New Search

Unspecified vulnerability in Oracle Java SE 6u105 7u91 and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 - CVE-2016-0483

oval:org.cisecurity:def:1240

Unspecified vulnerability in Oracle Java SE 6u105 7u91 and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality integrity and availability via vectors related to AWT. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this is a heap-based buffer overflow in the readImage function which allows remote attackers to execute arbitrary code via crafted image data.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows 7
  • Microsoft Windows Server 2003
  • Microsoft Windows 8.1
  • Microsoft Windows 10
  • Microsoft Windows Server 2008
  • Microsoft Windows XP
  • Microsoft Windows Vista
  • Microsoft Windows Server 2012 R2
  • Microsoft Windows Server 2008 R2
  • Microsoft Windows Server 2012
  • Microsoft Windows 8
Class:
vulnerability
Reference(s):
  • CVE-2016-0483
Product(s):
  • Java Development Kit 1.8
  • JRockit R28
  • Java Development Kit 1.7
  • Java Development Kit 1.6
  • Java Runtime Environment 1.8
  • Java Runtime Environment 1.6
  • Java Runtime Environment 1.7