Lucene search

Veracode Vulnerability DatabaseVERACODE:16827

HistoryMay 02, 2019 - 5:28 a.m.

Arbitrary Code Execution

2019-05-0205:28:55

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.083 Low

EPSS

Percentile

94.4%

JSON

Java is vulnerable to arbitrary code execution. The vulnerability exists as an unspecified vulnerability in Oracle Java. This allows the remote attacker to execute arbitrary code in user’s browser via vectors related to JMX component.

CPENameOperatorVersion
java-1.8.0-openjdkeq1.8.0.25__3.b17.el6_6
java-1.8.0-openjdkeq1.8.0.45__35.b13.el6
java-1.8.0-openjdkeq1.8.0.51__3.b16.el6_7
java-1.8.0-openjdkeq1.8.0.77__0.b03.el6_7
java-1.8.0-openjdkeq1.8.0.45__28.b13.el6_6
java-1.8.0-openjdkeq1.8.0.25__1.b17.el6
java-1.8.0-openjdkeq1.8.0.71__1.b15.el6_7
java-1.8.0-openjdkeq1.8.0.20__3.b26.el6
java-1.8.0-openjdkeq1.8.0.51__1.b16.el6_7
java-1.8.0-openjdkeq1.8.0.51__0.b16.el6_6

Name	Operator	Version
java-1.8.0-openjdk	eq	1.8.0.25__3.b17.el6_6
java-1.8.0-openjdk	eq	1.8.0.45__35.b13.el6
java-1.8.0-openjdk	eq	1.8.0.51__3.b16.el6_7
java-1.8.0-openjdk	eq	1.8.0.77__0.b03.el6_7
java-1.8.0-openjdk	eq	1.8.0.45__28.b13.el6_6
java-1.8.0-openjdk	eq	1.8.0.25__1.b17.el6
java-1.8.0-openjdk	eq	1.8.0.71__1.b15.el6_7
java-1.8.0-openjdk	eq	1.8.0.20__3.b26.el6
java-1.8.0-openjdk	eq	1.8.0.51__1.b16.el6_7
java-1.8.0-openjdk	eq	1.8.0.51__0.b16.el6_6

Rows per page:

1-10 of 5641

References

lists.opensuse.org/opensuse-security-announce/2016-05/msg00006.html

lists.opensuse.org/opensuse-security-announce/2016-05/msg00009.html

lists.opensuse.org/opensuse-security-announce/2016-05/msg00012.html

lists.opensuse.org/opensuse-security-announce/2016-05/msg00021.html

lists.opensuse.org/opensuse-security-announce/2016-05/msg00022.html

lists.opensuse.org/opensuse-security-announce/2016-05/msg00026.html

lists.opensuse.org/opensuse-security-announce/2016-05/msg00027.html

lists.opensuse.org/opensuse-security-announce/2016-05/msg00039.html

lists.opensuse.org/opensuse-security-announce/2016-05/msg00040.html

lists.opensuse.org/opensuse-security-announce/2016-05/msg00042.html

lists.opensuse.org/opensuse-security-announce/2016-05/msg00058.html

lists.opensuse.org/opensuse-security-announce/2016-05/msg00059.html

lists.opensuse.org/opensuse-security-announce/2016-05/msg00061.html

lists.opensuse.org/opensuse-security-announce/2016-05/msg00067.html

lists.opensuse.org/opensuse-security-announce/2016-06/msg00002.html

rhn.redhat.com/errata/RHSA-2016-0650.html

rhn.redhat.com/errata/RHSA-2016-0651.html

rhn.redhat.com/errata/RHSA-2016-0675.html

rhn.redhat.com/errata/RHSA-2016-0676.html

rhn.redhat.com/errata/RHSA-2016-0677.html

rhn.redhat.com/errata/RHSA-2016-0678.html

rhn.redhat.com/errata/RHSA-2016-0679.html

rhn.redhat.com/errata/RHSA-2016-0701.html

rhn.redhat.com/errata/RHSA-2016-0702.html

rhn.redhat.com/errata/RHSA-2016-0708.html

rhn.redhat.com/errata/RHSA-2016-0716.html

rhn.redhat.com/errata/RHSA-2016-0723.html

rhn.redhat.com/errata/RHSA-2016-1039.html

www.debian.org/security/2016/dsa-3558

www.openwall.com/lists/oss-security/2020/08/31/1

www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html

www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

www.securityfocus.com/bid/86421

www.securitytracker.com/id/1035596

www.securitytracker.com/id/1037331

www.ubuntu.com/usn/USN-2963-1

www.ubuntu.com/usn/USN-2964-1

www.ubuntu.com/usn/USN-2972-1

access.redhat.com/errata/RHSA-2016:1430

access.redhat.com/errata/RHSA-2017:1216

access.redhat.com/security/updates/classification/#critical

kc.mcafee.com/corporate/index?page=content&id=SB10159

lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/r5f48b16573a11fdf0b557cc3d1d71423ecde8ee771c29f32334fa948@%3Cdev.cassandra.apache.org%3E

lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E

lists.apache.org/thread.html/rc3abf40b06c511d5693baf707d6444bf7745e6a1e343e6f530a12258@%3Cuser.cassandra.apache.org%3E