Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveOracleCVE-2016-0603
HistoryFeb 08, 2016 - 4:59 p.m.

CVE-2016-0603

2016-02-0816:59:01
oracle
web.nvd.nist.gov
45
cve-2016-0603
java se
oracle
windows
remote attackers
confidentiality
integrity
availability
security issue

CVSS2

7.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

AI Score

7.8

Confidence

Low

EPSS

0.227

Percentile

96.5%

JSON

Unspecified vulnerability in the Java SE component in Oracle Java SE 6u111, 7u95, 8u71, and 8u72, when running on Windows, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Install. NOTE: the previous information is from Oracle’s Security Alert for CVE-2016-0603. Oracle has not commented on third-party claims that this is an untrusted search path issue that allows local users to gain privileges via a Trojan horse dll in the “application directory.”

Affected configurations

Nvd
Node
microsoftwindows
AND
oraclejreMatch1.6.0update111
OR
oraclejreMatch1.7.0update95
OR
oraclejreMatch1.8.0update71
OR
oraclejreMatch1.8.0update72
Node
microsoftwindows
AND
oraclejdkMatch1.6.0update111
OR
oraclejdkMatch1.7.0update95
OR
oraclejdkMatch1.8.0update72
VendorProductVersionCPE
microsoftwindows*cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
oraclejre1.6.0cpe:2.3:a:oracle:jre:1.6.0:update111:*:*:*:*:*:*
oraclejre1.7.0cpe:2.3:a:oracle:jre:1.7.0:update95:*:*:*:*:*:*
oraclejre1.8.0cpe:2.3:a:oracle:jre:1.8.0:update71:*:*:*:*:*:*
oraclejre1.8.0cpe:2.3:a:oracle:jre:1.8.0:update72:*:*:*:*:*:*
oraclejdk1.6.0cpe:2.3:a:oracle:jdk:1.6.0:update111:*:*:*:*:*:*
oraclejdk1.7.0cpe:2.3:a:oracle:jdk:1.7.0:update95:*:*:*:*:*:*
oraclejdk1.8.0cpe:2.3:a:oracle:jdk:1.8.0:update72:*:*:*:*:*:*

Related

prion 1
cisa 1
debiancve 1
ibm 10
nessus 2
thn 1
openvas 2
cvelist 1
nvd 1
ubuntucve 1
gentoo 1
prion
prion
Design/Logic Flaw
2016-02-08 16:59:00
cisa
cisa
Oracle Releases Security Updates for Java
2016-02-08 00:00:00
debiancve
debiancve
CVE-2016-0603
2016-02-08 16:59:01
ibm
ibm
Security Bulletin: Java Platform Standard Edition Vulnerability in Multiple N Series Products (CVE-2016-0603)
2018-06-18 00:32:43
Security Bulletin: Vulnerability in IBM Java SDK affects IBM Fabric Manager (CVE-2016-0603)
2019-01-31 02:25:02
Security Bulletin: Vulnerability in IBM Java SDK affects IBM Decision Optimization Center (CVE-2016-0603)
2018-06-16 13:39:03
nessus
nessus
Oracle Java SE Installer on Windows Arbitrary Code Execution
2016-02-16 00:00:00
GLSA-201610-08 : Oracle JRE/JDK: Multiple vulnerabilities
2016-10-17 00:00:00
thn
thn
Oracle Issues Emergency Java Update for Windows
2016-02-07 23:46:00
openvas
openvas
Oracle Java SE Privilege Escalation Vulnerability - Linux
2016-02-12 00:00:00
Oracle Java SE Privilege Escalation Vulnerability - Windows
2016-02-12 00:00:00
cvelist
cvelist
CVE-2016-0603
2016-02-08 16:00:00
nvd
nvd
CVE-2016-0603
2016-02-08 16:59:01
ubuntucve
ubuntucve
CVE-2016-0603
2016-02-08 00:00:00
gentoo
gentoo
Oracle JRE/JDK: Multiple vulnerabilities
2016-10-15 00:00:00

CVSS2

7.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

AI Score

7.8

Confidence

Low

EPSS

0.227

Percentile

96.5%

JSON
Related for CVE-2016-0603
prion1cisa1debiancve1ibm10nessus2thn1openvas2cvelist1nvd1ubuntucve1gentoo1