Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2017-3262 (GCVE-0-2017-3262)
Vulnerability from cvelistv5 – Published: 2017-01-27 22:01 – Updated: 2024-10-09 19:39
VLAI?
EPSS
Summary
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java Mission Control). The supported version that is affected is Java SE: 8u112. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: Applies to Java Mission Control Installation. CVSS v3.0 Base Score 5.3 (Confidentiality impacts).
Severity ?
No CVSS data available.
CWE
- CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Date Public ?
2017-01-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:23:32.873Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-201701-65",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201701-65"
},
{
"name": "1037637",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037637"
},
{
"name": "95578",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95578"
},
{
"name": "RHSA-2017:0175",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0175.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20170119-0001/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2017-3262",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-09T19:25:27.677273Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-09T19:39:49.787Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Java SE",
"vendor": "Oracle",
"versions": [
{
"status": "affected",
"version": "8u112"
}
]
}
],
"datePublic": "2017-01-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java Mission Control). The supported version that is affected is Java SE: 8u112. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: Applies to Java Mission Control Installation. CVSS v3.0 Base Score 5.3 (Confidentiality impacts)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01.000Z",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "GLSA-201701-65",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201701-65"
},
{
"name": "1037637",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037637"
},
{
"name": "95578",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95578"
},
{
"name": "RHSA-2017:0175",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0175.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20170119-0001/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2017-3262",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Java SE",
"version": {
"version_data": [
{
"version_value": "8u112"
}
]
}
}
]
},
"vendor_name": "Oracle"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java Mission Control). The supported version that is affected is Java SE: 8u112. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: Applies to Java Mission Control Installation. CVSS v3.0 Base Score 5.3 (Confidentiality impacts)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201701-65",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-65"
},
{
"name": "1037637",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037637"
},
{
"name": "95578",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95578"
},
{
"name": "RHSA-2017:0175",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0175.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20170119-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20170119-0001/"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2017-3262",
"datePublished": "2017-01-27T22:01:00.000Z",
"dateReserved": "2016-12-06T00:00:00.000Z",
"dateUpdated": "2024-10-09T19:39:49.787Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2017-3262\",\"sourceIdentifier\":\"secalert_us@oracle.com\",\"published\":\"2017-01-27T22:59:02.990\",\"lastModified\":\"2025-04-20T01:37:25.860\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java Mission Control). The supported version that is affected is Java SE: 8u112. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: Applies to Java Mission Control Installation. CVSS v3.0 Base Score 5.3 (Confidentiality impacts).\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad en el componente Java SE de Oracle Java SE (subcomponente: Java Mission Control). Versiones compatibles que est\u00e1n afectadas son Java SE: 8u112. Vulnerabilidad f\u00e1cilmente explotable permite a un atacante no autenticado con acceso a la red a trav\u00e9s de m\u00faltiples protocolos, comprometer Java SE. Ataques exitosos de esta vulnerabilidad pueden resultar en acceso de lectura no autorizado a un subconjunto de datos accesibles de Java SE. Nota: Se aplica a Java Mission Control Installation. CVSS v3.0 Base Score 5.3 (Impactos de Confidencialidad).\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.8:update_112:*:*:*:*:*:*\",\"matchCriteriaId\":\"BEB76EC4-557F-4C67-BE1E-79E837043B05\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.8:update_112:*:*:*:*:*:*\",\"matchCriteriaId\":\"4AA3E574-DC5D-465B-95B8-CD1AF5433646\"}]}]}],\"references\":[{\"url\":\"http://rhn.redhat.com/errata/RHSA-2017-0175.html\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/95578\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1037637\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"https://security.gentoo.org/glsa/201701-65\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20170119-0001/\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2017-0175.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/95578\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1037637\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.gentoo.org/glsa/201701-65\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20170119-0001/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://security.gentoo.org/glsa/201701-65\", \"name\": \"GLSA-201701-65\", \"tags\": [\"vendor-advisory\", \"x_refsource_GENTOO\", \"x_transferred\"]}, {\"url\": \"http://www.securitytracker.com/id/1037637\", \"name\": \"1037637\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"]}, {\"url\": \"http://www.securityfocus.com/bid/95578\", \"name\": \"95578\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\", \"x_transferred\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2017-0175.html\", \"name\": \"RHSA-2017:0175\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20170119-0001/\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-05T14:23:32.873Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2017-3262\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-10-09T19:25:27.677273Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-10-09T19:23:26.447Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"Oracle\", \"product\": \"Java