CVE-2016-3598

Description

Unspecified vulnerability in Oracle Java SE 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Libraries, a different vulnerability than CVE-2016-3610.

Risk Information

Base Score

9.6

MODERATE

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

EPSS Score

Exploitation Probability

7.073

Associated Vulnerability

Vulnerability	OS Platform
Multiple Vulnerabilities are affected in Java SE Development Kit 1.8.0	Windows
Multiple vulnerabilities are fixed in Azul Zulu JDK 8 (MSI) 8.17	Windows
Multiple vulnerabilities are fixed in Azul Zulu JDK 8 (MSI) (x64) 8.17	Windows
Multiple vulnerabilities are affected in Java SE Development Kit 8.0.920	Windows
Multiple vulnerabilities are affected in Java SE Development Kit (x64) 8.0.920	Windows
Multiple vulnerabilities are affected in Java Runtime Environment 1.8 8.0.920	Windows
Multiple vulnerabilities are affected in Java Runtime Environment 1.8 (x64) 8.0.920	Windows
Multiple Vulnerabilities are affected in IBM Tivoli Monitoring 6.3.0	Windows
Multiple Vulnerabilities are affected in IBM Cognos Analytics 11.0.6.0	Windows
Open Source Java implementation (USN-3062-1) openjdk-7-jre_7u111-2.6.7-0ubuntu0.14.04.3_i386.deb	Linux
Open Source Java implementation (USN-3062-1) openjdk-7-jre_7u111-2.6.7-0ubuntu0.14.04.3_amd64.deb	Linux
Open Source Java implementation (USN-3062-1) openjdk-7-jre-lib_7u111-2.6.7-0ubuntu0.14.04.3_all.deb	Linux
Open Source Java implementation (USN-3062-1) openjdk-7-jre-zero_7u111-2.6.7-0ubuntu0.14.04.3_i386.deb	Linux
Open Source Java implementation (USN-3062-1) openjdk-7-jre-zero_7u111-2.6.7-0ubuntu0.14.04.3_amd64.deb	Linux
Open Source Java implementation (USN-3062-1) icedtea-7-jre-jamvm_7u111-2.6.7-0ubuntu0.14.04.3_i386.deb	Linux
Open Source Java implementation (USN-3062-1) icedtea-7-jre-jamvm_7u111-2.6.7-0ubuntu0.14.04.3_amd64.deb	Linux
Open Source Java implementation (USN-3062-1) openjdk-7-jre-headless_7u111-2.6.7-0ubuntu0.14.04.3_i386.deb	Linux
Open Source Java implementation (USN-3062-1) openjdk-7-jre-headless_7u111-2.6.7-0ubuntu0.14.04.3_amd64.deb	Linux

Patch Details

Click to see the patches provided by ManageEngine for this CVE

Patch ID	Patch Description
PATCH-333702	Java SE Development Kit 8 Update 391 (32-bit) (8.0.3910.13) (JDK) (Manual Upload Required)
PATCH-344728	Azul Zulu JDK 8 (MSI) (8.84.0.15)
PATCH-344692	Azul Zulu JDK 8 (MSI) (x64) (8.84.0.15)
PATCH-349783	Java SE Development Kit (8.0.4610.11) (Manual Upload Required)
PATCH-349784	Java SE Development Kit (x64) (8.0.4610.11) (Manual Upload Required)
PATCH-349781	Java Runtime Environment 1.8 (8.0.4610.11) (Manual Upload Required)
PATCH-349782	Java Runtime Environment 1.8 (x64) (8.0.4610.11) (Manual Upload Required)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234