CVE-2016-3425

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect availability via vectors related to JAXP.

CVSS v3.0 4.3 MEDIUM
CVSS v2.0 5.0 MEDIUM

4.3^/10

CVSS v3.0 : MEDIUM

V3 Legend

Vector : AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Exploitability : 2.8 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact LOW

Scope UNCHANGED

5.0^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html	Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2016-0723.html
https://security.gentoo.org/glsa/201606-18
http://www.securityfocus.com/bid/86434
https://kc.mcafee.com/corporate/index?page=content&id=SB10159
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00021.html
http://rhn.redhat.com/errata/RHSA-2016-0676.html
http://rhn.redhat.com/errata/RHSA-2016-0675.html
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00012.html
http://www.ubuntu.com/usn/USN-2972-1
http://www.ubuntu.com/usn/USN-2963-1
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00026.html
http://rhn.redhat.com/errata/RHSA-2016-0679.html
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00006.html
http://www.ubuntu.com/usn/USN-2964-1
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00022.html
http://rhn.redhat.com/errata/RHSA-2016-0677.html
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00009.html
http://rhn.redhat.com/errata/RHSA-2016-0678.html
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00027.html
http://rhn.redhat.com/errata/RHSA-2016-0651.html
http://rhn.redhat.com/errata/RHSA-2016-0650.html
http://www.debian.org/security/2016/dsa-3558
http://www.securitytracker.com/id/1035596
https://security.netapp.com/advisory/ntap-20160420-0001/

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:oracle:jrockit:r28.3.9:::::::*
	cpe:2.3:a:oracle:jdk:1.8.0:update77::::::
	cpe:2.3:a:oracle:jdk:1.6.0:update113::::::
	cpe:2.3:a:oracle:jdk:1.7.0:update99::::::
	cpe:2.3:a:oracle:jre:1.6.0:update113::::::
	cpe:2.3:a:oracle:jre:1.7.0:update99::::::
	cpe:2.3:a:oracle:jre:1.8.0:update77::::::

Information

Published : 2016-04-21 04:00

Updated : 2022-05-13 07:57

NVD link : CVE-2016-3425

Mitre link : CVE-2016-3425

JSON object : View

CWE

NVD-CWE-noinfo

Products Affected

oracle

jrockit
jdk
jre

4.3 /10

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact LOW

Scope UNCHANGED

5.0 /10

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

JSON object

Attach tags to CVE-2016-3425

4.3^/10

5.0^/10

Attach tags to `CVE-2016-3425`