CVE-2016-0402
First published: Fri Jan 15 2016(Updated: )
Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect integrity via unknown vectors related to Networking.
Credit: secalert_us@oracle.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Ubuntu | =12.04 | |
| Ubuntu | =14.04 | |
| Ubuntu | =15.04 | |
| Ubuntu | =15.10 | |
| Oracle Java SE 7 | =1.6.0-update105 | |
| Oracle Java SE 7 | =1.7.0-update91 | |
| Oracle Java SE 7 | =1.8.0-update66 | |
| Oracle JRE | =1.6.0-update105 | |
| Oracle JRE | =1.7.0-update91 | |
| Oracle JRE | =1.8.0-update66 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html
- http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html
- http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html
- http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html
- http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html
- http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html
- http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html
- http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00048.html
- http://rhn.redhat.com/errata/RHSA-2016-0049.html
- http://rhn.redhat.com/errata/RHSA-2016-0050.html
- http://rhn.redhat.com/errata/RHSA-2016-0053.html
- http://rhn.redhat.com/errata/RHSA-2016-0054.html
- http://rhn.redhat.com/errata/RHSA-2016-0055.html
- http://rhn.redhat.com/errata/RHSA-2016-0056.html
- http://rhn.redhat.com/errata/RHSA-2016-0057.html
- http://rhn.redhat.com/errata/RHSA-2016-0067.html
- http://www.debian.org/security/2016/dsa-3458
- http://www.debian.org/security/2016/dsa-3465
- http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
- http://www.securityfocus.com/bid/81096
- http://www.securitytracker.com/id/1034715
- http://www.ubuntu.com/usn/USN-2884-1
- http://www.ubuntu.com/usn/USN-2885-1
- https://access.redhat.com/errata/RHSA-2016:1430
- https://security.gentoo.org/glsa/201603-14
- https://security.gentoo.org/glsa/201610-08
- http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html#AppendixJAVA
- http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/1837db2935fd
- https://rhn.redhat.com/errata/RHSA-2016-0050.html
- https://rhn.redhat.com/errata/RHSA-2016-0049.html
- https://rhn.redhat.com/errata/RHSA-2016-0057.html
- https://rhn.redhat.com/errata/RHSA-2016-0056.html
- https://rhn.redhat.com/errata/RHSA-2016-0055.html
- https://rhn.redhat.com/errata/RHSA-2016-0053.html
- https://rhn.redhat.com/errata/RHSA-2016-0054.html
- https://rhn.redhat.com/errata/RHSA-2016-0067.html
- https://rhn.redhat.com/errata/RHSA-2016-0101.html
- https://rhn.redhat.com/errata/RHSA-2016-0100.html
- https://rhn.redhat.com/errata/RHSA-2016-0098.html
- https://rhn.redhat.com/errata/RHSA-2016-0099.html
- https://bugzilla.redhat.com/show_bug.cgi?id=1298957
Frequently Asked Questions
What is the severity of CVE-2016-0402?
CVE-2016-0402 is considered to have a medium severity rating since it affects the integrity of the system.
How do I fix CVE-2016-0402?
To address CVE-2016-0402, update your Oracle Java SE or Java SE Embedded installations to the latest version available.
What software is affected by CVE-2016-0402?
CVE-2016-0402 affects Oracle Java SE versions 6u105, 7u91, and 8u66, as well as various Ubuntu Linux versions.
Can CVE-2016-0402 be exploited remotely?
Yes, CVE-2016-0402 can potentially be exploited by remote attackers due to its network-related vulnerabilities.
Is there a workaround for CVE-2016-0402?
While the best approach is to update the affected software, limiting network access may serve as a temporary workaround for CVE-2016-0402.
- agent/type
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2016-0402
- agent/first-publish-date
- agent/references
- agent/remedy
- agent/severity
- agent/author
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/canonical
- canonical/ubuntu
- version/ubuntu/12.04
- version/ubuntu/14.04
- version/ubuntu/15.04
- version/ubuntu/15.10
- vendor/oracle
- canonical/oracle java se 7
- version/oracle java se 7/1.6.0-update105
- version/oracle java se 7/1.7.0-update91
- version/oracle java se 7/1.8.0-update66
- canonical/oracle jre
- version/oracle jre/1.6.0-update105
- version/oracle jre/1.7.0-update91
- version/oracle jre/1.8.0-update66