PT-2016-5451 · Oracle+5 · Oracle Java Se+8

Publicado

2016-04-20

·

Atualizado

2024-06-15

·

CVE-2016-3426

CVSS v2.0

4.3

Média

VetorAV:N/AC:M/Au:N/C:P/I:N/A:N
Name of the Vulnerable Software and Affected Versions Oracle Java SE version 8u77 Java SE Embedded version 8u77
Description The issue allows remote attackers to affect confidentiality. It is related to vectors in JCE. A vulnerability in IBM Java SDK could allow a remote attacker to execute arbitrary code on the system by escalating privileges through modification or removal of the security manager.
Recommendations For Oracle Java SE version 8u77, update to a version that fixes the issue. For Java SE Embedded version 8u77, update to a version that fixes the issue. As a temporary workaround, consider restricting access to JCE components until a patch is available.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Identificadores relacionados

CESA-2016_0650
CESA-2016_0651
CVE-2016-3426
DLA-451-1
DSA-3558-1
MGASA-2016-0149
OPENSUSE-SU-2016_1222-1
OPENSUSE-SU-2016_1262-1
OPENSUSE-SU-2024:10197-1
RHSA-2016:0650
RHSA-2016:0651
RHSA-2016:0677
RHSA-2016:0701
RHSA-2016:0702
RHSA-2016:0708
RHSA-2016:0716
RHSA-2016:1039
RHSA-2016:1430
RHSA-2016_0650
RHSA-2016_0651
RHSA-2016_0677
RHSA-2016_0701
RHSA-2016_0708
RHSA-2016_0716
RHSA-2016_1039
RHSA-2017:1216
SUSE-SU-2016:1248-1
SUSE-SU-2016:1299-1
SUSE-SU-2016:1300-1
SUSE-SU-2016:1303-1
SUSE-SU-2016:1378-1
SUSE-SU-2016:1379-1
SUSE-SU-2016:1458-1
SUSE-SU-2016:1475-1
USN-2963-1

Produtos afetados

Centos
Ibm Aix
Ibm Java Sdk
Java Platform
Java Se Embedded
Oracle Java Se
Red Hat
Suse
Ubuntu