSA-2015:2595", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2015-2595.html" }, { "name": "RHSA-2015:2596", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2015-2596.html" }, { "name": "openSUSE-SU-2015:2262", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00062.html" }, { "name": "FEDORA-2015-8a1243db75", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172823.html" }, { "name": "FEDORA-2015-13668fff74", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172769.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html" }, { "name": "openSUSE-SU-2016:0270", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10148" }, { "name": "openSUSE-SU-2015:2100", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00034.html" }, { "name": "[oss-security] 20151112 CVE request: libpng buffer overflow in png_set_PLTE", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2015/11/12/2" }, { "name": "SUSE-SU-2016:0269", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html" }, { "name": "openSUSE-SU-2016:0105", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00030.html" }, { "name": "FEDORA-2015-97fc1797fa", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172797.html" }, { "name": "openSUSE-SU-2016:0729", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00028.html" }, { "name": "openSUSE-SU-2016:0263", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html" }, { "name": "SUSE-SU-2016:0256", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html" }, { "name": "FEDORA-2016-43735c33a7", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177382.html" }, { "name": "SUSE-SU-2016:0665", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00015.html" }, { "name": "GLSA-201603-09", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201603-09" }, { "name": "FEDORA-2016-9a1c707b10", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177344.html" }, { "name": "openSUSE-SU-2015:2263", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00063.html" }, { "name": "RHSA-2016:0057", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0057.html" }, { "name": "RHSA-2016:0055", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0055.html" }, { "name": "FEDORA-2015-c80ec85542", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174905.html" }, { "name": "openSUSE-SU-2015:2099", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00033.html" }, { "name": "USN-2815-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-2815-1" }, { "name": "RHSA-2016:0056", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0056.html" }, { "name": "openSUSE-SU-2016:0268", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html" }, { "name": "FEDORA-2015-4ad4998d00", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175073.html" }, { "name": "RHSA-2015:2594", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2015-2594.html" }, { "name": "FEDORA-2015-233750b6ab", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174936.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://code.google.com/p/chromium/issues/detail?id=560291" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://googlechromereleases.blogspot.com/2016/03/stable-channel-update.html" }, { "name": "SUSE-SU-2016:0265", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html" }, { "name": "openSUSE-SU-2016:0104", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00029.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-11-12T00:00:00", "descriptions": [ { "lang": "en", "value": "Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-06-30T16:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "APPLE-SA-2016-03-21-5", "tags": [ "vendor-advisory", "x_refsource_APPLE" ], "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html" }, { "name": "openSUSE-SU-2016:0664", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00014.html" }, { "name": "openSUSE-SU-2016:0103", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00028.html" }, { "name": "openSUSE-SU-2016:0684", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00018.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.apple.com/HT206167" }, { "name": "openSUSE-SU-2015:2135", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00159.html" }, { "name": "openSUSE-SU-2015:2136", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00160.html" }, { "name": "77568", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/77568" }, { "name": "openSUSE-SU-2016:0272", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html" }, { "name": "FEDORA-2015-5e52306c9c", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172324.html" }, { "name": "FEDORA-2015-ec2ddd15d7", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172647.html" }, { "name": "GLSA-201611-08", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201611-08" }, { "name": "openSUSE-SU-2016:0279", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html" }, { "name": "DSA-3507", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2016/dsa-3507" }, { "name": "FEDORA-2015-501493d853", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172663.html" }, { "name": "1034142", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034142" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" }, { "name": "RHSA-2016:1430", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1430" }, { "name": "FEDORA-2015-1d87313b7c", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172620.html" }, { "name": "DSA-3399", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2015/dsa-3399" }, { "name": "RHSA-2015:2595", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2015-2595.html" }, { "name": "RHSA-2015:2596", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2015-2596.html" }, { "name": "openSUSE-SU-2015:2262", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00062.html" }, { "name": "FEDORA-2015-8a1243db75", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172823.html" }, { "name": "FEDORA-2015-13668fff74", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172769.