Vulnerability Description
Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92 allows local users to affect confidentiality, integrity, and availability via vectors related to Install.
CVSS Score
7.7
HIGH
CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Oracle | Jdk | 1.6.0 |
| Oracle | Jre | 1.6.0 |
References
- http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00011.html
- http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00024.html
- http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00032.html
- http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00033.html
- http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00034.html
- http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00035.html
- http://lists.opensuse.org/opensuse-updates/2016-08/msg00028.html
- http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.htmlPatchVendor Advisory
- http://www.securityfocus.com/bid/91787Third Party AdvisoryVDB Entry
- http://www.securityfocus.com/bid/91996Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1036365
- https://access.redhat.com/errata/RHSA-2016:1475
- https://access.redhat.com/errata/RHSA-2016:1476
- https://access.redhat.com/errata/RHSA-2016:1477
- https://security.gentoo.org/glsa/201610-08
FAQ
What is CVE-2016-3503?
CVE-2016-3503 is a vulnerability with a CVSS score of 7.7 (HIGH). Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92 allows local users to affect confidentiality, integrity, and availability via vectors related to Install.
How severe is CVE-2016-3503?
CVE-2016-3503 has been rated HIGH with a CVSS base score of 7.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2016-3503?
Check the references section above for vendor advisories and patch information. Affected products include: Oracle Jdk, Oracle Jre.