CVE-2016-3610 — Oracle JDK vulnerability
12 documents8 sources
Severity
9.6CRITICALNVD
OSV4.3
EPSS
4.2%
top 11.20%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJul 21
Latest updateMay 13
Description
Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Libraries, a different vulnerability than CVE-2016-3598.
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:HExploitability: 2.8 | Impact: 6.0
Affected Packages3 packages
Patches
🔴Vulnerability Details
5GHSA▶
GHSA-4f7v-wmgw-vvrf: Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availabil↗2022-05-13
OSV▶
CVE-2016-3610: Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availabil↗2016-07-21
CVEList▶
CVE-2016-3610: Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availabil↗2016-07-21
📋Vendor Advisories
5Red Hat▶
OpenJDK: insufficient value count check in MethodHandles.filterReturnValue() (Libraries, 8158571)↗2016-07-19
Red Hat▶
OpenJDK: incorrect handling of MethodHandles.dropArguments() argument (Libraries, 8155985)↗2016-07-19
Debian▶
CVE-2016-3610: openjdk-8 - Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allow...↗2016
💬Community
1Bugzilla▶
CVE-2016-3610 OpenJDK: insufficient value count check in MethodHandles.filterReturnValue() (Libraries, 8158571)↗2016-07-15