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html" }, { "name": "openSUSE-SU-2016:0270", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10148" }, { "name": "openSUSE-SU-2015:2100", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00034.html" }, { "name": "[oss-security] 20151112 CVE request: libpng buffer overflow in png_set_PLTE", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2015/11/12/2" }, { "name": "SUSE-SU-2016:0269", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html" }, { "name": "openSUSE-SU-2016:0105", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00030.html" }, { "name": "FEDORA-2015-97fc1797fa", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172797.html" }, { "name": "openSUSE-SU-2016:0729", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00028.html" }, { "name": "openSUSE-SU-2016:0263", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html" }, { "name": "SUSE-SU-2016:0256", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html" }, { "name": "FEDORA-2016-43735c33a7", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177382.html" }, { "name": "SUSE-SU-2016:0665", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00015.html" }, { "name": "GLSA-201603-09", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201603-09" }, { "name": "FEDORA-2016-9a1c707b10", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177344.html" }, { "name": "openSUSE-SU-2015:2263", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00063.html" }, { "name": "RHSA-2016:0057", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0057.html" }, { "name": "RHSA-2016:0055", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0055.html" }, { "name": "FEDORA-2015-c80ec85542", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174905.html" }, { "name": "openSUSE-SU-2015:2099", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00033.html" }, { "name": "USN-2815-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-2815-1" }, { "name": "RHSA-2016:0056", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0056.html" }, { "name": "openSUSE-SU-2016:0268", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html" }, { "name": "FEDORA-2015-4ad4998d00", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175073.html" }, { "name": "RHSA-2015:2594", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2015-2594.html" }, { "name": "FEDORA-2015-233750b6ab", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174936.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://code.google.com/p/chromium/issues/detail?id=560291" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://googlechromereleases.blogspot.com/2016/03/stable-channel-update.html" }, { "name": "SUSE-SU-2016:0265", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html" }, { "name": "openSUSE-SU-2016:0104", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00029.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2015-8126", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "APPLE-SA-2016-03-21-5", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html" }, { "name": "openSUSE-SU-2016:0664", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00014.html" }, { "name": "openSUSE-SU-2016:0103", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00028.html" }, { "name": "openSUSE-SU-2016:0684", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00018.html" }, { "name": "https://support.apple.com/HT206167", "refsource": "CONFIRM", "url": "https://support.apple.com/HT206167" }, { "name": "openSUSE-SU-2015:2135", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00159.html" }, { "name": "openSUSE-SU-2015:2136", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00160.html" }, { "name": "77568", "refsource": "BID", "url": "http://www.securityfocus.com/bid/77568" }, { "name": "openSUSE-SU-2016:0272", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html" }, { "name": "FEDORA-2015-5e52306c9c", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172324.html" }, { "name": "FEDORA-2015-ec2ddd15d7", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172647.html" }, { "name": "GLSA-201611-08", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201611-08" }, { "name": "openSUSE-SU-2016:0279", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html" }, { "name": "DSA-3507", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2016/dsa-3507" }, { "name": "FEDORA-2015-501493d853", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172663.html" }, { "name": "1034142", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034142" }, { "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" }, { "name": "RHSA-2016:1430", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1430" }, { "name": "FEDORA-2015-1d87313b7c", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172620.html" }, { "name": "DSA-3399", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2015/dsa-3399" }, { "name": "RHSA-2015:2595", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2015-2595.html" }, { "name": "RHSA-2015:2596", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2015-2596.html" }, { "name": "openSUSE-SU-2015:2262", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00062.html" }, { "name": "FEDORA-2015-8a1243db75", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172823.html" }, { "name": "FEDORA-2015-13668fff74", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172769.html" }, { "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html" }, { "name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html" }, { "name": "openSUSE-SU-2016:0270", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html" }, { "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10148", "refsource": "CONFIRM", "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10148" }, { "name": "openSUSE-SU-2015:2100", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00034.html" }, { "name": "[oss-security] 20151112 CVE request: libpng buffer overflow in