UBUNTU-CVE-2016-5547
See a problem?- Source
- https://ubuntu.com/security/notices/UBUNTU-CVE-2016-5547
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2016/UBUNTU-CVE-2016-5547.json
- JSON Data
- https://api.osv.dev/v1/vulns/UBUNTU-CVE-2016-5547
- Related
- Published
- 2016-12-31T00:00:00Z
- Modified
- 2016-12-31T00:00:00Z
- Severity
-
- 5.3 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVSS Calculator
- Summary
- [none]
- Details
-
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS v3.0 Base Score 5.3 (Availability impacts).
- References
-
- https://ubuntu.com/security/CVE-2016-5547
- http://www.oracle.com/ocom/groups/public/@otn/documents/webcontent/3432537.xml
- http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixJAVA
- http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/683c9263a5b1
- https://ubuntu.com/security/notices/USN-3179-1
- https://ubuntu.com/security/notices/USN-3194-1
- https://www.cve.org/CVERecord?id=CVE-2016-5547
Affected packages
Ubuntu:14.04:LTS / openjdk-7
Package
- Name
- openjdk-7
- Purl
- pkg:deb/ubuntu/openjdk-7@7u121-2.6.8-1ubuntu0.14.04.3?arch=src?distro=trusty
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed7u121-2.6.8-1ubuntu0.14.04.3
Affected versions
7u25-2.*
7u25-2.3.12-4ubuntu3
7u25-2.3.12-4ubuntu5
7u45-2.*
7u45-2.4.3-3ubuntu1
7u45-2.4.3-3ubuntu2
7u45-2.4.3-4ubuntu1
7u45-2.4.3-4ubuntu2
7u51-2.*
7u51-2.4.4-1ubuntu1
7u51-2.4.5-1ubuntu1
7u51-2.4.6~pre1-1ubuntu2
7u51-2.4.6-1ubuntu3
7u51-2.4.6-1ubuntu4
7u55-2.*
7u55-2.4.7-1ubuntu1
7u65-2.*
7u65-2.5.1-4ubuntu1~0.14.04.1
7u65-2.5.1-4ubuntu1~0.14.04.2
7u65-2.5.2-3~14.04
7u71-2.*
7u71-2.5.3-0ubuntu0.14.04.1
7u75-2.*
7u75-2.5.4-1~trusty1
7u79-2.*
7u79-2.5.5-0ubuntu0.14.04.2
7u79-2.5.6-0ubuntu1.14.04.1
7u85-2.*
7u85-2.6.1-5ubuntu0.14.04.1
7u91-2.*
7u91-2.6.3-0ubuntu0.14.04.1
7u95-2.*
7u95-2.6.4-0ubuntu0.14.04.1
7u95-2.6.4-0ubuntu0.14.04.2
7u101-2.*
7u101-2.6.6-0ubuntu0.14.04.1
7u111-2.*
7u111-2.6.7-0ubuntu0.14.04.3
7u121-2.*
7u121-2.6.8-1ubuntu0.14.04.1
Ecosystem specific
{
"availability": "No subscription required",
"ubuntu_priority": "medium",
"binaries": [
{
"openjdk-7-demo": "7u121-2.6.8-1ubuntu0.14.04.3",
"openjdk-7-source": "7u121-2.6.8-1ubuntu0.14.04.3",
"openjdk-7-jre": "7u121-2.6.8-1ubuntu0.14.04.3",
"openjdk-7-jdk": "7u121-2.6.8-1ubuntu0.14.04.3",
"openjdk-7-dbg": "7u121-2.6.8-1ubuntu0.14.04.3",
"icedtea-7-jre-jamvm": "7u121-2.6.8-1ubuntu0.14.04.3",
"openjdk-7-jre-zero": "7u121-2.6.8-1ubuntu0.14.04.3",
"openjdk-7-doc": "7u121-2.6.8-1ubuntu0.14.04.3",
"openjdk-7-jre-headless": "7u121-2.6.8-1ubuntu0.14.04.3",
"openjdk-7-jre-lib": "7u121-2.6.8-1ubuntu0.14.04.3"
}
]
}
Ubuntu:16.04:LTS / openjdk-8
Package
- Name
- openjdk-8
- Purl
- pkg:deb/ubuntu/openjdk-8@8u121-b13-0ubuntu1.16.04.2?arch=src?distro=xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed8u121-b13-0ubuntu1.16.04.2
Affected versions
Other
8u66-b01-5
8u72-b05-1ubuntu1
8u72-b05-5
8u72-b05-6
8u72-b15-1
8u72-b15-2ubuntu1
8u72-b15-2ubuntu3
8u72-b15-3ubuntu1
8u77-b03-1ubuntu2
8u77-b03-3ubuntu1
8u77-b03-3ubuntu2
8u77-b03-3ubuntu3
8u91-b14-0ubuntu4~16.*
8u91-b14-0ubuntu4~16.04.1
8u91-b14-3ubuntu1~16.*
8u91-b14-3ubuntu1~16.04.1
8u111-b14-2ubuntu0.*
8u111-b14-2ubuntu0.16.04.2
Ecosystem specific
{
"availability": "No subscription required",
"ubuntu_priority": "medium",
"binaries": [
{
"openjdk-8-jre-jamvm": "8u121-b13-0ubuntu1.16.04.2",
"openjdk-8-dbg": "8u121-b13-0ubuntu1.16.04.2",
"openjdk-8-jdk-headless": "8u121-b13-0ubuntu1.16.04.2",
"openjdk-8-demo": "8u121-b13-0ubuntu1.16.04.2",
"openjdk-8-jre-zero": "8u121-b13-0ubuntu1.16.04.2",
"openjdk-8-jre-headless": "8u121-b13-0ubuntu1.16.04.2",
"openjdk-8-source": "8u121-b13-0ubuntu1.16.04.2",
"openjdk-8-jdk": "8u121-b13-0ubuntu1.16.04.2",
"openjdk-8-jre": "8u121-b13-0ubuntu1.16.04.2",
"openjdk-8-doc": "8u121-b13-0ubuntu1.16.04.2"
}
]
}