Home

CVE-2016-0686

Description

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 and Java SE Embedded 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Serialization.

Risk Information

Base Score
9.6
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
EPSS Score
Exploitation Probability
5.413

Associated Vulnerability

VulnerabilityOS Platform
Multiple Vulnerabilities are affected in Java SE Development Kit 1.8.0Windows
Vulnerabilities CVE-2016-0686,CVE-2016-0687,CVE-2016-3427,CVE-2016-3425 are fixed in Azul Zulu JDK 7 7.14Windows
Vulnerabilities CVE-2016-0686,CVE-2016-0687,CVE-2016-3427,CVE-2016-3425 are fixed in Azul Zulu JDK 7 (x64) 7.14Windows
Multiple vulnerabilities are fixed in Azul Zulu JDK 8 (MSI) 8.15Windows
Multiple vulnerabilities are fixed in Azul Zulu JDK 8 (MSI) (x64) 8.15Windows
Multiple vulnerabilities are affected in Java SE Development Kit 8.0.770Windows
Multiple vulnerabilities are affected in Java SE Development Kit (x64) 8.0.770Windows
Multiple vulnerabilities are affected in Java Runtime Environment 1.8 8.0.770Windows
Multiple vulnerabilities are affected in Java Runtime Environment 1.8 (x64) 8.0.770Windows
Multiple vulnerabilities are affected in Java SE Development Kit 7 (x64) 7.0.990Windows
Multiple vulnerabilities are affected in Java SE Development Kit 7 (x86) 7.0.990Windows
Multiple Vulnerabilities are affected in IBM Tivoli Monitoring 6.3.0Windows
Open Source Java implementation (USN-2963-1) openjdk-8-jdk_8u91-b14-0ubuntu4~16.04.1_i386.debLinux
Open Source Java implementation (USN-2963-1) openjdk-8-jdk_8u91-b14-0ubuntu4~16.04.1_amd64.debLinux
Open Source Java implementation (USN-2963-1) openjdk-8-jre_8u91-b14-0ubuntu4~16.04.1_i386.debLinux
Open Source Java implementation (USN-2963-1) openjdk-8-jre_8u91-b14-0ubuntu4~16.04.1_amd64.debLinux
Open Source Java implementation (USN-2963-1) openjdk-8-jre-zero_8u91-b14-0ubuntu4~16.04.1_i386.debLinux
Open Source Java implementation (USN-2963-1) openjdk-8-jre-zero_8u91-b14-0ubuntu4~16.04.1_amd64.debLinux
Open Source Java implementation (USN-2963-1) openjdk-8-jre-jamvm_8u91-b14-0ubuntu4~16.04.1_i386.debLinux
Open Source Java implementation (USN-2963-1) openjdk-8-jre-jamvm_8u91-b14-0ubuntu4~16.04.1_amd64.debLinux
Open Source Java implementation (USN-2963-1) openjdk-8-jdk-headless_8u91-b14-0ubuntu4~16.04.1_i386.debLinux
Open Source Java implementation (USN-2963-1) openjdk-8-jdk-headless_8u91-b14-0ubuntu4~16.04.1_amd64.debLinux
Open Source Java implementation (USN-2963-1) openjdk-8-jre-headless_8u91-b14-0ubuntu4~16.04.1_i386.debLinux
Open Source Java implementation (USN-2963-1) openjdk-8-jre-headless_8u91-b14-0ubuntu4~16.04.1_amd64.debLinux
Open Source Java implementation (USN-2964-1) openjdk-7-jdk_7u101-2.6.6-0ubuntu0.15.10.1_i386.debLinux