SE\", \"versions\": [{\"status\": \"affected\", \"version\": \"8u112\"}]}], \"datePublic\": \"2017-01-17T00:00:00.000Z\", \"references\": [{\"url\": \"https://security.gentoo.org/glsa/201701-65\", \"name\": \"GLSA-201701-65\", \"tags\": [\"vendor-advisory\", \"x_refsource_GENTOO\"]}, {\"url\": \"http://www.securitytracker.com/id/1037637\", \"name\": \"1037637\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"]}, {\"url\": \"http://www.securityfocus.com/bid/95578\", \"name\": \"95578\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2017-0175.html\", \"name\": \"RHSA-2017:0175\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20170119-0001/\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html\", \"tags\": [\"x_refsource_CONFIRM\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java Mission Control). The supported version that is affected is Java SE: 8u112. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: Applies to Java Mission Control Installation. CVSS v3.0 Base Score 5.3 (Confidentiality impacts).\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\"}]}], \"providerMetadata\": {\"orgId\": \"43595867-4340-4103-b7a2-9a5208d29a85\", \"shortName\": \"oracle\", \"dateUpdated\": \"2018-01-04T19:57:01.000Z\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"8u112\"}]}, \"product_name\": \"Java SE\"}]}, \"vendor_name\": \"Oracle\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://security.gentoo.org/glsa/201701-65\", \"name\": \"GLSA-201701-65\", \"refsource\": \"GENTOO\"}, {\"url\": \"http://www.securitytracker.com/id/1037637\", \"name\": \"1037637\", \"refsource\": \"SECTRACK\"}, {\"url\": \"http://www.securityfocus.com/bid/95578\", \"name\": \"95578\", \"refsource\": \"BID\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2017-0175.html\", \"name\": \"RHSA-2017:0175\", \"refsource\": \"REDHAT\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20170119-0001/\", \"name\": \"https://security.netapp.com/advisory/ntap-20170119-0001/\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html\", \"name\": \"http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html\", \"refsource\": \"CONFIRM\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java Mission Control). The supported version that is affected is Java SE: 8u112. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: Applies to Java Mission Control Installation. CVSS v3.0 Base Score 5.3 (Confidentiality impacts).\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2017-3262\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"secalert_us@oracle.com\"}}}}",
"cveMetadata": "{\"cveId\": \"CVE-2017-3262\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-10-09T19:39:49.787Z\", \"dateReserved\": \"2016-12-06T00:00:00.000Z\", \"assignerOrgId\": \"43595867-4340-4103-b7a2-9a5208d29a85\", \"datePublished\": \"2017-01-27T22:01:00.000Z\", \"assignerShortName\": \"oracle\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
GHSA-VP8G-J2G3-X92W
Vulnerability from github – Published: 2022-05-13 01:45 – Updated: 2025-04-20 03:31
VLAI?
Details
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java Mission Control). The supported version that is affected is Java SE: 8u112. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: Applies to Java Mission Control Installation. CVSS v3.0 Base Score 5.3 (Confidentiality impacts).
Severity ?
5.3 (Medium)
{
"affected": [],
"aliases": [
"CVE-2017-3262"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-01-27T22:59:00Z",
"severity": "MODERATE"
},
"details": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java Mission Control). The supported version that is affected is Java SE: 8u112. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: Applies to Java Mission Control Installation. CVSS v3.0 Base Score 5.3 (Confidentiality impacts).",
"id": "GHSA-vp8g-j2g3-x92w",
"modified": "2025-04-20T03:31:43Z",
"published": "2022-05-13T01:45:03Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3262"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201701-65"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20170119-0001"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0175.html"
},
{
"type": "WEB",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/95578"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1037637"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"type": "CVSS_V3"
}
]
}
FKIE_CVE-2017-3262
Vulnerability from fkie_nvd - Published: 2017-01-27 22:59 - Updated: 2025-04-20 01:37
Severity ?
Summary
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java Mission Control). The supported version that is affected is Java SE: 8u112. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: Applies to Java Mission Control Installation. CVSS v3.0 Base Score 5.3 (Confidentiality impacts).
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:jdk:1.8:update_112:*:*:*:*:*:*",
"matchCriteriaId": "BEB76EC4-557F-4C67-BE1E-79E837043B05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:oracle:jre:1.8:update_112:*:*:*:*:*:*",
"matchCriteriaId": "4AA3E574-DC5D-465B-95B8-CD1AF5433646",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java Mission Control). The supported version that is affected is Java SE: 8u112. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: Applies to Java Mission Control Installation. CVSS v3.0 Base Score 5.3 (Confidentiality impacts)."
},
{
"lang": "es",
"value": "Vulnerabilidad en el componente Java SE de Oracle Java SE (subcomponente: Java Mission Control). Versiones compatibles que est\u00e1n afectadas son Java SE: 8u112. Vulnerabilidad f\u00e1cilmente explotable permite a un atacante no autenticado con acceso a la red a trav\u00e9s de m\u00faltiples protocolos, comprometer Java SE. Ataques exitosos de esta vulnerabilidad pueden resultar en acceso de lectura no autorizado a un subconjunto de datos accesibles de Java SE. Nota: Se aplica a Java Mission Control Installation. CVSS v3.0 Base Score 5.3 (Impactos de Confidencialidad)."
