Local Integrity Vulnerability in Oracle Java SE and JRockit Products
CVE-2016-3485

2.9LOW

Key Information:

Vendor

Oracle
Status
Jrockit
Jdk
Jre
Vendor
CVE Published:
21 July 2016

What is CVE-2016-3485?

An unspecified vulnerability exists in Oracle's Java SE and JRockit products that allows local users to potentially affect the integrity of the system through specific vectors associated with networking functionalities. This can undermine the reliability and security of applications relying on these Java environments.

References

http://lists.opensuse.org/opensuse-security-announce/2016...
vendor-advisoryx_refsource_SUSE
http://www.oracle.com/technetwork/security-advisory/cpuju...
x_refsource_CONFIRM
https://security.gentoo.org/glsa/201610-08
vendor-advisoryx_refsource_GENTOO

CVSS V3.1

Score:
2.9
Severity:
LOW
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.