UBUNTU-CVE-2016-5552

See a problem?

Source

https://ubuntu.com/security/notices/UBUNTU-CVE-2016-5552

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2016/UBUNTU-CVE-2016-5552.json

JSON Data

https://api.osv.dev/v1/vulns/UBUNTU-CVE-2016-5552

Related

CVE-2016-5552
USN-3179-1
USN-3194-1
USN-3198-1

Published

2016-12-31T00:00:00Z

Modified

2016-12-31T00:00:00Z

Severity

5.3 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N CVSS Calculator

Summary

[none]

Details

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS v3.0 Base Score 5.3 (Integrity impacts).

References

Affected packages

Ubuntu:14.04:LTS / openjdk-6

Package

Name: openjdk-6
Purl: pkg:deb/ubuntu/openjdk-6@6b41-1.13.13-0ubuntu0.14.04.1?arch=src?distro=trusty

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6b41-1.13.13-0ubuntu0.14.04.1

Affected versions

6b27-1.*

6b27-1.12.6-1ubuntu2

6b27-1.12.7-2ubuntu1

6b29-1.*

6b29-1.13.0-1ubuntu2

6b30-1.*

6b30-1.13.1-1ubuntu1

6b30-1.13.1-1ubuntu2

6b30-1.13.2-1ubuntu1

6b31-1.*

6b31-1.13.3-1ubuntu1

6b32-1.*

6b32-1.13.4-4ubuntu0.14.04.1

6b33-1.*

6b33-1.13.5-1ubuntu0.14.04

6b34-1.*

6b34-1.13.6-1ubuntu0.14.04.1

6b35-1.*

6b35-1.13.7-1ubuntu0.14.04.1

6b36-1.*

6b36-1.13.8-0ubuntu1~14.04

6b37-1.*

6b37-1.13.9-1ubuntu0.14.04.1

6b38-1.*

6b38-1.13.10-0ubuntu0.14.04.1

6b39-1.*

6b39-1.13.11-0ubuntu0.14.04.1

6b40-1.*

6b40-1.13.12-0ubuntu0.14.04.2

6b40-1.13.12-0ubuntu0.14.04.3

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "openjdk-6-dbg": "6b41-1.13.13-0ubuntu0.14.04.1",
            "icedtea-6-jre-jamvm": "6b41-1.13.13-0ubuntu0.14.04.1",
            "openjdk-6-doc": "6b41-1.13.13-0ubuntu0.14.04.1",
            "openjdk-6-jre": "6b41-1.13.13-0ubuntu0.14.04.1",
            "openjdk-6-source": "6b41-1.13.13-0ubuntu0.14.04.1",
            "openjdk-6-jre-headless": "6b41-1.13.13-0ubuntu0.14.04.1",
            "openjdk-6-jre-zero": "6b41-1.13.13-0ubuntu0.14.04.1",
            "icedtea-6-jre-cacao": "6b41-1.13.13-0ubuntu0.14.04.1",
            "openjdk-6-jre-lib": "6b41-1.13.13-0ubuntu0.14.04.1",
            "openjdk-6-jdk": "6b41-1.13.13-0ubuntu0.14.04.1",
            "openjdk-6-demo": "6b41-1.13.13-0ubuntu0.14.04.1"
        }
    ]
}

Ubuntu:14.04:LTS / openjdk-7

Package

Name: openjdk-7
Purl: pkg:deb/ubuntu/openjdk-7@7u121-2.6.8-1ubuntu0.14.04.3?arch=src?distro=trusty

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7u121-2.6.8-1ubuntu0.14.04.3

