Search for vulnerabilities
Vulnerability details: VCID-tr9j-33kv-aaas
Vulnerability ID VCID-tr9j-33kv-aaas
Aliases CVE-2016-0483
Summary Unspecified vulnerability in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this is a heap-based buffer overflow in the readImage function, which allows remote attackers to execute arbitrary code via crafted image data.
Status Published
Exploitability 0.5
Weighted Severity 9.0
Risk 4.5
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-787 Out-of-bounds Write
System Score Found at
generic_textual Medium http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-0483.html
rhas Critical https://access.redhat.com/errata/RHSA-2016:0049
rhas Important https://access.redhat.com/errata/RHSA-2016:0050
rhas Critical https://access.redhat.com/errata/RHSA-2016:0053
rhas Important https://access.redhat.com/errata/RHSA-2016:0054
rhas Critical https://access.redhat.com/errata/RHSA-2016:0055
rhas Critical https://access.redhat.com/errata/RHSA-2016:0056
rhas Important https://access.redhat.com/errata/RHSA-2016:0057
rhas Important https://access.redhat.com/errata/RHSA-2016:0067
rhas Critical https://access.redhat.com/errata/RHSA-2016:0098
rhas Critical https://access.redhat.com/errata/RHSA-2016:0099
rhas Critical https://access.redhat.com/errata/RHSA-2016:0100
rhas Critical https://access.redhat.com/errata/RHSA-2016:0101
epss 0.10483 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.10483 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.10483 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.10483 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.10483 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.10483 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.10483 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.10483 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.10483 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.12696 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.12696 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.12696 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.12696 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.12696 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.12696 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.12696 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.12696 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.12696 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.12696 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.14164 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.14164 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.14491 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.14491 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.14491 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.21757 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.21757 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.21757 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.21757 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.21757 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.21757 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.21757 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.21757 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.21757 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.21757 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.21757 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.21757 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.21757 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.21757 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.21757 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.21757 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.23384 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.23384 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.23384 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.23384 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.23384 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.23384 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.23384 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.23384 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.23384 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.23384 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.23384 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.23384 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.23384 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.23384 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.23384 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.23384 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.23384 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.23384 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.23384 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.23384 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.23384 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.23384 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.23384 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.23384 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.23384 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.23384 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
epss 0.2536 https://api.first.org/data/v1/epss?cve=CVE-2016-0483
rhbs urgent https://bugzilla.redhat.com/show_bug.cgi?id=1299441
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4734
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4803
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4805
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4806
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4835
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4842
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4843
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4860
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4872
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4881
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4882
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4883
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4893
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4903
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4911
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0402
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0448
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0466
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0483
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494
cvssv2 10 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv2 10.0 https://nvd.nist.gov/vuln/detail/CVE-2016-0483
generic_textual Medium https://ubuntu.com/security/notices/USN-2884-1
generic_textual Medium https://ubuntu.com/security/notices/USN-2885-1
generic_textual HIGH http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
generic_textual Low http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
Reference id Reference type URL
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html
http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html
http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-0483.html
http://rhn.redhat.com/errata/RHSA-2016-0049.html
http://rhn.redhat.com/errata/RHSA-2016-0050.html
http://rhn.redhat.com/errata/RHSA-2016-0053.html
http://rhn.redhat.com/errata/RHSA-2016-0054.html
http://rhn.redhat.com/errata/RHSA-2016-0055.html
http://rhn.redhat.com/errata/RHSA-2016-0056.html
http://rhn.redhat.com/errata/RHSA-2016-0057.html
http://rhn.redhat.com/errata/RHSA-2016-0067.html
https://access.redhat.com/errata/RHSA-2016:1430
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0483.json
https://api.first.org/data/v1/epss?cve=CVE-2016-0483
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4734
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4803
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4805
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4806
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4835
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4842
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4843
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4844
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4860
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4872
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4881
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4882
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4883
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4893
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4903
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4911
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7575
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0402
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0448
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0466
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0483
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0494
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://security.gentoo.org/glsa/201603-14
https://security.gentoo.org/glsa/201610-08
https://ubuntu.com/security/notices/USN-2884-1
https://ubuntu.com/security/notices/USN-2885-1
http://www.debian.org/security/2016/dsa-3458
http://www.debian.org/security/2016/dsa-3465
http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
http://www.securitytracker.com/id/1034715
http://www.ubuntu.com/usn/USN-2884-1
http://www.ubuntu.com/usn/USN-2885-1
http://www.zerodayinitiative.com/advisories/ZDI-16-032
1299441 https://bugzilla.redhat.com/show_bug.cgi?id=1299441
cpe:2.3:a:oracle:jdk:1.6.0:update105:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.6.0:update105:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.7.0:update91:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.7.0:update91:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.8.0:update66:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update66:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.6.0:update105:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.6.0:update105:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.7.0:update91:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.7.0:update91:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.8.0:update66:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update66:*:*:*:*:*:*
cpe:2.3:a:oracle:jrockit:r28.3.8:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jrockit:r28.3.8:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
CVE-2016-0483 https://nvd.nist.gov/vuln/detail/CVE-2016-0483
RHSA-2016:0049 https://access.redhat.com/errata/RHSA-2016:0049
RHSA-2016:0050 https://access.redhat.com/errata/RHSA-2016:0050
RHSA-2016:0053 https://access.redhat.com/errata/RHSA-2016:0053
RHSA-2016:0054 https://access.redhat.com/errata/RHSA-2016:0054
RHSA-2016:0055 https://access.redhat.com/errata/RHSA-2016:0055
RHSA-2016:0056 https://access.redhat.com/errata/RHSA-2016:0056
RHSA-2016:0057 https://access.redhat.com/errata/RHSA-2016:0057
RHSA-2016:0067 https://access.redhat.com/errata/RHSA-2016:0067
RHSA-2016:0098 https://access.redhat.com/errata/RHSA-2016:0098
RHSA-2016:0099 https://access.redhat.com/errata/RHSA-2016:0099
RHSA-2016:0100 https://access.redhat.com/errata/RHSA-2016:0100
RHSA-2016:0101 https://access.redhat.com/errata/RHSA-2016:0101
USN-2884-1 https://usn.ubuntu.com/2884-1/
USN-2885-1 https://usn.ubuntu.com/2885-1/
No exploits are available.
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C Found at https://nvd.nist.gov/vuln/detail/CVE-2016-0483
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.92822
EPSS Score 0.10483
Published At June 6, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.