10

CVE-2016-3443

EPSS 3.4%
Veröffentlicht 21.04.2016 11:00:32
Zuletzt bearbeitet 12.04.2025 10:46:40
Quelle secalert_us@oracle.com
Teams Watchlist Login
Unerledigt Login

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to 2D.  NOTE: the previous information is from the April 2016 CPU. Oracle has not commented on third-party claims that this issue allows remote attackers to obtain sensitive information via crafted font data, which triggers an out-of-bounds read.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 0 Referenzen 27

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Oracle ≫ Jdk Version1.6.0 Updateupdate113

Oracle ≫ Jdk Version1.7.0 Updateupdate99

Oracle ≫ Jdk Version1.8.0 Updateupdate77

Oracle ≫ Jre Version1.6.0 Updateupdate113

Oracle ≫ Jre Version1.7.0 Updateupdate99

Oracle ≫ Jre Version1.8.0 Updateupdate77

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	3.4%	0.869

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.6	2.8	6	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
nvd@nist.gov	10	10	10	AV:N/AC:L/Au:N/C:C/I:C/A:C

http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html

Vendor Advisory

https://access.redhat.com/errata/RHSA-2016:1430

https://security.gentoo.org/glsa/201606-18

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00039.html

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00040.html

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00042.html

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00058.html

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00059.html

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00061.html

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00067.html

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00002.html

http://rhn.redhat.com/errata/RHSA-2016-0677.html

http://rhn.redhat.com/errata/RHSA-2016-0678.html

http://rhn.redhat.com/errata/RHSA-2016-0679.html

http://rhn.redhat.com/errata/RHSA-2016-0701.html

http://rhn.redhat.com/errata/RHSA-2016-0702.html

http://rhn.redhat.com/errata/RHSA-2016-0708.html

http://rhn.redhat.com/errata/RHSA-2016-0716.html

http://rhn.redhat.com/errata/RHSA-2016-1039.html

http://www.securitytracker.com/id/1035596

https://access.redhat.com/errata/RHSA-2017:1216

https://security.netapp.com/advisory/ntap-20160420-0001/

http://www.securityfocus.com/bid/86482

http://www.zerodayinitiative.com/advisories/ZDI-16-376

https://nvd.nist.gov/vuln/detail/CVE-2016-3443

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2016-3443

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2016-3443

EUVD