Oval Definition:oval:org.cisecurity:def:1240
Revision Date:2016-11-11Version:23
Title:Unspecified vulnerability in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 - CVE-2016-0483
Description:Unspecified vulnerability in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this is a heap-based buffer overflow in the readImage function, which allows remote attackers to execute arbitrary code via crafted image data.
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2016-0483
Platform(s):Microsoft Windows 10
Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows Vista
Microsoft Windows XP
Product(s):Java Development Kit 1.6
Java Development Kit 1.7
Java Development Kit 1.8
Java Runtime Environment 1.6
Java Runtime Environment 1.7
Java Runtime Environment 1.8
JRockit R28
Definition Synopsis
  • Java SE Development Kit 1.6 is installed + version
  • Java SE Development Kit 6 is installed
  • AND Check if Java SE Development Kit 1.6 version is less than 6.0.1060
  • OR Java SE Runtime Environment 1.6 is installed + version
  • Java SE Runtime Environment 6 is installed
  • AND Check if Java SE Runtime Environment 1.6 version is less than 6.0.1060
  • OR Java SE Development Kit 1.7 is installed + version
  • Java SE Development Kit 7 is installed
  • AND Check if Java SE Development Kit 1.7 version is less than 7.0.920
  • OR Java SE Runtime Environment 1.7 is installed + version
  • Java SE Runtime Environment 7 is installed
  • AND Check if Java SE Runtime Environment 1.7 version is less than 7.0.920
  • OR Java Development Kit 1.8 section
  • Java SE Development Kit 8 is installed
  • AND Check if Java SE Development Kit 1.8 version is less than 8.0.670
  • OR Java Runtime Environment 1.8 section
  • Java SE Runtime Environment 8 is installed
  • AND Check if Java SE Runtime Environment 1.8 version is less than 8.0.670
  • OR Check if Java Runtime Environment version is greater than or less than 8.0.670
  • OR Determine if the version of JRockit is less than R28.3.9 and is greater than or equal to R28.0.0
  • Determine if the version of JRockit equals R28.3.9
  • AND JRockit R28 is installed
    • BACK