PT-2016-1081 · Oracle+5 · Java Se Embedded+7

Published

2016-01-19

·

Updated

2024-06-15

·

CVE-2016-0448

CVSS v2.0

4.0

Medium

VectorAV:N/AC:L/Au:S/C:P/I:N/A:N
Name of the Vulnerable Software and Affected Versions Java SE versions 6u105, 7u91, and 8u66 Java SE Embedded version 8u65
Description The issue is related to errors in the code of the JMX subcomponent in the Java Platform. It allows a remote attacker to affect confidentiality via vectors related to JMX, potentially allowing access to read data using network packets.
Recommendations For Java SE versions 6u105, 7u91, and 8u66, update to a version that addresses the JMX subcomponent issue. For Java SE Embedded version 8u65, update to a version that addresses the JMX subcomponent issue. As a temporary workaround, consider restricting access to the JMX component until a patch is available.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-17

Related Identifiers

BDU:2016-00151
CESA-2016_0049
CESA-2016_0050
CESA-2016_0053
CESA-2016_0054
CESA-2016_0067
CVE-2016-0448
DLA-410-1
DSA-3458-1
DSA-3465-1
MGASA-2016-0048
OPENSUSE-SU-2016_0263-1
OPENSUSE-SU-2016_0268-1
OPENSUSE-SU-2016_0270-1
OPENSUSE-SU-2016_0272-1
OPENSUSE-SU-2016_0279-1
OPENSUSE-SU-2024:10197-1
OPENSUSE-SU-2024:10534-1
RHSA-2016:0049
RHSA-2016:0050
RHSA-2016:0053
RHSA-2016:0054
RHSA-2016:0055
RHSA-2016:0056
RHSA-2016:0057
RHSA-2016:0067
RHSA-2016:0098
RHSA-2016:0099
RHSA-2016:0100
RHSA-2016:0101
RHSA-2016:1430
RHSA-2016_0049
RHSA-2016_0050
RHSA-2016_0053
RHSA-2016_0054
RHSA-2016_0055
RHSA-2016_0056
RHSA-2016_0057
RHSA-2016_0067
RHSA-2016_0098
RHSA-2016_0099
RHSA-2016_0101
SUSE-SU-2016:0256-1
SUSE-SU-2016:0265-1
SUSE-SU-2016:0269-1
SUSE-SU-2016:0390-1
SUSE-SU-2016:0399-1
SUSE-SU-2016:0401-1
SUSE-SU-2016:0428-1
SUSE-SU-2016:0431-1
SUSE-SU-2016:0433-1
SUSE-SU-2016:0636-1
SUSE-SU-2016:0770-1
USN-2884-1
USN-2885-1

Affected Products

Centos
Ibm Aix
Java Platform
Java Se
Java Se Embedded
Red Hat
Suse
Ubuntu