}
],
"id": "CVE-2017-3262",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-01-27T22:59:02.990",
"references": [
{
"source": "secalert_us@oracle.com",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0175.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
},
{
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95578"
},
{
"source": "secalert_us@oracle.com",
"url": "http://www.securitytracker.com/id/1037637"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.gentoo.org/glsa/201701-65"
},
{
"source": "secalert_us@oracle.com",
"url": "https://security.netapp.com/advisory/ntap-20170119-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0175.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95578"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037637"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.gentoo.org/glsa/201701-65"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20170119-0001/"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CERTFR-2017-AVI-017
Vulnerability from certfr_avis - Published: 2017-01-18 - Updated: 2017-01-18
De multiples vulnérabilités ont été corrigées dans Oracle Java SE. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |
|---|---|---|---|
|
|
|||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Java SE Embedded version 8u111",
"product": {
"name": "Java SE",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Java SE versions 6u131, 7u121 et 8u112",
"product": {
"name": "Java SE",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "JRockit version R28.3.12",
"product": {
"name": "Java SE",
"vendor": {
"name": "Oracle",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2017-3259",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3259"
},
{
"name": "CVE-2016-5549",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5549"
},
{
"name": "CVE-2016-5547",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5547"
},
{
"name": "CVE-2017-3289",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3289"
},
{
"name": "CVE-2016-8328",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8328"
},
{
"name": "CVE-2016-5552",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5552"
},
{
"name": "CVE-2017-3272",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3272"
},
{
"name": "CVE-2017-3261",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3261"
},
{
"name": "CVE-2017-3260",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3260"
},
{
"name": "CVE-2016-2183",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2183"
},
{
"name": "CVE-2016-5548",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5548"
},
{
"name": "CVE-2017-3253",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3253"
},
{
"name": "CVE-2017-3241",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3241"
},
{
"name": "CVE-2016-5546",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5546"
},
{
"name": "CVE-2017-3231",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3231"
},
{
"name": "CVE-2017-3262",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3262"
},
{
"name": "CVE-2017-3252",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3252"
}
],
"initial_release_date": "2017-01-18T00:00:00",
"last_revision_date": "2017-01-18T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Oracle cpujan2017-2881727 du 17 janvier 2017",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixJAVA"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Oracle cpujan2017verbose-2881728 du 17 janvier 2017",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017verbose-2881728.html#JAVA"
}
],
"reference": "CERTFR-2017-AVI-017",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2017-01-18T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eOracle Java SE\u003c/span\u003e. Certaines d\u0027entre elles permettent\n\u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance,\nun d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Oracle Java SE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Oracle cpujan2017verbose-2881728 du 17 janvier 2017",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Oracle cpujan2017-2881727 du 17 janvier 2017",
"url": null
}
]
}
CNVD-2017-00934
Vulnerability from cnvd - Published: 2017-02-05
VLAI Severity ?
Title
Oracle Java SE存在未明漏洞(CNVD-2017-00934)
Description
Oracle Java SE是美国甲骨文(Oracle)公司的一套标准版Java平台,用于开发和部署桌面、服务器以及嵌入设备和实时环境中的Java应用程序。
Oracle Java SE存在远程安全漏洞。攻击者通过多个协议利用该漏洞使‘Java Mission Control’子组件受影响。
Severity
中
Patch Name
Oracle Java SE存在未明漏洞(CNVD-2017-00934)的补丁
Patch Description
Oracle Java SE是美国甲骨文(Oracle)公司的一套标准版Java平台,用于开发和部署桌面、服务器以及嵌入设备和实时环境中的Java应用程序。
Oracle Java SE存在远程安全漏洞。攻击者通过多个协议利用该漏洞使‘Java Mission Control’子组件受影响。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
厂商已发布了漏洞修复程序,请及时关注更新: http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html
Reference
http://www.securityfocus.com/bid/95578
Impacted products
| Name | ['Sun Microsystems, Inc. JRE', 'Oracle Java SE 8u112'] |
|---|
{
"bids": {
"bid": {
"bidNumber": "95578"
}
},
"cves": {
"cve": {
"cveNumber": "CVE-2017-3262",
"cveUrl": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3262"
}
},
"description": "Oracle Java SE\u662f\u7f8e\u56fd\u7532\u9aa8\u6587\uff08Oracle\uff09\u516c\u53f8\u7684\u4e00\u5957\u6807\u51c6\u7248Java\u5e73\u53f0\uff0c\u7528\u4e8e\u5f00\u53d1\u548c\u90e8\u7f72\u684c\u9762\u3001\u670d\u52a1\u5668\u4ee5\u53ca\u5d4c\u5165\u8bbe\u5907\u548c\u5b9e\u65f6\u73af\u5883\u4e2d\u7684Java\u5e94\u7528\u7a0b\u5e8f\u3002\r\n\r\nOracle Java SE\u5b58\u5728\u8fdc\u7a0b\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u901a\u8fc7\u591a\u4e2a\u534f\u8bae\u5229\u7528\u8be5\u6f0f\u6d1e\u4f7f\u2018Java Mission Control\u2019\u5b50\u7ec4\u4ef6\u53d7\u5f71\u54cd\u3002",
