CVE-2016-3552 : Unspecified vulnerability in Oracle Java SE 8u92 allows local users to affect co

Unspecified vulnerability in Oracle Java SE 8u92 allows local users to affect confidentiality, integrity, and availability via vectors related to Install.

Published 2016-07-21 10:13:49

Updated 2025-04-12 10:46:41

Source Oracle

View at NVD, CVE.org

Products affected by CVE-2016-3552

Oracle » JDK » Version: 1.8.0 Update Update92
cpe:2.3:a:oracle:jdk:1.8.0:update92:*:*:*:*:*:*
Matching versions
Oracle » JRE » Version: 1.8.0 Update Update92
cpe:2.3:a:oracle:jre:1.8.0:update92:*:*:*:*:*:*
Matching versions

Threat overview for CVE-2016-3552

Top countries where our scanners detected CVE-2016-3552

Top open port discovered on systems with this issue 80

IPs affected by CVE-2016-3552 212

Threat actors abusing to this issue? Yes

Find out if you^* are affected by CVE-2016-3552!

^*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2016-3552

EPSS FAQ

0.06%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 15 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2016-3552

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
6.2	MEDIUM	AV:L/AC:H/Au:N/C:C/I:C/A:C	1.9	10.0	NIST
Access Vector: Local Access Complexity: High Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete
8.1	HIGH	CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H	1.4	6.0	NIST
Attack Vector: Local Attack Complexity: High Privileges Required: None User Interaction: None Scope: Changed Confidentiality: High Integrity: High Availability: High

References for CVE-2016-3552

http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00033.html

[security-announce] openSUSE-SU-2016:2051-1: important: Security update

CVEs referencing this url
https://security.gentoo.org/glsa/201610-08

Oracle JRE/JDK: Multiple vulnerabilities (GLSA 201610-08) — Gentoo security

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00024.html

[security-announce] SUSE-SU-2016:2012-1: important: Security update for

CVEs referencing this url
http://www.securityfocus.com/bid/91787

Oracle July 2016 Critical Patch Update Multiple Vulnerabilities
Third Party Advisory;VDB Entry

CVEs referencing this url
http://www.securityfocus.com/bid/92000

Oracle Java SE CVE-2016-3552 Local Security Vulnerability
http://lists.opensuse.org/opensuse-updates/2016-08/msg00028.html

openSUSE-SU-2016:1979-1: moderate: Security update for java-1_8_0-openjd

CVEs referencing this url
http://www.securitytracker.com/id/1036365

Oracle Java SE Multiple Flaws Let Remote Users Access and Modify Data and Deny Service, Local Users Modify Data, and Remote and Local Users Gain Elevated Privileges - SecurityTracker

CVEs referencing this url
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html

Oracle Critical Patch Update - July 2016
Patch;Vendor Advisory

CVEs referencing this url
https://security.netapp.com/advisory/ntap-20160721-0001/

July 2016 Java Platform Standard Edition Vulnerabilities in Multiple NetApp Products | NetApp Product Security

CVEs referencing this url
https://access.redhat.com/errata/RHSA-2016:1475

RHSA-2016:1475 - Security Advisory - Red Hat Customer Portal

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2016-3552

Products affected by CVE-2016-3552

Threat overview for CVE-2016-3552

Exploit prediction scoring system (EPSS) score for CVE-2016-3552

CVSS scores for CVE-2016-3552

References for CVE-2016-3552