(CVE-2016-3511) - An unspecified flaw exists in the 'Hotspot' subcomponent that allows an unauthenticated, remote attacker to disclose potentially sensitive information. (CVE-2016-3503, CVE-2016-3552) - An unspecified flaw exists in the 'Deployment' subcomponent that allows a local attacker to gain elevated privileges. (CVE-2016-3500, CVE-2016-3508) - An unspecified flaw exists in the 'Install' subcomponent that allows a local attacker to gain elevated privileges. (CVE-2016-3498) - An unspecified flaw exists in the 'JAXP' subcomponent that allows an unauthenticated, remote attacker to cause a denial of service condition. (CVE-2016-3485) - An unspecified flaw exists in the 'JavaFX' subcomponent that allows an unauthenticated, remote attacker to cause a denial of service condition. (CVE-2016-3458) - An unspecified flaw exists in the 'Networking' subcomponent that allows a local attacker to impact integrity. Description The version of Oracle Java SE installed on the remote host is prior to 6 Update 121, 7 Update 111, or 8 Update 102 and is affected by multiple vulnerabilities : - An unspecified flaw exists in the 'CORBA' subcomponent that allows an unauthenticated, remote attacker to impact integrity. Synopsis The remote host is missing a critical Oracle Java SE patch update.
Severity display preferences can be toggled in the settings dropdown. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. The calculated severity for Plugins has been updated to use CVSS v3 by default.
0 kommentar(er)
