Описание
Unspecified vulnerability in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this is a heap-based buffer overflow in the readImage function, which allows remote attackers to execute arbitrary code via crafted image data.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [6b38-1.13.10-0ubuntu0.14.04.1]] |
| precise | released | 6b38-1.13.10-0ubuntu0.12.04.1 |
| trusty | released | 6b38-1.13.10-0ubuntu0.14.04.1 |
| trusty/esm | DNE | trusty was released [6b38-1.13.10-0ubuntu0.14.04.1] |
| upstream | needs-triage | |
| vivid | released | 6b38-1.13.10-0ubuntu0.15.04.1 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE | |
| wily | released | 6b38-1.13.10-0ubuntu0.15.10.1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was released [7u95-2.6.4-0ubuntu0.14.04.1]] |
| precise | released | 7u95-2.6.4-0ubuntu0.12.04.1 |
| trusty | released | 7u95-2.6.4-0ubuntu0.14.04.1 |
| trusty/esm | DNE | trusty was released [7u95-2.6.4-0ubuntu0.14.04.1] |
| upstream | needs-triage | |
| vivid | released | 7u95-2.6.4-0ubuntu0.15.04.1 |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE | |
| wily | released | 7u95-2.6.4-0ubuntu0.15.10.1 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 8u72-b15-1 |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/xenial | not-affected | 8u72-b15-1 |
| precise | DNE | |
| trusty | DNE | |
| trusty/esm | DNE | |
| upstream | released | 8u72-b15-1 |
| vivid | ignored | end of life |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE |
Показывать по
EPSS
10 Critical
CVSS2
Связанные уязвимости
Unspecified vulnerability in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this is a heap-based buffer overflow in the readImage function, which allows remote attackers to execute arbitrary code via crafted image data.
Unspecified vulnerability in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this is a heap-based buffer overflow in the readImage function, which allows remote attackers to execute arbitrary code via crafted image data.
Unspecified vulnerability in Oracle Java SE 6u105, 7u91, and 8u66; Jav ...
Unspecified vulnerability in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this is a heap-based buffer overflow in the readImage function, which allows remote attackers to execute arbitrary code via crafted image data.
Уязвимость программных платформ Jrockit и Java Platform, позволяющая нарушителю выполнить произвольный код
EPSS
10 Critical
CVSS2