CVE-2016-0466
Description
Unspecified vulnerability in the Java SE, Java SE Embedded, and JRockit components in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect availability via vectors related to JAXP.
Risk Information
Base Score
9.6
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
EPSS Score
Exploitation Probability
4.23
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple Vulnerabilities are affected in Java SE Development Kit 1.8.0 | Windows |
| Multiple vulnerabilities are fixed in Azul Zulu JDK 7 7.13 | Windows |
| Multiple vulnerabilities are fixed in Azul Zulu JDK 7 (x64) 7.13 | Windows |
| Multiple vulnerabilities are fixed in Azul Zulu JDK 8 (MSI) 8.13 | Windows |
| Multiple vulnerabilities are fixed in Azul Zulu JDK 8 (MSI) (x64) 8.13 | Windows |
| Multiple vulnerabilities are fixed in IBM WebSphere 8.0.0.13 | Windows |
| Multiple vulnerabilities are fixed in IBM WebSphere 8.5.5.9 | Windows |
| Multiple vulnerabilities are fixed in IBM WebSphere 7.0.0.41 | Windows |
| Multiple Vulnerabilities are affected in IBM Cognos Controller 10.2.1 | Windows |
| Multiple Vulnerabilities are affected in IBM Cognos Controller 10.1 | Windows |
| Multiple Vulnerabilities are affected in IBM Cognos Controller 10.1.1 | Windows |
| Multiple Vulnerabilities are affected in IBM Cognos Controller 10.2 | Windows |
| Open Source Java implementation (USN-2784-1) icedtea-7-jre-jamvm_7u85-2.6.1-5ubuntu0.15.10.1_i386.deb | Linux |
| Open Source Java implementation (USN-2784-1) icedtea-7-jre-jamvm_7u85-2.6.1-5ubuntu0.15.10.1_amd64.deb | Linux |
| Open Source Java implementation (USN-2884-1) icedtea-7-jre-jamvm_7u95-2.6.4-0ubuntu0.15.04.1_i386.deb | Linux |
| Open Source Java implementation (USN-2884-1) icedtea-7-jre-jamvm_7u95-2.6.4-0ubuntu0.15.04.1_amd64.deb | Linux |
| Open Source Java implementation (USN-2884-1) icedtea-7-jre-jamvm_7u85-2.6.1-5ubuntu0.15.10.1_i386.deb | Linux |
| Open Source Java implementation (USN-2884-1) icedtea-7-jre-jamvm_7u85-2.6.1-5ubuntu0.15.10.1_amd64.deb | Linux |
| Open Source Java implementation (USN-2885-1) icedtea-6-jre-cacao_6b38-1.13.10-0ubuntu0.12.04.1_i386.deb | Linux |
| Open Source Java implementation (USN-2885-1) icedtea-6-jre-cacao_6b38-1.13.10-0ubuntu0.12.04.1_amd64.deb | Linux |
| Open Source Java implementation (USN-2885-1) icedtea-6-jre-jamvm_6b38-1.13.10-0ubuntu0.12.04.1_i386.deb | Linux |
| Open Source Java implementation (USN-2885-1) icedtea-6-jre-jamvm_6b38-1.13.10-0ubuntu0.12.04.1_amd64.deb | Linux |
| CVE-2016-0466 | NCM |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-333702 | Java SE Development Kit 8 Update 391 (32-bit) (8.0.3910.13) (JDK) (Manual Upload Required) |
| PATCH-344728 | Azul Zulu JDK 8 (MSI) (8.84.0.15) |
| PATCH-344692 | Azul Zulu JDK 8 (MSI) (x64) (8.84.0.15) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234