"discovererName": "Oracle",
"formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttp://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2017-00934",
"openTime": "2017-02-05",
"patchDescription": "Oracle Java SE\u662f\u7f8e\u56fd\u7532\u9aa8\u6587\uff08Oracle\uff09\u516c\u53f8\u7684\u4e00\u5957\u6807\u51c6\u7248Java\u5e73\u53f0\uff0c\u7528\u4e8e\u5f00\u53d1\u548c\u90e8\u7f72\u684c\u9762\u3001\u670d\u52a1\u5668\u4ee5\u53ca\u5d4c\u5165\u8bbe\u5907\u548c\u5b9e\u65f6\u73af\u5883\u4e2d\u7684Java\u5e94\u7528\u7a0b\u5e8f\u3002\r\n\r\nOracle Java SE\u5b58\u5728\u8fdc\u7a0b\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u901a\u8fc7\u591a\u4e2a\u534f\u8bae\u5229\u7528\u8be5\u6f0f\u6d1e\u4f7f\u2018Java Mission Control\u2019\u5b50\u7ec4\u4ef6\u53d7\u5f71\u54cd\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Oracle Java SE\u5b58\u5728\u672a\u660e\u6f0f\u6d1e\uff08CNVD-2017-00934\uff09\u7684\u8865\u4e01",
"products": {
"product": [
"Sun Microsystems, Inc. JRE",
"Oracle Java SE 8u112"
]
},
"referenceLink": "http://www.securityfocus.com/bid/95578",
"serverity": "\u4e2d",
"submitTime": "2017-01-20",
"title": "Oracle Java SE\u5b58\u5728\u672a\u660e\u6f0f\u6d1e\uff08CNVD-2017-00934\uff09"
}
GSD-2017-3262
Vulnerability from gsd - Updated: 2023-12-13 01:21Details
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java Mission Control). The supported version that is affected is Java SE: 8u112. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: Applies to Java Mission Control Installation. CVSS v3.0 Base Score 5.3 (Confidentiality impacts).
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2017-3262",
"description": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java Mission Control). The supported version that is affected is Java SE: 8u112. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: Applies to Java Mission Control Installation. CVSS v3.0 Base Score 5.3 (Confidentiality impacts).",
"id": "GSD-2017-3262",
"references": [
"https://www.suse.com/security/cve/CVE-2017-3262.html",
"https://access.redhat.com/errata/RHSA-2017:0175"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2017-3262"
],
"details": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java Mission Control). The supported version that is affected is Java SE: 8u112. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: Applies to Java Mission Control Installation. CVSS v3.0 Base Score 5.3 (Confidentiality impacts).",
"id": "GSD-2017-3262",
"modified": "2023-12-13T01:21:15.960122Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2017-3262",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Java SE",
"version": {
"version_data": [
{
"version_value": "8u112"
}
]
}
}
]
},
"vendor_name": "Oracle"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java Mission Control). The supported version that is affected is Java SE: 8u112. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: Applies to Java Mission Control Installation. CVSS v3.0 Base Score 5.3 (Confidentiality impacts)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-201701-65",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-65"
},
{
"name": "1037637",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037637"
},
{
"name": "95578",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95578"
},
{
"name": "RHSA-2017:0175",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0175.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20170119-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20170119-0001/"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:jdk:1.8:update_112:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:jre:1.8:update_112:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2017-3262"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java Mission Control). The supported version that is affected is Java SE: 8u112. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: Applies to Java Mission Control Installation. CVSS v3.0 Base Score 5.3 (Confidentiality impacts)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html"
},
{
"name": "95578",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95578"
},
{
"name": "GLSA-201701-65",
"refsource": "GENTOO",
"tags": [],
"url": "https://security.gentoo.org/glsa/201701-65"
},
{
"name": "1037637",
"refsource": "SECTRACK",
"tags": [],
"url": "http://www.securitytracker.com/id/1037637"
},
{
"name": "https://security.netapp.com/advisory/ntap-20170119-0001/",
"refsource": "CONFIRM",
"tags": [],
"url": "https://security.netapp.com/advisory/ntap-20170119-0001/"
},
{
"name": "RHSA-2017:0175",
"refsource": "REDHAT",
"tags": [],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0175.html"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
},
"lastModifiedDate": "2019-10-03T00:03Z",
"publishedDate": "2017-01-27T22:59Z"
}
}
}
RHSA-2017:0175
Vulnerability from csaf_redhat - Published: 2017-01-19 13:59 - Updated: 2025-11-21 17:59Summary
Red Hat Security Advisory: java-1.8.0-oracle security update
Severity
Critical
Notes
Topic: An update for java-1.8.0-oracle is now available for Oracle Java for Red Hat Enterprise Linux 6 and Oracle Java for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Oracle Java SE version 8 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.
This update upgrades Oracle Java SE 8 to version 8 Update 121.
