CVE-2016-3609

Unspecified vulnerability in the OJVM component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9 CRITICAL
NETWORK
LOW
LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
oracleCNA
---
---
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 79%
VendorProductVersion
oracledatabase
11.2.0.4
oracledatabase
12.1.0.1
oracledatabase
12.1.0.2
𝑥
= Vulnerable software versions
References
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
http://www.securityfocus.com/bid/91787
http://www.securityfocus.com/bid/91890
http://www.securitytracker.com/id/1036363
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
http://www.securityfocus.com/bid/91787
http://www.securityfocus.com/bid/91890
http://www.securitytracker.com/id/1036363