10

CVE-2016-3443

EPSS 3.4%
Published 21.04.2016 11:00:32
Last modified 12.04.2025 10:46:40
Source secalert_us@oracle.com
Teams watchlist Login
Open Login

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to 2D.  NOTE: the previous information is from the April 2016 CPU. Oracle has not commented on third-party claims that this issue allows remote attackers to obtain sensitive information via crafted font data, which triggers an out-of-bounds read.

Affected products Warnungen 0 Metrics 3 CWE 0 References 27

Data is provided by the National Vulnerability Database (NVD)

Oracle ≫ Jdk Version1.6.0 Updateupdate113

Oracle ≫ Jdk Version1.7.0 Updateupdate99

Oracle ≫ Jdk Version1.8.0 Updateupdate77

Oracle ≫ Jre Version1.6.0 Updateupdate113

Oracle ≫ Jre Version1.7.0 Updateupdate99

Oracle ≫ Jre Version1.8.0 Updateupdate77

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	3.4%	0.869

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	9.6	2.8	6	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
nvd@nist.gov	10	10	10	AV:N/AC:L/Au:N/C:C/I:C/A:C

http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html

Vendor Advisory

https://access.redhat.com/errata/RHSA-2016:1430

https://security.gentoo.org/glsa/201606-18

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00039.html

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00040.html

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00042.html

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00058.html

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00059.html

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00061.html

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00067.html

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00002.html

http://rhn.redhat.com/errata/RHSA-2016-0677.html

http://rhn.redhat.com/errata/RHSA-2016-0678.html

http://rhn.redhat.com/errata/RHSA-2016-0679.html

http://rhn.redhat.com/errata/RHSA-2016-0701.html

http://rhn.redhat.com/errata/RHSA-2016-0702.html

http://rhn.redhat.com/errata/RHSA-2016-0708.html

http://rhn.redhat.com/errata/RHSA-2016-0716.html

http://rhn.redhat.com/errata/RHSA-2016-1039.html

http://www.securitytracker.com/id/1035596

https://access.redhat.com/errata/RHSA-2017:1216

https://security.netapp.com/advisory/ntap-20160420-0001/

http://www.securityfocus.com/bid/86482

http://www.zerodayinitiative.com/advisories/ZDI-16-376

https://nvd.nist.gov/vuln/detail/CVE-2016-3443

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2016-3443

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2016-3443

EUVD