Affected versions

7u25-2.*

7u25-2.3.12-4ubuntu3

7u25-2.3.12-4ubuntu5

7u45-2.*

7u45-2.4.3-3ubuntu1

7u45-2.4.3-3ubuntu2

7u45-2.4.3-4ubuntu1

7u45-2.4.3-4ubuntu2

7u51-2.*

7u51-2.4.4-1ubuntu1

7u51-2.4.5-1ubuntu1

7u51-2.4.6~pre1-1ubuntu2

7u51-2.4.6-1ubuntu3

7u51-2.4.6-1ubuntu4

7u55-2.*

7u55-2.4.7-1ubuntu1

7u65-2.*

7u65-2.5.1-4ubuntu1~0.14.04.1

7u65-2.5.1-4ubuntu1~0.14.04.2

7u65-2.5.2-3~14.04

7u71-2.*

7u71-2.5.3-0ubuntu0.14.04.1

7u75-2.*

7u75-2.5.4-1~trusty1

7u79-2.*

7u79-2.5.5-0ubuntu0.14.04.2

7u79-2.5.6-0ubuntu1.14.04.1

7u85-2.*

7u85-2.6.1-5ubuntu0.14.04.1

7u91-2.*

7u91-2.6.3-0ubuntu0.14.04.1

7u95-2.*

7u95-2.6.4-0ubuntu0.14.04.1

7u95-2.6.4-0ubuntu0.14.04.2

7u101-2.*

7u101-2.6.6-0ubuntu0.14.04.1

7u111-2.*

7u111-2.6.7-0ubuntu0.14.04.3

7u121-2.*

7u121-2.6.8-1ubuntu0.14.04.1

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "openjdk-7-demo": "7u121-2.6.8-1ubuntu0.14.04.3",
            "openjdk-7-source": "7u121-2.6.8-1ubuntu0.14.04.3",
            "openjdk-7-jre": "7u121-2.6.8-1ubuntu0.14.04.3",
            "openjdk-7-jdk": "7u121-2.6.8-1ubuntu0.14.04.3",
            "openjdk-7-dbg": "7u121-2.6.8-1ubuntu0.14.04.3",
            "icedtea-7-jre-jamvm": "7u121-2.6.8-1ubuntu0.14.04.3",
            "openjdk-7-jre-zero": "7u121-2.6.8-1ubuntu0.14.04.3",
            "openjdk-7-doc": "7u121-2.6.8-1ubuntu0.14.04.3",
            "openjdk-7-jre-headless": "7u121-2.6.8-1ubuntu0.14.04.3",
            "openjdk-7-jre-lib": "7u121-2.6.8-1ubuntu0.14.04.3"
        }
    ]
}

Ubuntu:16.04:LTS / openjdk-8

Package

Name: openjdk-8
Purl: pkg:deb/ubuntu/openjdk-8@8u121-b13-0ubuntu1.16.04.2?arch=src?distro=xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

8u121-b13-0ubuntu1.16.04.2

Affected versions

Other

8u66-b01-5

8u72-b05-1ubuntu1

8u72-b05-5

8u72-b05-6

8u72-b15-1

8u72-b15-2ubuntu1

8u72-b15-2ubuntu3

8u72-b15-3ubuntu1

8u77-b03-1ubuntu2

8u77-b03-3ubuntu1

8u77-b03-3ubuntu2

8u77-b03-3ubuntu3

8u91-b14-0ubuntu4~16.*

8u91-b14-0ubuntu4~16.04.1

8u91-b14-3ubuntu1~16.*

8u91-b14-3ubuntu1~16.04.1

8u111-b14-2ubuntu0.*

8u111-b14-2ubuntu0.16.04.2

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "openjdk-8-jre-jamvm": "8u121-b13-0ubuntu1.16.04.2",
            "openjdk-8-dbg": "8u121-b13-0ubuntu1.16.04.2",
            "openjdk-8-jdk-headless": "8u121-b13-0ubuntu1.16.04.2",
            "openjdk-8-demo": "8u121-b13-0ubuntu1.16.04.2",
            "openjdk-8-jre-zero": "8u121-b13-0ubuntu1.16.04.2",
            "openjdk-8-jre-headless": "8u121-b13-0ubuntu1.16.04.2",
            "openjdk-8-source": "8u121-b13-0ubuntu1.16.04.2",
            "openjdk-8-jdk": "8u121-b13-0ubuntu1.16.04.2",
            "openjdk-8-jre": "8u121-b13-0ubuntu1.16.04.2",
            "openjdk-8-doc": "8u121-b13-0ubuntu1.16.04.2"
        }
    ]
}