Local Integrity Vulnerability in Oracle Java SE and JRockit Products
CVE-2016-3485

2.9LOW

Key Information:

Vendor
Oracle
Status
Jrockit
Jdk
Jre
Vendor
CVE Published:
21 July 2016

Summary

An unspecified vulnerability exists in Oracle's Java SE and JRockit products that allows local users to potentially affect the integrity of the system through specific vectors associated with networking functionalities. This can undermine the reliability and security of applications relying on these Java environments.

References

http://lists.opensuse.org/opensuse-security-announce/2016...
vendor-advisoryx_refsource_SUSE
http://www.oracle.com/technetwork/security-advisory/cpuju...
x_refsource_CONFIRM
https://security.gentoo.org/glsa/201610-08
vendor-advisoryx_refsource_GENTOO

CVSS V3.1

Score:
2.9
Severity:
LOW
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.