vulnerability

Oracle Linux: CVE-2016-5573: ELSA-2016-2079: java-1.8.0-openjdk security update (CRITICAL) (Multiple Advisories)

Severity
8
CVSS
(AV:N/AC:H/Au:N/C:C/I:C/A:C)
Published
2016-10-18
Added
2016-10-25
Modified
2025-01-07

Description

Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot, a different vulnerability than CVE-2016-5582.
It was discovered that the Hotspot component of OpenJDK did not properly check received Java Debug Wire Protocol (JDWP) packets. An attacker could possibly use this flaw to send debugging commands to a Java program running with debugging enabled if they could make victim's browser send HTTP requests to the JDWP port of the debugged application.

Solution(s)

oracle-linux-upgrade-java-1-6-0-openjdkoracle-linux-upgrade-java-1-6-0-openjdk-demooracle-linux-upgrade-java-1-6-0-openjdk-develoracle-linux-upgrade-java-1-6-0-openjdk-javadocoracle-linux-upgrade-java-1-6-0-openjdk-srcoracle-linux-upgrade-java-1-7-0-openjdkoracle-linux-upgrade-java-1-7-0-openjdk-accessibilityoracle-linux-upgrade-java-1-7-0-openjdk-demooracle-linux-upgrade-java-1-7-0-openjdk-develoracle-linux-upgrade-java-1-7-0-openjdk-headlessoracle-linux-upgrade-java-1-7-0-openjdk-javadocoracle-linux-upgrade-java-1-7-0-openjdk-srcoracle-linux-upgrade-java-1-8-0-openjdkoracle-linux-upgrade-java-1-8-0-openjdk-accessibilityoracle-linux-upgrade-java-1-8-0-openjdk-accessibility-debugoracle-linux-upgrade-java-1-8-0-openjdk-debugoracle-linux-upgrade-java-1-8-0-openjdk-demooracle-linux-upgrade-java-1-8-0-openjdk-demo-debugoracle-linux-upgrade-java-1-8-0-openjdk-develoracle-linux-upgrade-java-1-8-0-openjdk-devel-debugoracle-linux-upgrade-java-1-8-0-openjdk-headlessoracle-linux-upgrade-java-1-8-0-openjdk-headless-debugoracle-linux-upgrade-java-1-8-0-openjdk-javadocoracle-linux-upgrade-java-1-8-0-openjdk-javadoc-debugoracle-linux-upgrade-java-1-8-0-openjdk-srcoracle-linux-upgrade-java-1-8-0-openjdk-src-debug
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.