png_set_PLTE", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2015/11/12/2" }, { "name": "SUSE-SU-2016:0269", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html" }, { "name": "openSUSE-SU-2016:0105", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00030.html" }, { "name": "FEDORA-2015-97fc1797fa", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172797.html" }, { "name": "openSUSE-SU-2016:0729", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00028.html" }, { "name": "openSUSE-SU-2016:0263", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html" }, { "name": "SUSE-SU-2016:0256", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html" }, { "name": "FEDORA-2016-43735c33a7", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177382.html" }, { "name": "SUSE-SU-2016:0665", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00015.html" }, { "name": "GLSA-201603-09", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201603-09" }, { "name": "FEDORA-2016-9a1c707b10", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177344.html" }, { "name": "openSUSE-SU-2015:2263", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00063.html" }, { "name": "RHSA-2016:0057", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0057.html" }, { "name": "RHSA-2016:0055", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0055.html" }, { "name": "FEDORA-2015-c80ec85542", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174905.html" }, { "name": "openSUSE-SU-2015:2099", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00033.html" }, { "name": "USN-2815-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2815-1" }, { "name": "RHSA-2016:0056", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0056.html" }, { "name": "openSUSE-SU-2016:0268", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html" }, { "name": "FEDORA-2015-4ad4998d00", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175073.html" }, { "name": "RHSA-2015:2594", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2015-2594.html" }, { "name": "FEDORA-2015-233750b6ab", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174936.html" }, { "name": "https://code.google.com/p/chromium/issues/detail?id=560291", "refsource": "CONFIRM", "url": "https://code.google.com/p/chromium/issues/detail?id=560291" }, { "name": "http://googlechromereleases.blogspot.com/2016/03/stable-channel-update.html", "refsource": "CONFIRM", "url": "http://googlechromereleases.blogspot.com/2016/03/stable-channel-update.html" }, { "name": "SUSE-SU-2016:0265", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html" }, { "name": "openSUSE-SU-2016:0104", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2016-01/msg00029.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2015-8126", "datePublished": "2015-11-13T02:00:00", "dateReserved": "2015-11-12T00:00:00", "dateUpdated": "2024-08-06T08:13:31.073Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2016-0475 (GCVE-0-2016-0475)
Vulnerability from cvelistv5
Published
2016-01-21 02:00
Modified
2024-08-05 22:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Unspecified vulnerability in the Java SE, Java SE Embedded, and JRockit components in Oracle Java SE 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries.
References
URL | Tags | ||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T22:22:55.215Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "1034715", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034715" }, { "name": "GLSA-201610-08", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201610-08" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" }, { "name": "RHSA-2016:0049", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0049.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10148" }, { "name": "SUSE-SU-2016:0256", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html" }, { "name": "RHSA-2016:0055", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0055.html" }, { "name": "RHSA-2016:0050", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0050.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-01-19T00:00:00", "descriptions": [ { "lang": "en", "value": "Unspecified vulnerability in the Java SE, Java SE Embedded, and JRockit components in Oracle Java SE 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-06-30T16:57:01", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle" }, "references": [ { "name": "1034715", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034715" }, { "name": "GLSA-201610-08", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201610-08" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" }, { "name": "RHSA-2016:0049", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0049.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10148" }, { "name": "SUSE-SU-2016:0256", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html" }, { "name": "RHSA-2016:0055", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0055.html" }, { "name": "RHSA-2016:0050", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0050.html" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert_us@oracle.com", "ID": "CVE-2016-0475", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Unspecified vulnerability in the Java SE, Java SE Embedded, and JRockit components in Oracle Java SE 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Libraries." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "1034715", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034715" }, { "name": "GLSA-201610-08", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201610-08" }, { "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "name": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html" }, { "name": "RHSA-2016:0049", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0049.html" }, { "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10148", "refsource": "CONFIRM", "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10148" }, { "name": "SUSE-SU-2016:0256", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html" }, { "name": "RHSA-2016:0055", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0055.html" }, { "name": "RHSA-2016:0050", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0050.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2016-0475", "datePublished": "2016-01-21T02:00:00", "dateReserved": "2015-12-09T00:00:00", "dateUpdated": "2024-08-05T22:22:55.215Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…