CyberSec.Space Logo
Back to CVE Browser

CVE-2016-0483

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1810%
EPSS Percentile9.00th
PublishedJan 21, 2016
Last ModifiedMay 6, 2026

Vulnerability Description

Unspecified vulnerability in Oracle Java SE 6u105, 7u91, and 8u66; Java SE Embedded 8u65; and JRockit R28.3.8 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this is a heap-based buffer overflow in the readImage function, which allows remote attackers to execute arbitrary code via crafted image data.

Affected Platforms (CPE)

πŸ“¦
Oracle

Jdk

= 1.6.0
πŸ“¦
Oracle

Jdk

= 1.7.0
πŸ“¦
Oracle

Jdk

= 1.8.0
πŸ“¦
Oracle

Jre

= 1.6.0
πŸ“¦
Oracle

Jre

= 1.7.0
πŸ“¦
Oracle

Jre

= 1.8.0
πŸ“¦
Oracle

Jrockit

= r28.3.8
πŸ’»
Canonical

Ubuntu Linux

= 12.04
πŸ’»
Canonical

Ubuntu Linux

= 14.04
πŸ’»
Canonical

Ubuntu Linux

= 15.04
πŸ’»
Canonical

Ubuntu Linux

= 15.10

References & Advisories

πŸ”— http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html
πŸ”— http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html
πŸ”— http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html
πŸ”— http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html
πŸ”— http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html
πŸ”— http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html
πŸ”— http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html
πŸ”— http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html

Related Vulnerabilities

CVE-2007-243510.0

Sun Java Web Start in JDK and JRE 5.0 Update 10 and earlier, and Java Web Start in SDK and JRE 1.4.2_13 and earlier, allows remote...

CVE-2008-535310.0

The Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 16 and earlier; and SDK and...

CVE-2004-025310.0

IBM Cloudscape 5.1 running jdk 1.4.2_03 allows remote attackers to execute arbitrary programs or cause a denial of service via cer...

CVE-2008-535510.0

The "Java Update" feature for Java Runtime Environment (JRE) for Sun JDK and JRE 6 Update 10 and earlier; JDK and JRE 5.0 Update 1...