Security Fix(es):
* This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section. (CVE-2016-2183, CVE-2016-5546, CVE-2016-5547, CVE-2016-5548, CVE-2016-5549, CVE-2016-5552, CVE-2016-8328, CVE-2017-3231, CVE-2017-3241, CVE-2017-3252, CVE-2017-3253, CVE-2017-3259, CVE-2017-3261, CVE-2017-3262, CVE-2017-3272, CVE-2017-3289)
This update mitigates the CVE-2016-2183 issue by adding 3DES cipher suites to the list of legacy algorithms (defined using the jdk.tls.legacyAlgorithms security property) so they are only used if connecting TLS/SSL client and server do not share any other non-legacy cipher suite.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
It was discovered that the Libraries component of OpenJDK accepted ECDSA signatures using non-canonical DER encoding. This could cause a Java application to accept signature in an incorrect format not accepted by other cryptographic tools.
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
All running instances of Oracle Java must be restarted for this update to take effect.
https://access.redhat.com/errata/RHSA-2017:0175
It was discovered that the Libraries component of OpenJDK did not validate the length of the object identifier read from the DER input before allocating memory to store the OID. An attacker able to make a Java application decode a specially crafted DER input could cause the application to consume an excessive amount of memory.
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
All running instances of Oracle Java must be restarted for this update to take effect.
https://access.redhat.com/errata/RHSA-2017:0175
A covert timing channel flaw was found in the DSA implementation in the Libraries component of OpenJDK. A remote attacker could possibly use this flaw to extract certain information about the used key via a timing side channel.
6.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
All running instances of Oracle Java must be restarted for this update to take effect.
https://access.redhat.com/errata/RHSA-2017:0175
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 6.5 (Confidentiality impacts).
6.5 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
All running instances of Oracle Java must be restarted for this update to take effect.
https://access.redhat.com/errata/RHSA-2017:0175
It was discovered that the Networking component of OpenJDK failed to properly parse user info from the URL. A remote attacker could cause a Java application to incorrectly parse an attacker supplied URL and interpret it differently from other applications processing the same URL.
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
All running instances of Oracle Java must be restarted for this update to take effect.
https://access.redhat.com/errata/RHSA-2017:0175
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java Mission Control). The supported version that is affected is Java SE: 8u112. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data. Note: Applies to Java Mission Control Installation. CVSS v3.0 Base Score 3.7 (Integrity impacts).
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
All running instances of Oracle Java must be restarted for this update to take effect.
https://access.redhat.com/errata/RHSA-2017:0175
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 4.3 (Confidentiality impacts).
4.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
All running instances of Oracle Java must be restarted for this update to take effect.
https://access.redhat.com/errata/RHSA-2017:0175
It was discovered that the RMI registry and DCG implementations in the RMI component of OpenJDK performed deserialization of untrusted inputs. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application.
8.1 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
All running instances of Oracle Java must be restarted for this update to take effect.
https://access.redhat.com/errata/RHSA-2017:0175
It was discovered that the JAAS component of OpenJDK did not use the correct way to extract user DN from the result of the user search LDAP query. A specially crafted user LDAP entry could cause the application to use an incorrect DN.
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
All running instances of Oracle Java must be restarted for this update to take effect.
https://access.redhat.com/errata/RHSA-2017:0175
It was discovered that the 2D component of OpenJDK performed parsing of iTXt and zTXt PNG image chunks even when configured to ignore metadata. An attacker able to make a Java application parse a specially crafted PNG image could cause the application to consume an excessive amount of memory.
7.5 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
All running instances of Oracle Java must be restarted for this update to take effect.
https://access.redhat.com/errata/RHSA-2017:0175
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 3.7 (Confidentiality impacts).
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
All running instances of Oracle Java must be restarted for this update to take effect.
https://access.redhat.com/errata/RHSA-2017:0175
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 4.3 (Confidentiality impacts).
4.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
All running instances of Oracle Java must be restarted for this update to take effect.
https://access.redhat.com/errata/RHSA-2017:0175
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java Mission Control). The supported version that is affected is Java SE: 8u112. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: Applies to Java Mission Control Installation. CVSS v3.0 Base Score 5.3 (Confidentiality impacts).
5.3 (Medium)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
All running instances of Oracle Java must be restarted for this update to take effect.
https://access.redhat.com/errata/RHSA-2017:0175
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 9.6 (Confidentiality, Integrity and Availability impacts).
8.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
All running instances of Oracle Java must be restarted for this update to take effect.
https://access.redhat.com/errata/RHSA-2017:0175
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 9.6 (Confidentiality, Integrity and Availability impacts).
