National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/a:oracle:jdk:1.6.0:update_115
There are 9 matching records.
Vuln ID Summary CVSS Severity
CVE-2013-4578

jarsigner in OpenJDK and Oracle Java SE before 7u51 allows remote attackers to bypass a code-signing protection mechanism and inject unsigned bytecode into a signed JAR file by leveraging improper file validation.

Published: December 29, 2017; 05:29:00 PM -05:00
V3: 5.3 MEDIUM
V2: 5.0 MEDIUM
CVE-2016-3550

Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92 and Java SE Embedded 8u91 allows remote attackers to affect confidentiality via vectors related to Hotspot.

Published: July 21, 2016; 06:13:48 AM -04:00
V3: 4.3 MEDIUM
V2: 4.3 MEDIUM
CVE-2016-3508

Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2016-3500.

Published: July 21, 2016; 06:13:00 AM -04:00
V3: 5.3 MEDIUM
V2: 5.0 MEDIUM
CVE-2016-3503

Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92 allows local users to affect confidentiality, integrity, and availability via vectors related to Install.

Published: July 21, 2016; 06:12:56 AM -04:00
V3: 7.7 HIGH
V2: 4.4 MEDIUM
CVE-2016-3500

Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2016-3508.

Published: July 21, 2016; 06:12:53 AM -04:00
V3: 5.3 MEDIUM
V2: 5.0 MEDIUM
CVE-2016-3485

Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows local users to affect integrity via vectors related to Networking.

Published: July 21, 2016; 06:12:39 AM -04:00
V3: 2.9 LOW
V2: 2.1 LOW
CVE-2016-3458

Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; and Java SE Embedded 8u91 allows remote attackers to affect integrity via vectors related to CORBA.

Published: July 21, 2016; 06:12:18 AM -04:00
V3: 4.3 MEDIUM
V2: 4.3 MEDIUM
CVE-2012-5373

Oracle Java SE 7 and earlier, and OpenJDK 7 and earlier, computes hash values without properly restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table, as demonstrated by a universal multicollision attack against the MurmurHash3 algorithm, a different vulnerability than CVE-2012-2739.

Published: November 28, 2012; 08:03:10 AM -05:00
V2: 5.0 MEDIUM
CVE-2007-3503

The Javadoc tool in Sun JDK 6 and JDK 5.0 Update 11 can generate HTML documentation pages that contain cross-site scripting (XSS) vulnerabilities, which allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Published: June 29, 2007; 09:30:00 PM -04:00
V2: 4.3 MEDIUM