Home

CVE-2016-0483

Description

Unspecified vulnerability in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this is a heap-based buffer overflow in the readImage function, which allows remote attackers to execute arbitrary code via crafted image data.

Risk Information

Base Score
9.8
MODERATE
Vector
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
12.599

Associated Vulnerability

VulnerabilityOS Platform
Multiple Vulnerabilities are affected in Java SE Development Kit 1.8.0Windows
Multiple vulnerabilities are fixed in Azul Zulu JDK 7 7.13Windows
Multiple vulnerabilities are fixed in Azul Zulu JDK 7 (x64) 7.13Windows
Multiple vulnerabilities are fixed in Azul Zulu JDK 8 (MSI) 8.13Windows
Multiple vulnerabilities are fixed in Azul Zulu JDK 8 (MSI) (x64) 8.13Windows
Open Source Java implementation (USN-1505-1) openjdk-6-jre_6b38-1.13.10-0ubuntu0.12.04.1_i386.debLinux
Open Source Java implementation (USN-1505-1) openjdk-6-jre_6b38-1.13.10-0ubuntu0.12.04.1_amd64.debLinux
Open Source Java implementation (USN-1553-1) openjdk-6-jre-lib_6b38-1.13.10-0ubuntu0.12.04.1_all.debLinux
Open Source Java implementation (USN-1553-1) openjdk-6-jre-zero_6b38-1.13.10-0ubuntu0.12.04.1_i386.debLinux
Open Source Java implementation (USN-1553-1) openjdk-6-jre-zero_6b38-1.13.10-0ubuntu0.12.04.1_amd64.debLinux
Open Source Java implementation (USN-1553-1) openjdk-6-jre-headless_6b38-1.13.10-0ubuntu0.12.04.1_i386.debLinux
Open Source Java implementation (USN-1553-1) openjdk-6-jre-headless_6b38-1.13.10-0ubuntu0.12.04.1_amd64.debLinux
Open Source Java implementation (USN-2187-1) openjdk-7-jre-lib_7u95-2.6.4-0ubuntu0.14.04.1_all.debLinux
Open Source Java implementation (USN-2487-1) openjdk-7-source_7u95-2.6.4-0ubuntu0.14.04.1_all.debLinux
Open Source Java implementation (USN-2573-1) openjdk-6-jdk_6b38-1.13.10-0ubuntu0.12.04.1_i386.debLinux
Open Source Java implementation (USN-2573-1) openjdk-6-jdk_6b38-1.13.10-0ubuntu0.12.04.1_amd64.debLinux
Open Source Java implementation (USN-2573-1) openjdk-6-source_6b38-1.13.10-0ubuntu0.12.04.1_all.debLinux
Open Source Java implementation (USN-2696-1) openjdk-7-jdk_7u95-2.6.4-0ubuntu0.15.04.1_i386.debLinux
Open Source Java implementation (USN-2696-1) openjdk-7-jdk_7u95-2.6.4-0ubuntu0.15.04.1_amd64.debLinux
Open Source Java implementation (USN-2696-1) openjdk-7-jre_7u95-2.6.4-0ubuntu0.15.04.1_i386.debLinux
Open Source Java implementation (USN-2696-1) openjdk-7-jre_7u95-2.6.4-0ubuntu0.15.04.1_amd64.debLinux
Open Source Java implementation (USN-2696-1) openjdk-7-jre-lib_7u95-2.6.4-0ubuntu0.15.04.1_all.debLinux
Open Source Java implementation (USN-2696-1) openjdk-7-jre-zero_7u95-2.6.4-0ubuntu0.15.04.1_i386.debLinux
Open Source Java implementation (USN-2696-1) openjdk-7-jre-zero_7u95-2.6.4-0ubuntu0.15.04.1_amd64.debLinux
Open Source Java implementation (USN-2696-1) openjdk-7-jre-headless_7u95-2.6.4-0ubuntu0.15.04.1_i386.debLinux
Open Source Java implementation (USN-2696-1) openjdk-7-jre-headless_7u95-2.6.4-0ubuntu0.15.04.1_amd64.debLinux
Open Source Java implementation (USN-2784-1) icedtea-7-jre-jamvm_7u85-2.6.1-5ubuntu0.15.10.1_i386.debLinux
Open Source Java implementation (USN-2784-1) icedtea-7-jre-jamvm_7u85-2.6.1-5ubuntu0.15.10.1_amd64.debLinux
Open Source Java implementation (USN-2884-1) icedtea-7-jre-jamvm_7u95-2.6.4-0ubuntu0.15.04.1_i386.debLinux
Open Source Java implementation (USN-2884-1) icedtea-7-jre-jamvm_7u95-2.6.4-0ubuntu0.15.04.1_amd64.debLinux
Open Source Java implementation (USN-2884-1) icedtea-7-jre-jamvm_7u85-2.6.1-5ubuntu0.15.10.1_i386.debLinux
Open Source Java implementation (USN-2884-1) icedtea-7-jre-jamvm_7u85-2.6.1-5ubuntu0.15.10.1_amd64.debLinux
Open Source Java implementation (USN-2885-1) icedtea-6-jre-cacao_6b38-1.13.10-0ubuntu0.12.04.1_i386.debLinux
Open Source Java implementation (USN-2885-1) icedtea-6-jre-cacao_6b38-1.13.10-0ubuntu0.12.04.1_amd64.debLinux
Open Source Java implementation (USN-2885-1) icedtea-6-jre-jamvm_6b38-1.13.10-0ubuntu0.12.04.1_i386.debLinux
Open Source Java implementation (USN-2885-1) icedtea-6-jre-jamvm_6b38-1.13.10-0ubuntu0.12.04.1_amd64.debLinux
CVE-2016-0483NCM

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-333702Java SE Development Kit 8 Update 391 (32-bit) (8.0.3910.13) (JDK) (Manual Upload Required)
PATCH-344728Azul Zulu JDK 8 (MSI) (8.84.0.15)
PATCH-344692Azul Zulu JDK 8 (MSI) (x64) (8.84.0.15)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234