SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   Oracle Java SE Vendors:   Oracle, Sun
Oracle Java SE Hotspot Component Flaw Lets Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1035401
SecurityTracker URL:  http://securitytracker.com/id/1035401
CVE Reference:   CVE-2016-0636   (Links to External Site)
Date:  Mar 24 2016
Impact:   User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 7 Update 97, 8 Update 73; 8 Update 74
Description:   A vulnerability was reported in Oracle Java SE. A remote user can gain full control of the target user's system.

A remote user can create specially crafted content that, when loaded by the target user, will exploit a flaw in the Java SE Hotspot component to gain elevated privileges [CVE-2016-0636].

Java deployments that load and run untrusted code are affected, such as clients running sandboxed Java Web Start applications or sandboxed Java applets.

Impact:   A remote user can create content that, when loaded by the target user, will gain full control of the target user's system.
Solution:   The vendor has issued a fix (See My Oracle Support Note 2118304.1).

The vendor's advisory is available at:

http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html

Vendor URL:  www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html (Links to External Site)
Cause:   Not specified
Underlying OS:  Linux (Any), UNIX (macOS/OS X), UNIX (Solaris - SunOS), Windows (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
Mar 25 2016 (Red Hat Issues Fix) Oracle Java SE Hotspot Component Flaw Lets Remote Users Execute Arbitrary Code
Red Hat has issued a fix for java-1.7.0-oracle for Red Hat Enterprise Linux 7.
Mar 25 2016 (Red Hat Issues Fix) Oracle Java SE Hotspot Component Flaw Lets Remote Users Execute Arbitrary Code
Red Hat has issued a fix for java-1.8.0-openjdk for Red Hat Enterprise Linux 6.
Mar 25 2016 (Red Hat Issues Fix) Oracle Java SE Hotspot Component Flaw Lets Remote Users Execute Arbitrary Code
Red Hat has issued a fix for java-1.8.0-oracle for Red Hat Enterprise Linux 7.
Mar 25 2016 (Red Hat Issues Fix) Oracle Java SE Hotspot Component Flaw Lets Remote Users Execute Arbitrary Code
Red Hat has issued a fix for java-1.8.0-openjdk for Red Hat Enterprise Linux 7.
Mar 25 2016 (Red Hat Issues Fix) Oracle Java SE Hotspot Component Flaw Lets Remote Users Execute Arbitrary Code
Red Hat has issued a fix for java-1.7.0-openjdk for Red Hat Enterprise Linux 5 and 7.
Mar 25 2016 (Red Hat Issues Fix) Oracle Java SE Hotspot Component Flaw Lets Remote Users Execute Arbitrary Code
Red Hat has issued a fix for java-1.7.0-openjdk for Red Hat Enterprise Linux 6.
Mar 25 2016 (Ubuntu Issues Fix) Oracle Java SE Hotspot Component Flaw Lets Remote Users Execute Arbitrary Code
Ubuntu has issued a fix for openjdk-7 for Ubuntu Linux 14.04 LTS and 15.10.
Mar 25 2016 (Oracle Issues Fix for Oracle Linux) Oracle Java SE Hotspot Component Flaw Lets Remote Users Execute Arbitrary Code
Oracle has issued a fix for java-1.7.0-openjdk for Oracle Linux 5 and 7.
Mar 26 2016 (Oracle Issues Fix for Oracle Linux) Oracle Java SE Hotspot Component Flaw Lets Remote Users Execute Arbitrary Code
Oracle has issued a fix for java-1.7.0-openjdk for Oracle Linux 6.
Mar 26 2016 (Oracle Issues Fix for Oracle Linux) Oracle Java SE Hotspot Component Flaw Lets Remote Users Execute Arbitrary Code
Oracle has issued a fix for java-1.8.0-openjdk for Oracle Linux 7.
Mar 26 2016 (CentOS Issues Fix) Oracle Java SE Hotspot Component Flaw Lets Remote Users Execute Arbitrary Code
CentOS has issued a fix for java-1.7.0-openjdk for CentOS 5 and 7.
Mar 26 2016 (Oracle Issues Fix for Oracle Linux) Oracle Java SE Hotspot Component Flaw Lets Remote Users Execute Arbitrary Code
Oracle has issued a fix for java-1.8.0-openjdk for Oracle Linux 6.
Mar 26 2016 (CentOS Issues Fix) Oracle Java SE Hotspot Component Flaw Lets Remote Users Execute Arbitrary Code
CentOS has issued a fix for java-1.8.0-openjdk for CentOS 6.
Mar 26 2016 (CentOS Issues Fix) Oracle Java SE Hotspot Component Flaw Lets Remote Users Execute Arbitrary Code
CentOS has issued a fix for java-1.7.0-openjdk for CentOS 6.
Mar 26 2016 (CentOS Issues Fix) Oracle Java SE Hotspot Component Flaw Lets Remote Users Execute Arbitrary Code
CentOS has issued a fix for java-1.8.0-openjdk for CentOS 7.
May 21 2016 (Brocade Communications Systems Issues Fix for Brocade FabricOS) Oracle Java SE Hotspot Component Flaw Lets Remote Users Execute Arbitrary Code
Brocade Communications Systems has issued a fix for Brocade FabricOS.



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC