CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-3443

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to 2D. NOTE: the previous information is from the April 2016 CPU. Oracle has not commented on third-party claims that this issue allows remote attackers to obtain sensitive information via crafted font data, which triggers an out-of-bounds read.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.036

EPSS Ranking 87.3%

CVSS Severity

CVSS v3 Score 9.6

CVSS v2 Score 10.0

References

Products affected by CVE-2016-3443

Oracle » Jdk » Version: 1.6.0

cpe:2.3:a:oracle:jdk:1.6.0
Oracle » Jdk » Version: 1.7.0

cpe:2.3:a:oracle:jdk:1.7.0
Oracle » Jdk » Version: 1.8.0

cpe:2.3:a:oracle:jdk:1.8.0
Oracle » Jre » Version: 1.6.0

cpe:2.3:a:oracle:jre:1.6.0
Oracle » Jre » Version: 1.7.0

cpe:2.3:a:oracle:jre:1.7.0
Oracle » Jre » Version: 1.8.0

cpe:2.3:a:oracle:jre:1.8.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-3443

Products

Pricing

Contact Us