Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBMAE99FB99E42BBD39F9B2F80B79A2C20D102DC86E520AFD2687C32E3E4973E3BA
HistoryJun 18, 2018 - 12:32 a.m.

Security Bulletin: Java Platform Standard Edition Vulnerability in Multiple N Series Products (CVE-2016-0636)

2018-06-1800:32:43
www.ibm.com
18

EPSS

0.036

Percentile

91.7%

JSON

Summary

Multiple N Series Products incorporate the Oracle Java Platform, Standard Edition (Java SE) software libraries. Java SE versions 7u97, 8u73 and 8u74 are susceptible to a vulnerability, potentially leading to an unauthorized Operating System takeover including arbitrary code execution.

Vulnerability Details

CVEID: CVE-2016-0636**
DESCRIPTION:** Oracle Java SE could allow a remote attacker to execute arbitrary code on the system, caused by an error during the installation process. By persuading a victim to visit a specially crafted web site, an attacker could exploit this vulnerability to gain complete control of the system.
CVSS Base Score: 9.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/111731 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C)

Affected Products and Versions

NS OnCommand Core Package: 5.2, 5.2R1, 5.2.1P1, 5.2.1P2;

Remediation/Fixes

For NS OnCommand Core Package: the fix exists from microcode version: 5.2.2;

Please contact IBM support or go to this link to download a supported release.

Workarounds and Mitigations

None.

Related

nessus 34
redhat 6
suse 8
oraclelinux 4
openvas 30
ubuntucve 1
prion 1
cvelist 1
debiancve 1
centos 4
nvd 1
amazon 1
veracode 1
cisa 1
kaspersky 1
ubuntu 1
mageia 1
cve 1
archlinux 6
ibm 11
checkpoint_advisories 1
threatpost 1
f5 2
osv 3
debian 2
gentoo 2
oracle 1
nessus
nessus
Oracle Linux 6 : java-1.7.0-openjdk (ELSA-2016-0511)
2016-03-25 00:00:00
Oracle Linux 5 / 7 : java-1.7.0-openjdk (ELSA-2016-0512)
2016-03-25 00:00:00
Scientific Linux Security Update : java-1.8.0-openjdk on SL6.x i386/x86_64 (20160325)
2016-03-28 00:00:00
redhat
redhat
(RHSA-2016:0511) Critical: java-1.7.0-openjdk security update
2016-03-24 00:00:00
(RHSA-2016:0512) Important: java-1.7.0-openjdk security update
2016-03-24 00:00:00
(RHSA-2016:0513) Critical: java-1.8.0-openjdk security update
2016-03-24 22:59:11
suse
suse
Security update for java-1_7_0-openjdk (important)
2016-04-11 21:07:36
Security update for java-1_7_0-openjdk (important)
2016-04-07 15:08:01
Security update for java-1_8_0-openjdk (important)
2016-04-05 18:08:06
oraclelinux
oraclelinux
java-1.7.0-openjdk security update
2016-03-24 00:00:00
java-1.8.0-openjdk security update
2016-03-24 00:00:00
java-1.8.0-openjdk security update
2016-03-24 00:00:00
openvas
openvas
openSUSE: Security Advisory for java-1_8_0-openjdk (openSUSE-SU-2016:0983-1)
2016-04-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2016:0957-1)
2021-04-19 00:00:00
Oracle: Security Advisory (ELSA-2016-0512)
2016-03-31 00:00:00
ubuntucve
ubuntucve
CVE-2016-0636
2016-03-23 00:00:00
prion
prion
Buffer overflow
2016-03-24 18:59:00
cvelist
cvelist
CVE-2016-0636
2016-03-24 18:00:00
debiancve
debiancve
CVE-2016-0636
2016-03-24 18:59:00
centos
centos
java security update
2016-03-25 03:42:05
java security update
2016-03-25 03:43:23
java security update
2016-03-25 04:16:25
nvd
nvd
CVE-2016-0636
2016-03-24 18:59:00
amazon
amazon
Critical: java-1.8.0-openjdk, java-1.7.0-openjdk
2016-03-29 15:30:00
veracode
veracode
Sandbox Restrictions Bypass
2019-01-15 09:10:40
cisa
cisa
Oracle Releases Security Update for Java SE
2016-03-24 00:00:00
kaspersky
kaspersky
KLA10775 An unknown vulnerability in Oracle Java SE
2016-03-23 00:00:00
ubuntu
ubuntu
OpenJDK 7 vulnerability
2016-03-24 00:00:00
mageia
mageia
Updated java packages fix CVE-2016-0636
2016-04-06 17:09:53
cve
cve
CVE-2016-0636
2016-03-24 18:59:00
archlinux
archlinux
jre8-openjdk-headless: sandbox escape
2016-03-29 00:00:00
jre7-openjdk: sandbox escape
2016-04-01 00:00:00
jre8-openjdk: sandbox escape
2016-03-29 00:00:00
ibm
ibm
Security Bulletin:Multiple vulnerabilities in IBM JRE affect IBM Platform Cluster Manager Standard Edition, IBM Platform Cluster Manager Advanced Edition, and Platform HPC(CVE-2016-4003)
2018-06-18 01:32:23
Security Bulletin: Vulnerabilities in IBM Java Runtime affects CICS Transaction Gateway (CVE-2016-0363 and CVE-2016-0636).
2018-06-15 07:05:37
Security Bulletin: IBM Java as used in IBM QRadar SIEM is vulnerable to information disclosure. (CVE-2016-3426)
2018-06-16 21:44:56
checkpoint_advisories
checkpoint_advisories
Oracle Java SE Security Sandbox Escape (CVE-2013-5838; CVE-2016-0636)
2016-03-27 00:00:00
threatpost
threatpost
Emergency Java Patch Re-Issued for 2013 Vulnerability
2016-03-24 12:05:59
f5
f5
SOL77535578 - Multiple Java SE client-side vulnerabilities
2016-05-26 00:00:00
K77535578 : Multiple Java SE client-side vulnerabilities
2016-05-26 00:00:00
osv
osv
openjdk-7 - security update
2016-04-26 00:00:00
java-1_8_0-openjdk-1.8.0.111-1.1 on GA media
2024-06-15 00:00:00
java-1_7_0-openjdk-1.7.0.121-1.1 on GA media
2024-06-15 00:00:00
debian
debian
[SECURITY] [DLA 451-1] openjdk-7 security update
2016-05-03 10:37:41
[SECURITY] [DSA 3558-1] openjdk-7 security update
2016-04-26 20:25:06
gentoo
gentoo
IcedTea: Multiple vulnerabilities
2016-06-27 00:00:00
Oracle JRE/JDK: Multiple vulnerabilities
2016-10-15 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - April 2016
2016-04-19 00:00:00

EPSS

0.036

Percentile

91.7%

JSON
Related for AE99FB99E42BBD39F9B2F80B79A2C20D102DC86E520AFD2687C32E3E4973E3BA
nessus34redhat6suse8oraclelinux4openvas30ubuntucve1prion1cvelist1debiancve1centos4nvd1amazon1veracode1cisa1kaspersky1ubuntu1mageia1cve1archlinux6ibm11checkpoint_advisories1threatpost1f52osv3debian2gentoo2oracle1