8.8 (High)
Vendor Fix
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
All running instances of Oracle Java must be restarted for this update to take effect.
https://access.redhat.com/errata/RHSA-2017:0175
References
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for java-1.8.0-oracle is now available for Oracle Java for Red Hat Enterprise Linux 6 and Oracle Java for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Oracle Java SE version 8 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.\n\nThis update upgrades Oracle Java SE 8 to version 8 Update 121.\n\nSecurity Fix(es):\n\n* This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page, listed in the References section. (CVE-2016-2183, CVE-2016-5546, CVE-2016-5547, CVE-2016-5548, CVE-2016-5549, CVE-2016-5552, CVE-2016-8328, CVE-2017-3231, CVE-2017-3241, CVE-2017-3252, CVE-2017-3253, CVE-2017-3259, CVE-2017-3261, CVE-2017-3262, CVE-2017-3272, CVE-2017-3289)\n\nThis update mitigates the CVE-2016-2183 issue by adding 3DES cipher suites to the list of legacy algorithms (defined using the jdk.tls.legacyAlgorithms security property) so they are only used if connecting TLS/SSL client and server do not share any other non-legacy cipher suite.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:0175",
"url": "https://access.redhat.com/errata/RHSA-2017:0175"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixJAVA"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/java/javase/8u121-relnotes-3315208.html",
"url": "http://www.oracle.com/technetwork/java/javase/8u121-relnotes-3315208.html"
},
{
"category": "external",
"summary": "1369383",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369383"
},
{
"category": "external",
"summary": "1413554",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413554"
},
{
"category": "external",
"summary": "1413562",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413562"
},
{
"category": "external",
"summary": "1413583",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413583"
},
{
"category": "external",
"summary": "1413653",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413653"
},
{
"category": "external",
"summary": "1413717",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413717"
},
{
"category": "external",
"summary": "1413764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413764"
},
{
"category": "external",
"summary": "1413882",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413882"
},
{
"category": "external",
"summary": "1413906",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413906"
},
{
"category": "external",
"summary": "1413911",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413911"
},
{
"category": "external",
"summary": "1413920",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413920"
},
{
"category": "external",
"summary": "1413923",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413923"
},
{
"category": "external",
"summary": "1413955",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413955"
},
{
"category": "external",
"summary": "1414162",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414162"
},
{
"category": "external",
"summary": "1414163",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414163"
},
{
"category": "external",
"summary": "1414164",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414164"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_0175.json"
}
],
"title": "Red Hat Security Advisory: java-1.8.0-oracle security update",
"tracking": {
"current_release_date": "2025-11-21T17:59:10+00:00",
"generator": {
"date": "2025-11-21T17:59:10+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2017:0175",
"initial_release_date": "2017-01-19T13:59:09+00:00",
"revision_history": [
{
"date": "2017-01-19T13:59:09+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-12-14T14:50:08+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T17:59:10+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.8.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:6"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.8.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:6"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Server 6",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.8.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:6"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.8.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:6"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.3.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:7"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.3.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:7"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.3.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:7"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.3.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:7"
}
}
}
],
"category": "product_family",
"name": "Oracle Java for Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"product": {
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"product_id": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle-jdbc@1.8.0.121-1jpp.1.el6_8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"product": {
"name": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"product_id": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle-src@1.8.0.121-1jpp.1.el6_8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"product": {
"name": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"product_id": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle-plugin@1.8.0.121-1jpp.1.el6_8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"product": {
"name": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"product_id": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle@1.8.0.121-1jpp.1.el6_8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"product": {
"name": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"product_id": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle-devel@1.8.0.121-1jpp.1.el6_8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"product": {
"name": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"product_id": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle-javafx@1.8.0.121-1jpp.1.el6_8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"product": {
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"product_id": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle-jdbc@1.8.0.121-1jpp.1.el7_3?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"product": {
"name": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"product_id": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle-src@1.8.0.121-1jpp.1.el7_3?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"product": {
"name": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"product_id": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle@1.8.0.121-1jpp.1.el7_3?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"product": {
"name": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"product_id": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle-devel@1.8.0.121-1jpp.1.el7_3?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"product": {
"name": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"product_id": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle-javafx@1.8.0.121-1jpp.1.el7_3?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"product": {
"name": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"product_id": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle-plugin@1.8.0.121-1jpp.1.el7_3?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"product": {
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"product_id": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle-jdbc@1.8.0.121-1jpp.1.el6_8?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"product": {
"name": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"product_id": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle-src@1.8.0.121-1jpp.1.el6_8?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"product": {
"name": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"product_id": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle-plugin@1.8.0.121-1jpp.1.el6_8?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"product": {
"name": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"product_id": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle@1.8.0.121-1jpp.1.el6_8?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"product": {
"name": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"product_id": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle-devel@1.8.0.121-1jpp.1.el6_8?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"product": {
"name": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"product_id": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-oracle-javafx@1.8.0.121-1jpp.1.el6_8?arch=i686\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "i686"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6Client-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6Client-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6Client-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6Client-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6Client-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6Client-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6Client-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6Client-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6Client-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6Client-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6Client-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6Client-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6Server-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6Server-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6Server-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6Server-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6Server-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6Server-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6Server-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6Server-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6Server-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6Server-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6Server-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6Server-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6Workstation-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6Workstation-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6Workstation-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6Workstation-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6Workstation-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6Workstation-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6Workstation-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6Workstation-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6Workstation-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6Workstation-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686"
