CVE-2016-0603
Description
Unspecified vulnerability in the Java SE component in Oracle Java SE 6u111, 7u95, 8u71, and 8u72, when running on Windows, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install. NOTE: the previous information is from Oracles Security Alert for CVE-2016-0603. Oracle has not commented on third-party claims that this is an untrusted search path issue that allows local users to gain privileges via a Trojan horse dll in the application directory.
Risk Information
Base Score
7.8
MODERATE
Vector
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
3.0
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple vulnerabilities affected in Java jdk (x64) 8.0(x64) | Windows |
| Multiple vulnerabilities affected in Java jdk 8.0 | Windows |
| Multiple vulnerabilities affected in Java jre (x64) 8.0(x64) | Windows |
| Multiple vulnerabilities affected in Java jre 8.0 | Windows |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-333701 | Java SE Development Kit 8 Update 391 (64-bit) (8.0.3910.13) (JDK) (Manual Upload Required) |
| PATCH-333702 | Java SE Development Kit 8 Update 391 (32-bit) (8.0.3910.13) (JDK) (Manual Upload Required) |
| PATCH-349782 | Java Runtime Environment 1.8 (x64) (8.0.4610.11) (Manual Upload Required) |
| PATCH-306097 | Update for Java Runtime Environment (1.8.141) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234