Open Source Java implementation (USN-2964-1) openjdk-7-jdk_7u101-2.6.6-0ubuntu0.15.10.1_amd64.debLinux
Open Source Java implementation (USN-2964-1) openjdk-7-jre_7u101-2.6.6-0ubuntu0.14.04.1_i386.debLinux
Open Source Java implementation (USN-2964-1) openjdk-7-jre_7u101-2.6.6-0ubuntu0.14.04.1_amd64.debLinux
Open Source Java implementation (USN-2964-1) openjdk-7-jre_7u101-2.6.6-0ubuntu0.15.10.1_i386.debLinux
Open Source Java implementation (USN-2964-1) openjdk-7-jre_7u101-2.6.6-0ubuntu0.15.10.1_amd64.debLinux
Open Source Java implementation (USN-2964-1) openjdk-7-source_7u101-2.6.6-0ubuntu0.15.10.1_all.debLinux
Open Source Java implementation (USN-2964-1) openjdk-7-jre-lib_7u101-2.6.6-0ubuntu0.14.04.1_all.debLinux
Open Source Java implementation (USN-2964-1) openjdk-7-jre-lib_7u101-2.6.6-0ubuntu0.15.10.1_all.debLinux
Open Source Java implementation (USN-2964-1) openjdk-7-jre-zero_7u101-2.6.6-0ubuntu0.14.04.1_i386.debLinux
Open Source Java implementation (USN-2964-1) openjdk-7-jre-zero_7u101-2.6.6-0ubuntu0.14.04.1_amd64.debLinux
Open Source Java implementation (USN-2964-1) openjdk-7-jre-zero_7u101-2.6.6-0ubuntu0.15.10.1_i386.debLinux
Open Source Java implementation (USN-2964-1) openjdk-7-jre-zero_7u101-2.6.6-0ubuntu0.15.10.1_amd64.debLinux
Open Source Java implementation (USN-2964-1) icedtea-7-jre-jamvm_7u101-2.6.6-0ubuntu0.14.04.1_i386.debLinux
Open Source Java implementation (USN-2964-1) icedtea-7-jre-jamvm_7u101-2.6.6-0ubuntu0.14.04.1_amd64.debLinux
Open Source Java implementation (USN-2964-1) icedtea-7-jre-jamvm_7u101-2.6.6-0ubuntu0.15.10.1_i386.debLinux
Open Source Java implementation (USN-2964-1) icedtea-7-jre-jamvm_7u101-2.6.6-0ubuntu0.15.10.1_amd64.debLinux
Open Source Java implementation (USN-2964-1) openjdk-7-jre-headless_7u101-2.6.6-0ubuntu0.14.04.1_i386.debLinux
Open Source Java implementation (USN-2964-1) openjdk-7-jre-headless_7u101-2.6.6-0ubuntu0.14.04.1_amd64.debLinux
Open Source Java implementation (USN-2964-1) openjdk-7-jre-headless_7u101-2.6.6-0ubuntu0.15.10.1_i386.debLinux
Open Source Java implementation (USN-2964-1) openjdk-7-jre-headless_7u101-2.6.6-0ubuntu0.15.10.1_amd64.debLinux
Open Source Java implementation (USN-2972-1) openjdk-6-jre_6b39-1.13.11-0ubuntu0.12.04.1_i386.debLinux
Open Source Java implementation (USN-2972-1) openjdk-6-jre_6b39-1.13.11-0ubuntu0.12.04.1_amd64.debLinux
Open Source Java implementation (USN-2972-1) openjdk-6-jre-lib_6b39-1.13.11-0ubuntu0.12.04.1_all.debLinux
Open Source Java implementation (USN-2972-1) openjdk-6-jre-zero_6b39-1.13.11-0ubuntu0.12.04.1_i386.debLinux
Open Source Java implementation (USN-2972-1) openjdk-6-jre-zero_6b39-1.13.11-0ubuntu0.12.04.1_amd64.debLinux
