PT-2016-1803 · Oracle+7 · Jrockit+10
Publicado
2016-04-20
·
Atualizado
2025-09-14
·
CVE-2016-3427
CVSS v2.0
10
Crítica
| Vetor | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Oracle Java SE versions 6u113, 7u99, and 8u77
Java SE Embedded version 8u77
JRockit version R28.3.9
Description
The issue is related to errors in the code of Jrockit and Java Platform, allowing remote attackers to affect confidentiality, integrity, and availability via vectors related to the JMX component. This can lead to a remote attacker influencing the confidentiality, integrity, and availability of information.
Recommendations
For Oracle Java SE versions 6u113, 7u99, and 8u77, consider updating to a version that contains a fix for this issue.
For Java SE Embedded version 8u77, consider updating to a version that contains a fix for this issue.
For JRockit version R28.3.9, consider updating to a version that contains a fix for this issue.
As a temporary workaround, consider restricting access to the JMX component until a patch is available.
Correção
Improper Access Control
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Apache Cassandra
Centos
Ibm Aix
Jrockit
Java Platform
Java Se
Java Se Embedded
Red Hat
Suse
Ubuntu
Vmware Vcenter