Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM5FF444B68F9284B6751272EF885E0A158CCFEEEA027EB2F8DA248482725D22C4
HistoryJun 18, 2018 - 12:32 a.m.

Security Bulletin: Java Platform Standard Edition Vulnerability in Multiple N Series Products (CVE-2016-0603)

2018-06-1800:32:43
www.ibm.com
12

EPSS

0.227

Percentile

96.5%

JSON

Summary

Multiple N Series Products incorporate the Oracle Java Platform, Standard Edition (Java SE) software libraries. Java SE (JDK and JRE) versions below6u113, 7u97 or 8u73 are susceptible to a vulnerability potentially leading to an unauthorized Operating System takeover.

Vulnerability Details

CVEID: CVE-2016-0603**
DESCRIPTION:** Oracle Java SE could allow a remote attacker to execute arbitrary code on the system, caused by an error during the installation process. By persuading a victim to visit a specially crafted web site and downloading files prior to installation, an attacker could exploit this vulnerability to gain complete control of the system.
CVSS Base Score: 7.6
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/110446 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:H/Au:N/C:C/I:C/A:C)

Affected Products and Versions

NS OnCommand Core Package: 5.2, 5.2R1, 5.2.1P1, 5.2.1P2;

Remediation/Fixes

For NS OnCommand Core Package: the fix exists from microcode version: 5.2.2;

Please contact IBM support or go to this link to download a supported release.

Workarounds and Mitigations

None.

Related

prion 1
cisa 1
debiancve 1
ibm 9
nessus 2
cve 1
thn 1
openvas 2
cvelist 1
nvd 1
ubuntucve 1
gentoo 1
prion
prion
Design/Logic Flaw
2016-02-08 16:59:00
cisa
cisa
Oracle Releases Security Updates for Java
2016-02-08 00:00:00
debiancve
debiancve
CVE-2016-0603
2016-02-08 16:59:01
ibm
ibm
Security Bulletin: Vulnerability in IBM Java SDK affects IBM Decision Optimization Center (CVE-2016-0603)
2018-06-16 13:39:03
Security Bulletin: Vulnerability in IBM Java Runtime affect Rational Host On-Demand (CVE-2016-0603)
2018-08-03 04:23:43
Security Bulletin: Current releases of the IBM® SDK, Java™ Technology Edition are affected by CVE-2016-0603
2018-06-15 07:05:05
nessus
nessus
Oracle Java SE Installer on Windows Arbitrary Code Execution
2016-02-16 00:00:00
GLSA-201610-08 : Oracle JRE/JDK: Multiple vulnerabilities
2016-10-17 00:00:00
cve
cve
CVE-2016-0603
2016-02-08 16:59:01
thn
thn
Oracle Issues Emergency Java Update for Windows
2016-02-07 23:46:00
openvas
openvas
Oracle Java SE Privilege Escalation Vulnerability - Linux
2016-02-12 00:00:00
Oracle Java SE Privilege Escalation Vulnerability - Windows
2016-02-12 00:00:00
cvelist
cvelist
CVE-2016-0603
2016-02-08 16:00:00
nvd
nvd
CVE-2016-0603
2016-02-08 16:59:01
ubuntucve
ubuntucve
CVE-2016-0603
2016-02-08 00:00:00
gentoo
gentoo
Oracle JRE/JDK: Multiple vulnerabilities
2016-10-15 00:00:00

EPSS

0.227

Percentile

96.5%

JSON
Related for 5FF444B68F9284B6751272EF885E0A158CCFEEEA027EB2F8DA248482725D22C4
prion1cisa1debiancve1ibm9nessus2cve1thn1openvas2cvelist1nvd1ubuntucve1gentoo1