Open Source Java implementation (USN-2972-1) icedtea-6-jre-cacao_6b39-1.13.11-0ubuntu0.12.04.1_i386.debLinux
Open Source Java implementation (USN-2972-1) icedtea-6-jre-cacao_6b39-1.13.11-0ubuntu0.12.04.1_amd64.debLinux
Open Source Java implementation (USN-2972-1) icedtea-6-jre-jamvm_6b39-1.13.11-0ubuntu0.12.04.1_i386.debLinux
Open Source Java implementation (USN-2972-1) icedtea-6-jre-jamvm_6b39-1.13.11-0ubuntu0.12.04.1_amd64.debLinux
Open Source Java implementation (USN-2972-1) openjdk-6-jre-headless_6b39-1.13.11-0ubuntu0.12.04.1_i386.debLinux
Open Source Java implementation (USN-2972-1) openjdk-6-jre-headless_6b39-1.13.11-0ubuntu0.12.04.1_amd64.debLinux
SUSE-SU-2016:1250-1(SUSE Linux Enterprise Desktop 12 ) java-1_7_0-openjdk-1.7.0.101-30.1.x86_64.rpmLinux
SUSE-SU-2016:1250-1(SUSE Linux Enterprise Desktop 12 ) java-1_7_0-openjdk-debuginfo-1.7.0.101-30.1.x86_64.rpmLinux
SUSE-SU-2016:1250-1(SUSE Linux Enterprise Desktop 12 ) java-1_7_0-openjdk-debugsource-1.7.0.101-30.1.x86_64.rpmLinux
SUSE-SU-2016:1250-1(SUSE Linux Enterprise Server 12 ) java-1_7_0-openjdk-demo-1.7.0.101-30.1.x86_64.rpmLinux
SUSE-SU-2016:1250-1(SUSE Linux Enterprise Server 12 ) java-1_7_0-openjdk-demo-debuginfo-1.7.0.101-30.1.x86_64.rpmLinux
SUSE-SU-2016:1250-1(SUSE Linux Enterprise Server 12 ) java-1_7_0-openjdk-devel-1.7.0.101-30.1.x86_64.rpmLinux
SUSE-SU-2016:1250-1(SUSE Linux Enterprise Server 12 ) java-1_7_0-openjdk-devel-debuginfo-1.7.0.101-30.1.x86_64.rpmLinux
SUSE-SU-2016:1250-1(SUSE Linux Enterprise Desktop 12 ) java-1_7_0-openjdk-headless-1.7.0.101-30.1.x86_64.rpmLinux
SUSE-SU-2016:1250-1(SUSE Linux Enterprise Desktop 12 ) java-1_7_0-openjdk-headless-debuginfo-1.7.0.101-30.1.x86_64.rpmLinux
SUSE-SU-2016:1299-1(SUSE Linux Enterprise Server 12 ) java-1_7_1-ibm-1.7.1_sr3.40-25.1.x86_64.rpmLinux
SUSE-SU-2016:1299-1(SUSE Linux Enterprise Server 12 ) java-1_7_1-ibm-alsa-1.7.1_sr3.40-25.1.x86_64.rpmLinux
SUSE-SU-2016:1299-1(SUSE Linux Enterprise Server 12 ) java-1_7_1-ibm-jdbc-1.7.1_sr3.40-25.1.x86_64.rpmLinux
SUSE-SU-2016:1299-1(SUSE Linux Enterprise Server 12 ) java-1_7_1-ibm-plugin-1.7.1_sr3.40-25.1.x86_64.rpmLinux

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-333702Java SE Development Kit 8 Update 391 (32-bit) (8.0.3910.13) (JDK) (Manual Upload Required)
PATCH-344728Azul Zulu JDK 8 (MSI) (8.84.0.15)
PATCH-344692Azul Zulu JDK 8 (MSI) (x64) (8.84.0.15)
PATCH-349783Java SE Development Kit (8.0.4610.11) (Manual Upload Required)
PATCH-349784Java SE Development Kit (x64) (8.0.4610.11) (Manual Upload Required)
PATCH-349781Java Runtime Environment 1.8 (8.0.4610.11) (Manual Upload Required)
PATCH-349782Java Runtime Environment 1.8 (x64) (8.0.4610.11) (Manual Upload Required)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234