Search for vulnerabilities
Vulnerability details: VCID-js18-6r1k-aaaj
Vulnerability ID VCID-js18-6r1k-aaaj
Aliases CVE-2016-0636
Summary Unspecified vulnerability in Oracle Java SE 7u97, 8u73, and 8u74 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to the Hotspot sub-component.
Status Published
Exploitability 0.5
Weighted Severity 9.0
Risk 4.5
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-358 Improperly Implemented Security Check for Standard
System Score Found at
generic_textual High http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-0636.html
rhas Critical https://access.redhat.com/errata/RHSA-2016:0511
rhas Important https://access.redhat.com/errata/RHSA-2016:0512
rhas Critical https://access.redhat.com/errata/RHSA-2016:0513
rhas Important https://access.redhat.com/errata/RHSA-2016:0514
rhas Critical https://access.redhat.com/errata/RHSA-2016:0515
rhas Critical https://access.redhat.com/errata/RHSA-2016:0516
epss 0.03649 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.03649 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.03649 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.03649 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.03649 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.03649 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.05079 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.05079 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.05079 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.05079 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.05079 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.05079 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.05079 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.05079 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.12285 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.12285 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.12285 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.12285 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.12285 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.12285 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.12285 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.12285 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.12285 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.12285 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.12285 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.12285 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.12285 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.12285 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.12285 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.12285 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.12285 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.12285 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.12285 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.12285 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.12285 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.12285 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.12285 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.12285 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.12285 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.12285 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.12285 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.12285 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.12285 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.12285 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.12285 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.12285 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.12285 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.12285 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.12285 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.12285 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.12285 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.12285 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.12285 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.12285 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.12285 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.12285 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.12285 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.12285 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.12285 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.12285 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.12285 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.12285 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.12285 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.12285 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.12285 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
epss 0.18726 https://api.first.org/data/v1/epss?cve=CVE-2016-0636
rhbs urgent https://bugzilla.redhat.com/show_bug.cgi?id=1320650
generic_textual High https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0636
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0686
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0687
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0695
generic_textual Low https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3425
generic_textual Low https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3426
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3427
cvssv2 9.3 https://nvd.nist.gov/vuln/detail/CVE-2016-0636
cvssv3 8.1 https://nvd.nist.gov/vuln/detail/CVE-2016-0636
generic_textual High https://ubuntu.com/security/notices/USN-2942-1
generic_textual High http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html
cvssv3.1 8.8 http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
generic_textual HIGH http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
Reference id Reference type URL
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00003.html
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00004.html
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00005.html
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00007.html
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00008.html
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00013.html
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00014.html
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00035.html
http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-0636.html
http://rhn.redhat.com/errata/RHSA-2016-0511.html
http://rhn.redhat.com/errata/RHSA-2016-0512.html
http://rhn.redhat.com/errata/RHSA-2016-0513.html
http://rhn.redhat.com/errata/RHSA-2016-0514.html
http://rhn.redhat.com/errata/RHSA-2016-0515.html
http://rhn.redhat.com/errata/RHSA-2016-0516.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0636.json
https://api.first.org/data/v1/epss?cve=CVE-2016-0636
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0636
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0686
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0687
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0695
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3425
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3426
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3427
https://security.gentoo.org/glsa/201606-18
https://security.gentoo.org/glsa/201610-08
https://security.netapp.com/advisory/ntap-20160328-0001/
https://ubuntu.com/security/notices/USN-2942-1
http://www.debian.org/security/2016/dsa-3558
http://www.oracle.com/technetwork/topics/security/alert-cve-2016-0636-2949497.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
http://www.securityfocus.com/bid/85376
http://www.securitytracker.com/id/1035401
http://www.ubuntu.com/usn/USN-2942-1
1320650 https://bugzilla.redhat.com/show_bug.cgi?id=1320650
cpe:2.3:a:oracle:jdk:1.7.0:update97:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update97:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.8.0:update73:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update73:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.8.0:update74:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update74:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update97:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update97:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.8.0:update73:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update73:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.8.0:update74:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update74:*:*:*:*:*:*
cpe:2.3:a:redhat:icedtea7:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:icedtea7:*:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
CVE-2016-0636 https://nvd.nist.gov/vuln/detail/CVE-2016-0636
RHSA-2016:0511 https://access.redhat.com/errata/RHSA-2016:0511
RHSA-2016:0512 https://access.redhat.com/errata/RHSA-2016:0512
RHSA-2016:0513 https://access.redhat.com/errata/RHSA-2016:0513
RHSA-2016:0514 https://access.redhat.com/errata/RHSA-2016:0514
RHSA-2016:0515 https://access.redhat.com/errata/RHSA-2016:0515
RHSA-2016:0516 https://access.redhat.com/errata/RHSA-2016:0516
USN-2942-1 https://usn.ubuntu.com/2942-1/
No exploits are available.
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C Found at https://nvd.nist.gov/vuln/detail/CVE-2016-0636
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2016-0636
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.91926
EPSS Score 0.03649
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.