},
"product_reference": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"relates_to_product_reference": "6Workstation-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64"
},
"product_reference": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"relates_to_product_reference": "6Workstation-OracleJava-6.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7Client-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7Client-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7Client-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7Client-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7Client-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7Client-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7Server-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7Server-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7Server-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7Server-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7Server-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7Server-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7Workstation-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7Workstation-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7Workstation-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7Workstation-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7Workstation-OracleJava-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
},
"product_reference": "java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"relates_to_product_reference": "7Workstation-OracleJava-7.3.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-5546",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-01-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1413911"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the Libraries component of OpenJDK accepted ECDSA signatures using non-canonical DER encoding. This could cause a Java application to accept signature in an incorrect format not accepted by other cryptographic tools.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: incorrect ECDSA signature extraction from the DER input (Libraries, 8168714)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-5546"
},
{
"category": "external",
"summary": "RHBZ#1413911",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413911"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-5546",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5546"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-5546",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5546"
}
],
"release_date": "2017-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-01-19T13:59:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0175"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: incorrect ECDSA signature extraction from the DER input (Libraries, 8168714)"
},
{
"cve": "CVE-2016-5547",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2017-01-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1413764"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the Libraries component of OpenJDK did not validate the length of the object identifier read from the DER input before allocating memory to store the OID. An attacker able to make a Java application decode a specially crafted DER input could cause the application to consume an excessive amount of memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: missing ObjectIdentifier length check (Libraries, 8168705)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-5547"
},
{
"category": "external",
"summary": "RHBZ#1413764",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413764"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-5547",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5547"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-5547",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5547"
}
],
"release_date": "2017-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-01-19T13:59:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0175"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: missing ObjectIdentifier length check (Libraries, 8168705)"
},
{
"cve": "CVE-2016-5548",
"cwe": {
"id": "CWE-385",
"name": "Covert Timing Channel"
},
"discovery_date": "2017-01-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1413920"
}
],
"notes": [
{
"category": "description",
"text": "A covert timing channel flaw was found in the DSA implementation in the Libraries component of OpenJDK. A remote attacker could possibly use this flaw to extract certain information about the used key via a timing side channel.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: DSA implementation timing attack (Libraries, 8168728)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-5548"
},
{
"category": "external",
"summary": "RHBZ#1413920",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413920"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-5548",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5548"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-5548",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5548"
}
],
"release_date": "2017-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-01-19T13:59:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0175"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: DSA implementation timing attack (Libraries, 8168728)"
},
{
"cve": "CVE-2016-5549",
"cwe": {
"id": "CWE-385",
"name": "Covert Timing Channel"
},
"discovery_date": "2017-01-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1413923"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 6.5 (Confidentiality impacts).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: ECDSA implementation timing attack (Libraries, 8168724)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-5549"
},
{
"category": "external",
"summary": "RHBZ#1413923",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413923"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-5549",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5549"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-5549",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5549"
}
],
"release_date": "2017-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-01-19T13:59:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0175"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: ECDSA implementation timing attack (Libraries, 8168724)"
},
{
"cve": "CVE-2016-5552",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-01-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1413882"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the Networking component of OpenJDK failed to properly parse user info from the URL. A remote attacker could cause a Java application to incorrectly parse an attacker supplied URL and interpret it differently from other applications processing the same URL.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: incorrect URL parsing in URLStreamHandler (Networking, 8167223)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-5552"
},
{
"category": "external",
"summary": "RHBZ#1413882",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413882"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-5552",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5552"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-5552",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-5552"
}
],
"release_date": "2017-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-01-19T13:59:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0175"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: incorrect URL parsing in URLStreamHandler (Networking, 8167223)"
},
{
"cve": "CVE-2016-8328",
"discovery_date": "2017-01-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1414164"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java Mission Control). The supported version that is affected is Java SE: 8u112. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data. Note: Applies to Java Mission Control Installation. CVSS v3.0 Base Score 3.7 (Integrity impacts).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 8u121 (Java Mission Control)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-8328"
},
{
"category": "external",
"summary": "RHBZ#1414164",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414164"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-8328",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8328"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-8328",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8328"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixJAVA"
}
],
"release_date": "2017-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-01-19T13:59:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0175"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JDK: unspecified vulnerability fixed in 8u121 (Java Mission Control)"
},
{
"cve": "CVE-2017-3231",
"discovery_date": "2017-01-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1413717"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 4.3 (Confidentiality impacts).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: URLClassLoader insufficient access control checks (Networking, 8151934)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3231"
},
{
"category": "external",
"summary": "RHBZ#1413717",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413717"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3231",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3231"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3231",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3231"
