Описание
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| openjdk-6 | removed | package | ||
| openjdk-7 | fixed | 7u85-2.6.1-6 | package | |
| openjdk-8 | fixed | 8u66-b17-1 | package | |
| icu | fixed | 57.1-1.1 | package |
Примечания
http://bugs.icu-project.org/trac/ticket/12020
For ICU note that the original fix causes additional problems:
https://ssl.icu-project.org/trac/ticket/12020#comment:4
https://bugzilla.redhat.com/show_bug.cgi?id=1298906#c1
https://bugzilla.redhat.com/show_bug.cgi?id=1273318
see also CVE-2016-0494, introduced in through the fix for this CVE.
Upstream commit for OpenJDK: http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/dbb4e2bdfa9e
EPSS
Связанные уязвимости
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D.
Уязвимость программной платформы Java Platform, позволяющая нарушителю выполнить произвольный код
EPSS