rpm package
suse/java-1_8_0-ibm&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP2
pkg:rpm/suse/java-1_8_0-ibm&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2
Vulnerabilities (181)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2016-10165 | Hig | 7.1 | < 1.8.0_sr5.5-30.13.1 | 1.8.0_sr5.5-30.13.1 | Feb 3, 2017 | The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read. | |
| CVE-2017-3289 | Cri | 9.6 | < 1.8.0_sr4.0-23.1 | 1.8.0_sr4.0-23.1 | Jan 27, 2017 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via | |
| CVE-2017-3272 | Cri | 9.6 | < 1.8.0_sr4.0-23.1 | 1.8.0_sr4.0-23.1 | Jan 27, 2017 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network a | |
| CVE-2017-3261 | Med | 4.3 | < 1.8.0_sr4.0-23.1 | 1.8.0_sr4.0-23.1 | Jan 27, 2017 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network | |
| CVE-2017-3259 | Low | 3.7 | < 1.8.0_sr4.0-23.1 | 1.8.0_sr4.0-23.1 | Jan 27, 2017 | Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromi | |
| CVE-2017-3253 | Hig | 7.5 | < 1.8.0_sr4.0-23.1 | 1.8.0_sr4.0-23.1 | Jan 27, 2017 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated at | |
| CVE-2017-3252 | Med | 5.8 | < 1.8.0_sr4.0-23.1 | 1.8.0_sr4.0-23.1 | Jan 27, 2017 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAAS). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Difficult to exploit vulnerability allows low privileged | |
| CVE-2017-3241 | Cri | 9.0 | < 1.8.0_sr4.0-23.1 | 1.8.0_sr4.0-23.1 | Jan 27, 2017 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Difficult to exploit vulnerability allows unauthenticated | |
| CVE-2017-3231 | Med | 4.3 | < 1.8.0_sr4.0-23.1 | 1.8.0_sr4.0-23.1 | Jan 27, 2017 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network | |
| CVE-2016-5552 | Med | 5.3 | < 1.8.0_sr4.0-23.1 | 1.8.0_sr4.0-23.1 | Jan 27, 2017 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenti | |
| CVE-2016-5549 | Med | 6.5 | < 1.8.0_sr4.0-23.1 | 1.8.0_sr4.0-23.1 | Jan 27, 2017 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access v | |
| CVE-2016-5548 | Med | 6.5 | < 1.8.0_sr4.0-23.1 | 1.8.0_sr4.0-23.1 | Jan 27, 2017 | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network a | |
| CVE-2016-5547 | Med | 5.3 | < 1.8.0_sr4.0-23.1 | 1.8.0_sr4.0-23.1 | Jan 27, 2017 | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated at | |
| CVE-2016-5597 | Med | 5.9 | < 1.8.0_sr3.21-20.1 | 1.8.0_sr3.21-20.1 | Oct 25, 2016 | Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect confidentiality via vectors related to Networking. | |
| CVE-2016-5573 | Hig | 8.3 | < 1.8.0_sr3.21-20.1 | 1.8.0_sr3.21-20.1 | Oct 25, 2016 | Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot, a different vulnerability than CVE-2016-5582. | |
| CVE-2016-5568 | Cri | 9.6 | < 1.8.0_sr3.21-20.1 | 1.8.0_sr3.21-20.1 | Oct 25, 2016 | Unspecified vulnerability in Oracle Java SE 6u121, 7u111, and 8u102 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT. | |
| CVE-2016-5556 | Cri | 9.6 | < 1.8.0_sr3.21-20.1 | 1.8.0_sr3.21-20.1 | Oct 25, 2016 | Unspecified vulnerability in Oracle Java SE 6u121, 7u111, and 8u102 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to 2D. | |
| CVE-2016-5554 | Med | 4.3 | < 1.8.0_sr3.21-20.1 | 1.8.0_sr3.21-20.1 | Oct 25, 2016 | Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect integrity via vectors related to JMX. | |
| CVE-2016-5542 | Low | 3.1 | < 1.8.0_sr3.21-20.1 | 1.8.0_sr3.21-20.1 | Oct 25, 2016 | Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect integrity via vectors related to Libraries. | |
| CVE-2016-2183 | Hig | 7.5 | < 1.8.0_sr4.0-23.1 | 1.8.0_sr4.0-23.1 | Sep 1, 2016 | The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-dura |
- affected < 1.8.0_sr5.5-30.13.1fixed 1.8.0_sr5.5-30.13.1
The Type_MLU_Read function in cmstypes.c in Little CMS (aka lcms2) allows remote attackers to obtain sensitive information or cause a denial of service via an image with a crafted ICC profile, which triggers an out-of-bounds heap read.
- affected < 1.8.0_sr4.0-23.1fixed 1.8.0_sr4.0-23.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access via
- affected < 1.8.0_sr4.0-23.1fixed 1.8.0_sr4.0-23.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network a
- affected < 1.8.0_sr4.0-23.1fixed 1.8.0_sr4.0-23.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network
- affected < 1.8.0_sr4.0-23.1fixed 1.8.0_sr4.0-23.1
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromi
- affected < 1.8.0_sr4.0-23.1fixed 1.8.0_sr4.0-23.1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated at
- affected < 1.8.0_sr4.0-23.1fixed 1.8.0_sr4.0-23.1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAAS). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Difficult to exploit vulnerability allows low privileged
- affected < 1.8.0_sr4.0-23.1fixed 1.8.0_sr4.0-23.1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Difficult to exploit vulnerability allows unauthenticated
- affected < 1.8.0_sr4.0-23.1fixed 1.8.0_sr4.0-23.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network
- affected < 1.8.0_sr4.0-23.1fixed 1.8.0_sr4.0-23.1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenti
- affected < 1.8.0_sr4.0-23.1fixed 1.8.0_sr4.0-23.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network access v
- affected < 1.8.0_sr4.0-23.1fixed 1.8.0_sr4.0-23.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111. Easily exploitable vulnerability allows unauthenticated attacker with network a
- affected < 1.8.0_sr4.0-23.1fixed 1.8.0_sr4.0-23.1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Easily exploitable vulnerability allows unauthenticated at
- affected < 1.8.0_sr3.21-20.1fixed 1.8.0_sr3.21-20.1
Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect confidentiality via vectors related to Networking.
- affected < 1.8.0_sr3.21-20.1fixed 1.8.0_sr3.21-20.1
Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot, a different vulnerability than CVE-2016-5582.
- affected < 1.8.0_sr3.21-20.1fixed 1.8.0_sr3.21-20.1
Unspecified vulnerability in Oracle Java SE 6u121, 7u111, and 8u102 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to AWT.
- affected < 1.8.0_sr3.21-20.1fixed 1.8.0_sr3.21-20.1
Unspecified vulnerability in Oracle Java SE 6u121, 7u111, and 8u102 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to 2D.
- affected < 1.8.0_sr3.21-20.1fixed 1.8.0_sr3.21-20.1
Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect integrity via vectors related to JMX.
- affected < 1.8.0_sr3.21-20.1fixed 1.8.0_sr3.21-20.1
Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect integrity via vectors related to Libraries.
- affected < 1.8.0_sr4.0-23.1fixed 1.8.0_sr4.0-23.1
The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-dura
Page 9 of 10