}
],
"release_date": "2017-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-01-19T13:59:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0175"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: URLClassLoader insufficient access control checks (Networking, 8151934)"
},
{
"cve": "CVE-2017-3241",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2017-01-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1413955"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the RMI registry and DCG implementations in the RMI component of OpenJDK performed deserialization of untrusted inputs. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: untrusted input deserialization in RMI registry and DCG (RMI, 8156802)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3241"
},
{
"category": "external",
"summary": "RHBZ#1413955",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413955"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3241",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3241"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3241",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3241"
}
],
"release_date": "2017-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-01-19T13:59:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0175"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK: untrusted input deserialization in RMI registry and DCG (RMI, 8156802)"
},
{
"cve": "CVE-2017-3252",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-01-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1413906"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the JAAS component of OpenJDK did not use the correct way to extract user DN from the result of the user search LDAP query. A specially crafted user LDAP entry could cause the application to use an incorrect DN.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: LdapLoginModule incorrect userDN extraction (JAAS, 8161743)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3252"
},
{
"category": "external",
"summary": "RHBZ#1413906",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413906"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3252",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3252"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3252",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3252"
}
],
"release_date": "2017-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-01-19T13:59:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0175"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: LdapLoginModule incorrect userDN extraction (JAAS, 8161743)"
},
{
"cve": "CVE-2017-3253",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2017-01-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1413583"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the 2D component of OpenJDK performed parsing of iTXt and zTXt PNG image chunks even when configured to ignore metadata. An attacker able to make a Java application parse a specially crafted PNG image could cause the application to consume an excessive amount of memory.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: imageio PNGImageReader failed to honor ignoreMetadata for iTXt and zTXt chunks (2D, 8166988)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3253"
},
{
"category": "external",
"summary": "RHBZ#1413583",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413583"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3253",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3253"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3253",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3253"
}
],
"release_date": "2017-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-01-19T13:59:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0175"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: imageio PNGImageReader failed to honor ignoreMetadata for iTXt and zTXt chunks (2D, 8166988)"
},
{
"cve": "CVE-2017-3259",
"discovery_date": "2017-01-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1414163"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 3.7 (Confidentiality impacts).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 6u141, 7u131, and 8u121 (Deployment)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3259"
},
{
"category": "external",
"summary": "RHBZ#1414163",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414163"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3259",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3259"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3259",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3259"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixJAVA"
}
],
"release_date": "2017-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-01-19T13:59:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0175"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JDK: unspecified vulnerability fixed in 6u141, 7u131, and 8u121 (Deployment)"
},
{
"cve": "CVE-2017-3261",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2017-01-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1413653"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 4.3 (Confidentiality impacts).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: integer overflow in SocketOutputStream boundary check (Networking, 8164147)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3261"
},
{
"category": "external",
"summary": "RHBZ#1413653",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413653"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3261",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3261"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3261",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3261"
}
],
"release_date": "2017-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-01-19T13:59:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0175"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: integer overflow in SocketOutputStream boundary check (Networking, 8164147)"
},
{
"cve": "CVE-2017-3262",
"discovery_date": "2017-01-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1414162"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Java Mission Control). The supported version that is affected is Java SE: 8u112. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: Applies to Java Mission Control Installation. CVSS v3.0 Base Score 5.3 (Confidentiality impacts).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 8u121 (Java Mission Control)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3262"
},
{
"category": "external",
"summary": "RHBZ#1414162",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1414162"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3262",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3262"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3262",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3262"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixJAVA"
}
],
"release_date": "2017-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-01-19T13:59:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0175"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JDK: unspecified vulnerability fixed in 8u121 (Java Mission Control)"
},
{
"cve": "CVE-2017-3272",
"discovery_date": "2017-01-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1413554"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 9.6 (Confidentiality, Integrity and Availability impacts).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: insufficient protected field access checks in atomic field updaters (Libraries, 8165344)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3272"
},
{
"category": "external",
"summary": "RHBZ#1413554",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413554"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3272",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3272"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3272",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3272"
}
],
"release_date": "2017-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-01-19T13:59:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0175"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK: insufficient protected field access checks in atomic field updaters (Libraries, 8165344)"
},
{
"cve": "CVE-2017-3289",
"discovery_date": "2017-01-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1413562"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS v3.0 Base Score 9.6 (Confidentiality, Integrity and Availability impacts).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: insecure class construction (Hotspot, 8167104)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3289"
},
{
"category": "external",
"summary": "RHBZ#1413562",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1413562"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3289",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3289"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3289",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3289"
}
],
"release_date": "2017-01-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-01-19T13:59:09+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:0175"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Client-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6ComputeNode-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Server-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.i686",
"6Workstation-OracleJava-6.8.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el6_8.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Client-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7ComputeNode-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Server-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-devel-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-javafx-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-jdbc-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-plugin-1:1.8.0.121-1jpp.1.el7_3.x86_64",
"7Workstation-OracleJava-7.3.Z:java-1.8.0-oracle-src-1:1.8.0.121-1jpp.1.el7_3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "OpenJDK: insecure class construction (Hotspot, 8167104)"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…