CVE-2016-3598Oracle JDK vulnerability

12 documents8 sources
Severity
9.6CRITICALNVD
OSV4.3
EPSS
7.1%
top 8.46%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Oracle JDKOracle JREOracle Linux
Timeline
PublishedJul 21
Latest updateMay 13

Description

Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Libraries, a different vulnerability than CVE-2016-3610.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:HExploitability: 2.8 | Impact: 6.0

Affected Packages3 packages

NVDoracle/jdk1.8.0
NVDoracle/jre1.8.0
NVDoracle/linux5.0, 6, 7+2

Patches

Patch: www.oracle.comPatch: www.oracle.com

🔴Vulnerability Details

5
GHSA
GHSA-vpvv-5xj9-pv4q: Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availabil2022-05-13
OSV
openjdk-7 vulnerabilities2016-08-16
OSV
openjdk-8 vulnerabilities2016-07-27
OSV
CVE-2016-3598: Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availabil2016-07-21
CVEList
CVE-2016-3598: Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availabil2016-07-21

📋Vendor Advisories

5
Ubuntu
OpenJDK 7 vulnerabilities2016-08-16
Ubuntu
OpenJDK 8 vulnerabilities2016-07-27
Red Hat
OpenJDK: incorrect handling of MethodHandles.dropArguments() argument (Libraries, 8155985)2016-07-19
Red Hat
OpenJDK: insufficient value count check in MethodHandles.filterReturnValue() (Libraries, 8158571)2016-07-19
Debian
CVE-2016-3598: openjdk-8 - Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allow...2016

💬Community

1
Bugzilla
CVE-2016-3598 OpenJDK: incorrect handling of MethodHandles.dropArguments() argument (Libraries, 8155985)2016-07-15
CVE-2016-3598 — Oracle JDK vulnerability | cvebase