CVE-2016-0264

CWE-119 — Buffer Overflow CWE-120 — Classic Buffer Overflow7 documents6 sources

Severity

5.6MEDIUM

EPSS

12.8%

top 5.98%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

13

IBM Java SDK Redhat Enterprise Linux Desktop Redhat Enterprise Linux HPC Node Supplementary +10 more

Timeline

PublishedMay 24

Latest updateMay 13

Description

Buffer overflow in the Java Virtual Machine (JVM) in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40 (7.1.3.40), and 8 before SR3 (8.0.3.0) allows remote attackers to execute arbitrary code via unspecified vectors.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:LExploitability: 2.2 | Impact: 3.4

Affected Packages12 packages

▶NVDibm/java_sdk6.0.0.0 — 6.0.16.25+4

▶NVDsuse/manager2.1

▶NVDredhat/satellite5.6, 5.7+1

▶NVDsuse/manager_proxy2.1

▶NVDsuse/openstack_cloud5

Also affects: Enterprise Linux 6.7, 7.2, 7.3, 7.4, 7.5

🔴Vulnerability Details

2

GHSA

GHSA-3p6j-59jx-xr88: Buffer overflow in the Java Virtual Machine (JVM) in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6↗2022-05-13

▶

CVEList

CVE-2016-0264: Buffer overflow in the Java Virtual Machine (JVM) in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6↗2016-05-24

▶

📋Vendor Advisories

1

Red Hat

JDK: buffer overflow vulnerability in the IBM JVM↗2016-04-27

▶

💬Community

1

Bugzilla

CVE-2016-0264 IBM JDK: buffer overflow vulnerability in the IBM JVM↗2016-04-28

▶