CVE-2016-3587

EUVD-2016-4613
Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.6 CRITICAL
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 90%
Affected Products (NVD)
VendorProductVersion
oraclejdk
1.8.0
oraclejdk
1.8.0
oraclejre
1.8.0
oraclejre
1.8.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
openjdk-8
sid
8u432-b06-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
icedtea-web
precise
not-affected
trusty
dne
wily
not-affected
xenial
not-affected
openjdk-6
precise
not-affected
trusty
dne
wily
ignored
xenial
dne
openjdk-7
precise
not-affected
trusty
dne
wily
ignored
xenial
dne
openjdk-8
precise
dne
trusty
dne
wily
Fixed 8u91-b14-3ubuntu1~15.10.1
released
xenial
Fixed 8u91-b14-3ubuntu1~16.04.1
released
References
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00024.html
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00033.html
http://lists.opensuse.org/opensuse-updates/2016-08/msg00028.html
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
http://www.securityfocus.com/bid/91787
http://www.securityfocus.com/bid/91904
http://www.securitytracker.com/id/1036365
http://www.ubuntu.com/usn/USN-3043-1
https://access.redhat.com/errata/RHSA-2016:1458
https://access.redhat.com/errata/RHSA-2016:1475
https://security.gentoo.org/glsa/201610-08
https://security.gentoo.org/glsa/201701-43
https://security.netapp.com/advisory/ntap-20160721-0001/
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00024.html
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00033.html
http://lists.opensuse.org/opensuse-updates/2016-08/msg00028.html
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
http://www.securityfocus.com/bid/91787
http://www.securityfocus.com/bid/91904
http://www.securitytracker.com/id/1036365
http://www.ubuntu.com/usn/USN-3043-1
https://access.redhat.com/errata/RHSA-2016:1458
https://access.redhat.com/errata/RHSA-2016:1475
https://security.gentoo.org/glsa/201610-08
https://security.gentoo.org/glsa/201701-43
https://security.netapp.com/advisory/ntap-20160721-0001/