CVE-2016-3485Oracle JDK vulnerability

6 documents6 sources
Severity
2.9LOWNVD
EPSS
0.0%
top 87.01%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Oracle JDKOracle JREOracle Jrockit
Timeline
PublishedJul 21
Latest updateMay 13

Description

Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows local users to affect integrity via vectors related to Networking.

CVSS vector

CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:NExploitability: 1.4 | Impact: 1.4

Affected Packages3 packages

NVDoracle/jrockitr28.3.10
NVDoracle/jdk1.6.0, 1.7.0, 1.8.0+2
NVDoracle/jre1.6.0, 1.7.0, 1.8.0+2

Patches

Patch: www.oracle.comPatch: www.oracle.com

🔴Vulnerability Details

2
GHSA
GHSA-c5cc-pp8q-5p3c: Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R282022-05-13
CVEList
CVE-2016-3485: Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R282016-07-21

📋Vendor Advisories

2
Red Hat
OpenJDK: weak authentication secret in Pipe implementation on Windows (Networking, 8145446)2016-07-19
Debian
CVE-2016-3485: openjdk-8 - Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embe...2016

💬Community

1
Bugzilla
CVE-2016-3485 OpenJDK: weak authentication secret in Pipe implementation on Windows (Networking, 8145446)2016-07-18
CVE-2016-3485 — Oracle JDK vulnerability | cvebase